stage.burai.online Open in urlscan Pro
2600:9000:20ae:9000:10:c6da:1440:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://backend.burai.online/
Effective URL:
https://stage.burai.online/
Submission: On June 09 via api (June 9th 2024, 6:30:42 am UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 22 HTTP transactions. The main IP is 2600:9000:20ae:9000:10:c6da:1440:93a1, located in United States and belongs to AMAZON-02, US. The main domain is stage.burai.online.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 24th 2024. Valid for: a year.

This is the only time stage.burai.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	34.192.182.199 34.192.182.199	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:9000:20a... 2600:9000:20ae:9000:10:c6da:1440:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.233.8.22 3.233.8.22	14618 (AMAZON-AES) (AMAZON-AES)
1	172.65.240.166 172.65.240.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
22	12

4 34.192.182.199 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-182-199.compute-1.amazonaws.com

backend.burai.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:20ae:9000:10:c6da:1440:93a1 (United States)

ASN16509 (AMAZON-02, US)

stage.burai.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.233.8.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-8-22.compute-1.amazonaws.com

keycloak.burai.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	burai.online 1 redirects backend.burai.online stage.burai.online keycloak.burai.online	766 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	3 KB
2	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 30576 forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 31590	25 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	hubspot.com track-eu1.hubspot.com — Cisco Umbrella Rank: 17690	1 KB
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 17312	24 KB
1	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 17196	26 KB
1	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 16069	1 KB
1	google.com apis.google.com — Cisco Umbrella Rank: 185	6 KB
22	9

	Domain	Requested by
5	stage.burai.online	stage.burai.online
4	fonts.googleapis.com	stage.burai.online
4	backend.burai.online	1 redirects stage.burai.online
2	keycloak.burai.online	stage.burai.online keycloak.burai.online
1	fonts.gstatic.com	fonts.googleapis.com
1	track-eu1.hubspot.com
1	forms-eu1.hscollectedforms.net	js-eu1.hscollectedforms.net
1	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	js-eu1.hs-banner.com	js-eu1.hs-scripts.com
1	js-eu1.hs-scripts.com	stage.burai.online
1	apis.google.com	stage.burai.online
22	12

This site contains no links.

Subject Issuer	Validity	Valid
*.burai.online Amazon RSA 2048 M02	`2024-01-24` - `2025-02-21`	a year	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.apis.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
hs-scripts.com E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
hs-analytics.net GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
hscollectedforms.net E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh
keycloak.burai.online Amazon RSA 2048 M02	`2024-02-26` - `2025-03-26`	a year	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://stage.burai.online/
Frame ID: AF5D10EF6B4EB2B1BC9456B1A30B4AB8
Requests: 21 HTTP requests in this frame

Frame: https://keycloak.burai.online/realms/production-realm/protocol/openid-connect/3p-cookies/step2.html
Frame ID: 07D713A92C54FB4DE8CD2A072FDB2A44
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Burai MVP

Page URL History Show full URLs

https://backend.burai.online/ HTTP 301
https://stage.burai.online/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

22
Requests

100 %
HTTPS

36 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

869 kB
Transfer

2303 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://backend.burai.online/ HTTP 301
https://stage.burai.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
stage.burai.online/
Redirect Chain

https://backend.burai.online/
https://stage.burai.online/

2 KB
1 KB

503ms
416ms

Document
text/html

2600:9000:20ae:9000:10:c6da:1440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stage.burai.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:9000:10:c6da:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1749391a6ca2e317b608ffd95bee5077256836fe0fc666d15424130812122e76

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=2
content-encoding: gzip
content-type: text/html
date: Sun, 09 Jun 2024 06:30:36 GMT
etag: W/"42301186fcbfe3f8eac1557a18a67c6a"
last-modified: Fri, 07 Jun 2024 10:14:48 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 3e8fb1cae95e63b7f329b9330db0c47a.cloudfront.net (CloudFront)
x-amz-cf-id: 8LNX5UDs0ax9BCqiP_wkNuPbomKefxAYIBR5IEKkEFkqOGEw4lN3Rg==
x-amz-cf-pop: MUC50-P5
x-cache: Miss from cloudfront

