bulbasaur-identity.herokuapp.com Open in urlscan Pro
18.205.61.98  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response bulbasaur-identity.herokuapp.com/	5 KB 6 KB	312ms 106ms	Document text/html	18.205.61.98 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bulbasaur-identity.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.205.61.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-61-98.compute-1.amazonaws.com Software / Resource Hash 578d33f073e9abdfed9a6e598a5b1c482113a97b4094ede891fc22697dd1d1c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Host bulbasaur-identity.herokuapp.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Cache-Control max-age=0, private, must-revalidate Content-Type text/html; charset=utf-8 Etag W/"578d33f073e9abdfed9a6e598a5b1c48" Referrer-Policy strict-origin-when-cross-origin Set-Cookie _bulbasaur_session=8l%2B4qh1%2FP028cE71behL9WmVW4051%2BzCnX9PeDBlEtzfHhyXzUztoiOyUfOekVaNpvSK1wzpXZxifzJbHTZ5ZVM75A47q1iji0Nto7necEuIjDO7KJyZLCRyE2qTTdmfvr73I5%2BlrklQ5gIYjeDOqrjkOBeJjCMftDfoHqif%2FN8AsxbvBRaxgLSa--dMIOXl47nC9TzRKt--WT9sGiqnV1QoZh%2F7svpLrw%3D%3D; path=/; HttpOnly; secure _bulbasaur_session=y8ydcG6hIvysToWIAAuIOR9YC%2FS60CEDREcsbb0CjzgETQBrbOcjx%2BOJs%2BbyhEfYhy2%2F8fU%2F1tToZvWVHQ9V0aAyZx%2BbVB8hBvDr4tNLdKlzeLJNQtV7S9BIzSvi24sf2ZX9ZQN3wVZly9n8ToYTP7CUBDDTLrjm2jaSUjYi1f107U8dnnyZ%2FEHq--EFPo%2FDkRjRUKGHkB--Un6Zje7uTbzGWjESDoysLQ%3D%3D; path=/; HttpOnly; secure Strict-Transport-Security max-age=31536000; includeSubDomains Via 1.1 spaces-router (fc27938738da-dirty) X-Content-Type-Options nosniff X-Download-Options noopen X-Frame-Options SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-Request-Id ff8ee526-84e9-ccd4-1847-0659e4e5b4e9 X-Runtime 0.007312 X-Xss-Protection 1; mode=block Date Wed, 14 Apr 2021 04:24:50 GMT Transfer-Encoding chunked
GET H/1.1	200 OK	vendor-61d6df72f851b105c439b679d0334eca.css bulbasaur-identity.herokuapp.com/assets/	35 KB 36 KB	105ms 103ms	Stylesheet text/css	18.205.61.98 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bulbasaur-identity.herokuapp.com/assets/vendor-61d6df72f851b105c439b679d0334eca.css Requested by Host: bulbasaur-identity.herokuapp.com URL: https://bulbasaur-identity.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.205.61.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-61-98.compute-1.amazonaws.com Software / Resource Hash db229f21b6e3a11d8fce9a5b063ab4109987d65b8469b3d149b7c2b2395b8601 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://bulbasaur-identity.herokuapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Runtime 0.004143 Strict-Transport-Security max-age=31536000; includeSubDomains Via 1.1 spaces-router (fc27938738da-dirty) Last-Modified Wed, 14 Apr 2021 04:16:20 GMT Date Wed, 14 Apr 2021 04:24:50 GMT Content-Type text/css Cache-Control no-cache Content-Length 36049 X-Request-Id 108611c0-42b1-d719-f128-f5b3d33c398a
GET H2	200	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	68ms 66ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: bulbasaur-identity.herokuapp.com URL: https://bulbasaur-identity.herokuapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://bulbasaur-identity.herokuapp.com Referer https://bulbasaur-identity.herokuapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 04:24:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 723, 617, 617 access-control-allow-origin * cdn-cachedat 2021-04-13 22:54:14 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09703902e30000177e45955000000001 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:55 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 800df1f5cc847e8458a7cc4eb8cd3824 cf-ray 63fa2ab16dbe177e-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H/1.1	200 OK	charmander-1e91a53054b180571de09fa49d160845.css bulbasaur-identity.herokuapp.com/assets/	239 KB 240 KB	293ms 100ms	Stylesheet text/css	18.205.61.98 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bulbasaur-identity.herokuapp.com/assets/charmander-1e91a53054b180571de09fa49d160845.css Requested by Host: bulbasaur-identity.herokuapp.com URL: https://bulbasaur-identity.