Redirect headers

content-length: 134
content-type: text/html
date: Sun, 09 Jun 2024 06:30:36 GMT
location: https://stage.burai.online:443/
server: awselb/2.0

GET
H2 200 css
fonts.googleapis.com/ 13 KB
966 B 72ms
18ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Requested by

Host: stage.burai.online
URL: https://stage.burai.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jun 2024 06:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Jun 2024 05:34:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jun 2024 06:30:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
494 B 75ms
21ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@24,400..700,0,0;24,400..700,1,0&display=block

Requested by

Host: stage.burai.online
URL: https://stage.burai.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

497516a1843dc8880a6d1f8cf39f0b6d1b92fe624ac4a04224bff92cde68646c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jun 2024 06:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Jun 2024 06:30:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jun 2024 06:30:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
855 B 69ms
16ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Rounded:opsz,wght,FILL,GRAD@24,400..700,0,0;24,400..700,1,0&display=block

Requested by

Host: stage.burai.online
URL: https://stage.burai.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b223f20f0db7d520bc3434c7895eb27d0f70972ad655816e2e18599aae1d3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jun 2024 06:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Jun 2024 06:30:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jun 2024 06:30:36 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
491 B 72ms
19ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Sharp:opsz,wght,FILL,GRAD@24,400..700,0,0;24,400..700,1,0&display=block

Requested by

Host: stage.burai.online
URL: https://stage.burai.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e5775048a910d1db91562fecfa09f0dd1a99173acad69a3071a3fb08c96d60a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jun 2024 06:30:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 09 Jun 2024 06:30:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jun 2024 06:30:36 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ 15 KB
6 KB 76ms
23ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: stage.burai.online
URL: https://stage.burai.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88d29196704fd584683a1634d2e062e7439009f73a9aa666c06790dff4425d69

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/
Origin: https://stage.burai.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 09 Jun 2024 06:30:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5889
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "3a37f5f75b5cfd05"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 06:30:36 GMT

GET
H2 200 143223057.js Show response
js-eu1.hs-scripts.com/ 2 KB
1 KB 167ms
112ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hs-scripts.com/143223057.js

Requested by

Host: stage.burai.online
URL: https://stage.burai.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61adc0633b2a172c5740fd54f65951ce0333b03abf86d43c466e0f759188e557

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 06:30:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f7555cbb-b4cf-43ed-96d7-bfdd12f728af
x-envoy-upstream-service-time: 48
content-length: 610
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f7555cbb-b4cf-43ed-96d7-bfdd12f728af
last-modified: Sat, 08 Jun 2024 00:37:23 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://stage.burai.online
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-68d6f869c4-rl54z
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 890f12f17fe78ed3-FRA

GET
H2 200 index-C859oD9J.js Show response
stage.burai.online/assets/ 1 MB
446 KB 486ms
484ms Script
application/javascript 2600:9000:20ae:9000:10:c6da:1440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stage.burai.online/assets/index-C859oD9J.js
Requested by: Host: stage.burai.online
URL: https://stage.burai.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:9000:10:c6da:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b4a04367cf44877740c3be11e84741a2a6089acba56b64fb69ab6ef2bc8d6c8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/
Origin: https://stage.burai.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 06:30:37 GMT
content-encoding: gzip
via: 1.1 3e8fb1cae95e63b7f329b9330db0c47a.cloudfront.net (CloudFront)
last-modified: Fri, 07 Jun 2024 10:14:48 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P5
etag: W/"33e0913c3623cd41be06f97e6316ab56"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: public, max-age=0, s-maxage=2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: b1TN7z4zMZphjHs7PUzIHtbprVTCDDsE8vj6ft53MrONXtqR6_noWg==

GET
H2 200 index-BzdOUI0Z.css
stage.burai.online/assets/ 292 KB
46 KB 467ms
467ms Stylesheet
text/css 2600:9000:20ae:9000:10:c6da:1440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stage.burai.online/assets/index-BzdOUI0Z.css
Requested by: Host: stage.burai.online
URL: https://stage.burai.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ae:9000:10:c6da:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e569384d0c36431c56a3bd8af869e68918290db0175089e09cb4f212ea3a519

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/
Origin: https://stage.burai.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 06:30:37 GMT
content-encoding: gzip
via: 1.1 3e8fb1cae95e63b7f329b9330db0c47a.cloudfront.net (CloudFront)
last-modified: Fri, 07 Jun 2024 10:14:48 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P5
etag: W/"1ff10312622a46c9194b06e96d7934fa"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
cache-control: public, max-age=0, s-maxage=2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 06iqweawxrFj0qkwOC7g5cwrQJNlkaSDIHorPhD9U5yGGJ0luaEakA==

GET
H2 200 banner.js Show response
js-eu1.hs-banner.com/v2/143223057/ 71 KB
26 KB 240ms
95ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/143223057/banner.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/143223057.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d717fba337d419e6c6044219b3e2de4db86d46d2421fe851724b8f0659fcfad

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 06:30:37 GMT
x-amz-version-id: K8zgh8QUf6SxoyLNEIcwH37tOvblcfBV
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: G9TEX102Q8XX6RGA
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 2fe2fff9-347b-405d-ae04-60ec23f03cc0
x-envoy-upstream-service-time: 46
x-amz-id-2: m8Nx12Khp/NY2CCD/4gzsI7MQBzKoMZ/nQqIaD7uX1OEFvjtqAcf6bQA0505jlwLrcw62+mkUj0=
x-evy-trace-listener: listener_https
x-request-id: 2fe2fff9-347b-405d-ae04-60ec23f03cc0
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 16 May 2024 12:12:04 GMT
server: cloudflare
etag: W/"5efc0ecfb94552e25653b0c24dc54ace"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://stage.burai.online
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-8wv55
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 890f12f31dd29b31-FRA
expires: Sun, 09 Jun 2024 06:35:37 GMT

GET
H2 200 143223057.js Show response
js-eu1.hs-analytics.net/analytics/1717914600000/ 67 KB
24 KB 248ms
79ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1717914600000/143223057.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/143223057.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca40ac05724143cc97d56da1a67f0fe1df18737f66edc197ab9ec40d64e0cb06

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 06:30:37 GMT
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: G9T8VAZJMDYN5M3J
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: f81561a1-10b0-4712-bda1-8a2c331b8e45
x-envoy-upstream-service-time: 26
x-amz-id-2: OAtSct9ddtzyIZVIuO6BMGhq5MORBcmB1ofP6FzSL5PDkepaYUSXRfoLd6SIBW8dC16c8GVql+88wKShJTndqoMNti78YQic1DAkYkDcbs8=
x-evy-trace-listener: listener_https
x-request-id: f81561a1-10b0-4712-bda1-8a2c331b8e45
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 30 May 2024 22:03:48 GMT
server: cloudflare
etag: W/"903661c3888fa3617878c799d7ad2f7b"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-f5f6f765-tzlhx
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 890f12f34a3404a3-FRA
expires: Sun, 09 Jun 2024 06:35:37 GMT

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 69 KB
25 KB 191ms
21ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hscollectedforms.net/collectedforms.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/143223057.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/
Origin: https://stage.burai.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 06:30:37 GMT
x-amz-version-id: WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d2d6641f7f4e620ab86172e07bc2a884.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA60-P6
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 27eadf38-fc34-4c8f-8506-6d1c8f5d9fbf
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=890f12f34ffa925b-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 27eadf38-fc34-4c8f-8506-6d1c8f5d9fbf
last-modified: Wed, 15 May 2024 14:34:44 UTC
server: cloudflare
etag: W/"7d377a186677c174f204d466b8fa5fdb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5dd8ff7977-w9t25
cf-ray: 890f12f34ffa925b-FRA
x-amz-cf-id: tOWBes-aF8U7bOGij9aa5tbxWhK0ebmMtfIOw_VOxYwl2cKUDTvypw==
x-hs-target-asset: collected-forms-embed-js/static-1.503/bundles/project.js

GET
H2 200 json Show response
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 136 B
425 B 58ms
30ms XHR
application/json 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=143223057&utk=