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.205.61.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-61-98.compute-1.amazonaws.com Software / Resource Hash bc4838cb8c5bdfb6513758ce954a9e5de62c4686a814693589296aea93cebc4c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://bulbasaur-identity.herokuapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Runtime 0.001300 Strict-Transport-Security max-age=31536000; includeSubDomains Via 1.1 spaces-router (fc27938738da-dirty) Last-Modified Wed, 14 Apr 2021 04:16:20 GMT Date Wed, 14 Apr 2021 04:24:50 GMT Content-Type text/css Cache-Control no-cache Content-Length 244723 X-Request-Id 12ff4d9c-8386-6cb0-05e0-b80374f2d144
GET H2	200	raven.min.js Show response cdn.ravenjs.com/3.22.1/	28 KB 11 KB	42ms 13ms	Script application/javascript	2a04:4e42:600::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.ravenjs.com/3.22.1/raven.min.js Requested by Host: bulbasaur-identity.herokuapp.com URL: https://bulbasaur-identity.herokuapp.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 0bce161c1546eba68585e5b193dd43e865c729dfaae9fe8904fcca51bbb55b33 Request headers Referer https://bulbasaur-identity.herokuapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 14 Apr 2021 04:24:50 GMT content-encoding gzip last-modified Mon, 15 Jan 2018 12:12:19 GMT server Fastly age 62069 etag "9c99806be4993ea92ae76f58fa2dfdb6" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * content-length 10646
GET H/1.1	200 OK	vendor-22ba9c65cd35e0387c519dd12821882f.js Show response bulbasaur-identity.herokuapp.com/assets/	2 MB 2 MB	296ms 99ms	Script application/javascript	18.205.61.98 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bulbasaur-identity.herokuapp.com/assets/vendor-22ba9c65cd35e0387c519dd12821882f.js Requested by Host: bulbasaur-identity.herokuapp.com URL: https://bulbasaur-identity.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.205.61.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-61-98.compute-1.amazonaws.com Software / Resource Hash f31404d1cd5f6abf769d866f8cf6688c98e426da64bc6ea8965391492d1295f8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://bulbasaur-identity.herokuapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Runtime 0.000996 Strict-Transport-Security max-age=31536000; includeSubDomains Via 1.1 spaces-router (fc27938738da-dirty) Last-Modified Wed, 14 Apr 2021 04:16:20 GMT Date Wed, 14 Apr 2021 04:24:50 GMT Content-Type application/javascript Cache-Control no-cache Content-Length 1934370 X-Request-Id 47046cfd-5cb5-5dcb-6526-d24ae770bd60
GET H/1.1	200 OK	charmander-7838732cb8f18d35022a56b2882fd660.js Show response bulbasaur-identity.herokuapp.com/assets/	1 MB 1 MB	505ms 306ms	Script application/javascript	18.205.61.98 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bulbasaur-identity.herokuapp.com/assets/charmander-7838732cb8f18d35022a56b2882fd660.js Requested by Host: bulbasaur-identity.herokuapp.com URL: https://bulbasaur-identity.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.205.61.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-61-98.compute-1.amazonaws.com Software / Resource Hash d1cc8b286d1044d8f51d0045251e891a046660346e885c1246afc08462f34ef1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://bulbasaur-identity.herokuapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Runtime 0.001215 Strict-Transport-Security max-age=31536000; includeSubDomains Via 1.1 spaces-router (fc27938738da-dirty) Last-Modified Wed, 14 Apr 2021 04:16:20 GMT Date Wed, 14 Apr 2021 04:24:50 GMT Content-Type application/javascript Cache-Control no-cache Content-Length 1102987 X-Request-Id 1b9e0b0c-b274-0e8c-0174-1529d8889c17