Requested by

Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8798572131249d77cf7ab060aad635c6cdb3e6a4e3541aff7f3b472813029627

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://stage.burai.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 06:30:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9c4d7361-2bd2-4745-b8ef-54d82cdad76b
x-envoy-upstream-service-time: 13
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9c4d7361-2bd2-4745-b8ef-54d82cdad76b
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://stage.burai.online
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5dd8ff7977-w9t25
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 890f12f41889925b-FRA

GET
H/1.1 200
OK step1.html Show response
keycloak.burai.online/realms/production-realm/protocol/openid-connect/3p-cookies/ Frame 07D7 2 KB
3 KB 429ms
98ms Document
text/html 3.233.8.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://keycloak.burai.online/realms/production-realm/protocol/openid-connect/3p-cookies/step1.html

Requested by

Host: stage.burai.online
URL: https://stage.burai.online/assets/index-C859oD9J.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.8.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-8-22.compute-1.amazonaws.com

Software

envoy /

Resource Hash

4080ffc9ca89666f1492cd9742da52ad6e56bd36191233f9d17f64f1610c22f8

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://stage.burai.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, must-revalidate, no-transform, no-store
content-length: 2318
content-security-policy: frame-src 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Sun, 09 Jun 2024 06:30:38 GMT
referrer-policy: no-referrer
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK step2.html Show response
keycloak.burai.online/realms/production-realm/protocol/openid-connect/3p-cookies/ Frame 07D7 686 B
1 KB 107ms
107ms Document
text/html 3.233.8.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://keycloak.burai.online/realms/production-realm/protocol/openid-connect/3p-cookies/step2.html

Requested by

Host: keycloak.burai.online
URL: https://keycloak.burai.online/realms/production-realm/protocol/openid-connect/3p-cookies/step1.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.8.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-8-22.compute-1.amazonaws.com

Software

envoy /

Resource Hash

27abff3edf4192d73c66f42fe9a773358b54c46a38afaa5f1cfe1753f68415eb

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, must-revalidate, no-transform, no-store
content-length: 686
content-security-policy: frame-src 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Sun, 09 Jun 2024 06:30:38 GMT
referrer-policy: no-referrer
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
1 KB 165ms
71ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1608735010&v=1.1&a=143223057&pu=https%3A%2F%2Fstage.burai.online%2F&t=Burai+MVP&cts=1717914638937&vi=bc88706c473b2782327b2ed44bff6d6c&nc=true&u=216171017.bc88706c473b2782327b2ed44bff6d6c.1717914638932.1717914638932.1717914638932.1&b=216171017.1.1717914638932&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 06:30:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 032a4eb3-afa4-4cc9-9a6f-1adb028017be
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 032a4eb3-afa4-4cc9-9a6f-1adb028017be
last-modified: Sun, 09 Jun 2024 06:30:39 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxZwJzJna3nxzYC2A58ScjYWkD5Md7dlH%2F3W6xNQxIr%2Bztb61aJlvZTl47687VMWGmIW0OljIoodKI6ipg32pwn41XI9reyvmua8WvGMbx1J1H6B8A3V529vO4wfW%2F8%2BsFAr3cTLqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-5dfb646764-ksv98
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 890f12fe1d0c195e-FRA
x-robots-tag: none

GET
DATA 200
OK truncated
/ 653 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cf6a1a7ac1a87b21fb84c78d5da40eb4566264fbe5d7b9400c744b957e295f1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35a1e0def05e198a905765fd037e3b0084821b22216ce15dee1388b0ac7ff419

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 csrf-token Show response
backend.burai.online/api/core/user/ 74 B
988 B 279ms
99ms XHR
application/json 34.192.182.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.burai.online/api/core/user/csrf-token

Requested by

Host: stage.burai.online
URL: https://stage.burai.online/assets/index-C859oD9J.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.192.182.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-182-199.compute-1.amazonaws.com

Software

Resource Hash

a4834d54b3b5272f58a1e846a43548064c5a5cd5b4788ab8f8591c7e42dbc017

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://stage.burai.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 06:30:39 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 74
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"4a-ev3j0BNk/Ilhs1BX1iTBJcVT3xY"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://stage.burai.online
origin-agent-cluster: ?1
access-control-allow-credentials: true
access-control-allow-methods: GET,PUT,POST,DELETE,UPDATE,OPTIONS
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept

GET
H3 200 buraibg-B59_FSCh.png
stage.burai.online/assets/ 13 KB
13 KB 504ms
492ms Image
image/png 2600:9000:20ae:9000:10:c6da:1440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stage.burai.online/assets/buraibg-B59_FSCh.png
Requested by: Host: stage.burai.online
URL: https://stage.burai.online/assets/index-BzdOUI0Z.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20ae:9000:10:c6da:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87b1111ee5f9257523058554d9ede625849011fc8a2b9b4f1da410e89a4d3618

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/assets/index-BzdOUI0Z.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 06:30:39 GMT
via: 1.1 7b7e33ce27dedf9c28b39ecc0309b556.cloudfront.net (CloudFront)
last-modified: Fri, 07 Jun 2024 10:14:48 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P5
etag: "fef4a092e0112dbd715317f43b838092"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 12951
x-amz-cf-id: JK54USBDkw4BOj-hkHeffF83K1K7OGI5UjZZuX2MrxNuLX-y6Gbp_Q==

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 225ms
12ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://stage.burai.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 05:44:28 GMT
x-content-type-options: nosniff
age: 175571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 05:44:28 GMT

GET
H3 200 favicon-oUZYeXgW.ico
stage.burai.online/assets/ 15 KB
15 KB 440ms
440ms Other
image/vnd.microsoft.icon 2600:9000:20ae:9000:10:c6da:1440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stage.burai.online/assets/favicon-oUZYeXgW.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20ae:9000:10:c6da:1440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ca6cc7c79a9f9fc2e946e0909d03170eb502295ceae28e82c4de37ae4a7d9fa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://stage.burai.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 06:30:39 GMT
via: 1.1 7b7e33ce27dedf9c28b39ecc0309b556.cloudfront.net (CloudFront)
last-modified: Fri, 07 Jun 2024 10:14:48 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P5
etag: "a14de7b6f6d59e57d3889865c6051698"
x-cache: Miss from cloudfront
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=0, s-maxage=2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 15406
x-amz-cf-id: r6y-5BddZxaBHETEbpheDQsMUU52OEcNrXafs9lK6w_cGIi5bQmOVA==

GET
H2 200 images Show response
backend.burai.online/api/core/user/ 238 KB
239 KB 267ms
267ms XHR
application/json 34.192.182.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.burai.online/api/core/user/images

Requested by

Host: stage.burai.online
URL: https://stage.burai.online/assets/index-C859oD9J.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.192.182.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-182-199.compute-1.amazonaws.com

Software

Resource Hash

c3febe18b9f7959ad46e82559d702a9bc2afb269a747267e1a995903df2cb1c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept: application/json
Referer: https://stage.burai.online/
X-Access-Token
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 06:30:39 GMT
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 243305
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
etag: W/"3b669-Y0JlXSHTYJD26zbC3/TtDsSNe8o"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://stage.burai.online
origin-agent-cluster: ?1
access-control-allow-credentials: true
access-control-allow-methods: GET,PUT,POST,DELETE,UPDATE,OPTIONS
access-control-allow-headers: X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept

OPTIONS
H2 204 images
backend.burai.online/api/core/user/ Frame 0
0 98ms
97ms Preflight 34.192.182.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.burai.online/api/core/user/images

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.192.182.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-182-199.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-access-token
Access-Control-Request-Method: GET
Origin: https://stage.burai.online
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-access-token
access-control-allow-methods: GET,PUT,POST,DELETE,UPDATE,OPTIONS,PATCH
access-control-allow-origin: https://stage.burai.online
content-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Sun, 09 Jun 2024 06:30:39 GMT
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
stage.burai.online/	1970-01-21 01:31:06	Name: __hstc Value: 216171017.bc88706c473b2782327b2ed44bff6d6c.1717914638932.1717914638932.1717914638932.1
stage.burai.online/	1970-01-21 01:31:06	Name: hubspotutk Value: bc88706c473b2782327b2ed44bff6d6c
stage.burai.online/	1969-12-31 23:59:59	Name: __hssrc Value: 1
stage.burai.online/	1970-01-20 21:11:56	Name: __hssc Value: 216171017.1.1717914638932
.hubspot.com/	1970-01-20 21:11:56	Name: __cf_bm Value: WCZom5Ya_Jf0qytF4uU59vxQCL14tyT9xBPljB6N2K4-1717914639-1.0.1.1-IDdxa5dQ1PEMrVfGhzv5OgYnq88uDeIal5GO5mjlYkwrCo_pPCIEg7O0claaV_Bm5JyBZCmJoAOghPCVHjElTA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: ye6r1Sbyd3_F0mDEcZhNzqas7d1b7RSTkFhW9zJtUos-1717914639108-0.0.1.1-604800000

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://stage.burai.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://stage.burai.online/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
backend.burai.online
fonts.googleapis.com
fonts.gstatic.com
forms-eu1.hscollectedforms.net
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
keycloak.burai.online
stage.burai.online
track-eu1.hubspot.com
172.65.192.122
172.65.202.201
172.65.208.22
172.65.238.60
172.65.240.166
2600:9000:20ae:9000:10:c6da:1440:93a1
2a00:1450:4001:806::200a
2a00:1450:4001:828::2003
2a00:1450:4001:831::200e
3.233.8.22
34.192.182.199
1749391a6ca2e317b608ffd95bee5077256836fe0fc666d15424130812122e76
1ca6cc7c79a9f9fc2e946e0909d03170eb502295ceae28e82c4de37ae4a7d9fa
27abff3edf4192d73c66f42fe9a773358b54c46a38afaa5f1cfe1753f68415eb
35a1e0def05e198a905765fd037e3b0084821b22216ce15dee1388b0ac7ff419
3d717fba337d419e6c6044219b3e2de4db86d46d2421fe851724b8f0659fcfad
4080ffc9ca89666f1492cd9742da52ad6e56bd36191233f9d17f64f1610c22f8
4680f0242ae53304a6bf932234579ecf1100b3473bd822857943a3e5a2e01f8d
497516a1843dc8880a6d1f8cf39f0b6d1b92fe624ac4a04224bff92cde68646c
4b4a04367cf44877740c3be11e84741a2a6089acba56b64fb69ab6ef2bc8d6c8
4e569384d0c36431c56a3bd8af869e68918290db0175089e09cb4f212ea3a519
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
61adc0633b2a172c5740fd54f65951ce0333b03abf86d43c466e0f759188e557
6b223f20f0db7d520bc3434c7895eb27d0f70972ad655816e2e18599aae1d3f0
8798572131249d77cf7ab060aad635c6cdb3e6a4e3541aff7f3b472813029627
87b1111ee5f9257523058554d9ede625849011fc8a2b9b4f1da410e89a4d3618
88d29196704fd584683a1634d2e062e7439009f73a9aa666c06790dff4425d69
8cf6a1a7ac1a87b21fb84c78d5da40eb4566264fbe5d7b9400c744b957e295f1
9e5775048a910d1db91562fecfa09f0dd1a99173acad69a3071a3fb08c96d60a
a4834d54b3b5272f58a1e846a43548064c5a5cd5b4788ab8f8591c7e42dbc017
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c3febe18b9f7959ad46e82559d702a9bc2afb269a747267e1a995903df2cb1c1
ca40ac05724143cc97d56da1a67f0fe1df18737f66edc197ab9ec40d64e0cb06
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

stage.burai.online Open in urlscan Pro 2600:9000:20ae:9000:10:c6da:1440:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

36 %IPv6

9 Domains

12 Subdomains

12 IPs

2 Countries

869 kBTransfer

2303 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

6 Cookies

2 Console Messages

Indicators

stage.burai.online Open in urlscan Pro
2600:9000:20ae:9000:10:c6da:1440:93a1 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

36 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

869 kB
Transfer

2303 kB
Size

6
Cookies

22 HTTP transactions
2 data transactions