GET H2	200	css fonts.googleapis.com/	10 KB 903 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,400italic Requested by Host: bulbasaur-identity.herokuapp.com URL: https://bulbasaur-identity.herokuapp.com/assets/charmander-1e91a53054b180571de09fa49d160845.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ed7417187bc535fe583beec5f8796cd36869aff2763265a2c29536530319c59e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://bulbasaur-identity.herokuapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 14 Apr 2021 04:00:11 GMT server ESF date Wed, 14 Apr 2021 04:24:50 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 14 Apr 2021 04:24:50 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 644 B	22ms 22ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:300,500,700 Requested by Host: bulbasaur-identity.herokuapp.com URL: https://bulbasaur-identity.herokuapp.com/assets/charmander-1e91a53054b180571de09fa49d160845.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 495ee113ad8fb652cdfbaf27ca586a60fcd9e363e352e82ded113ff9755c9475 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://bulbasaur-identity.herokuapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 14 Apr 2021 04:24:50 GMT server ESF date Wed, 14 Apr 2021 04:24:50 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 14 Apr 2021 04:24:50 GMT
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/7yUHnm6xplBCfXOTiIMdCr5Xb5BqPZz1/	351 KB 65 KB	747ms 653ms	Script text/javascript	99.84.151.85 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/7yUHnm6xplBCfXOTiIMdCr5Xb5BqPZz1/analytics.min.js Requested by Host: bulbasaur-identity.herokuapp.com URL: https://bulbasaur-identity.herokuapp.com/assets/charmander-7838732cb8f18d35022a56b2882fd660.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.84.151.85 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-84-151-85.txl52.r.cloudfront.net Software AmazonS3 / Resource Hash bbb83118b0b4e3c837a3d2706dd7928231ee80189d6f94d5a433f39b7a4d1887 Request headers Referer https://bulbasaur-identity.herokuapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id s15osjmmWekfjZCd7P7lclxsvQP1XCLY content-encoding gzip etag "200b1bc7a6d5499d2bfe0442185cbf51" x-amz-cf-pop TXL52-C1 x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED content-length 65427 access-control-allow-origin * last-modified Fri, 09 Apr 2021 20:28:10 GMT server AmazonS3 date Wed, 14 Apr 2021 04:24:52 GMT access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 via 1.1 3b9e149724e93026c0277288bbe3906a.cloudfront.net (CloudFront) cache-control public, max-age=120 accept-ranges bytes x-amz-cf-id U16DRsyNH4whwBZzUQS43uoJi8pP7J4B-C-kGxIrIm0Wi1rfqPADiA==
GET H/1.1	200 OK	ping Show response staging.tradegecko.com/	4 B 882 B	398ms 121ms	XHR text/plain	52.204.93.39 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://staging.tradegecko.com/ping Requested by Host: cdn.ravenjs.com URL: https://cdn.ravenjs.com/3.22.1/raven.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.204.93.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-204-93-39.compute-1.amazonaws.com Software Cowboy / Resource Hash 9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://bulbasaur-identity.herokuapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Apr 2021 04:24:51 GMT Access-Control-Request-Method * X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies none Access-Control-Allow-Origin * Connection close Content-Encoding gzip Vary Origin,Accept-Encoding X-Xss-Protection 1; mode=block X-Request-Id d732b709-730a-4393-9c2a-993d38aac6c0 X-Runtime 0.009882 Referrer-Policy strict-origin-when-cross-origin Server Cowboy X-Frame-Options SAMEORIGIN Etag W/"9795c5ff8937f23526ccb207a5684c1f" X-Download-Options noopen Strict-Transport-Security max-age=31536000; includeSubDomains Access-Control-Allow-Methods GET, OPTIONS Content-Type text/plain; charset=utf-8 Via 1.1 vegur Cache-Control max-age=0, private, must-revalidate Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization
GET H/1.1	404 Not Found	accounts Show response bulbasaur-identity.herokuapp.com/api/	63 B 1 KB	106ms 106ms	XHR application/json	18.205.61.98 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bulbasaur-identity.herokuapp.com/api/accounts Requested by Host: cdn.ravenjs.com URL: https://cdn.ravenjs.com/3.22.1/raven.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.205.61.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-61-98.compute-1.amazonaws.com Software / Resource Hash a629564a81fd21b88fd0c0597ce75469ab5266eb054a29eade51a11d12679b5e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://bulbasaur-identity.herokuapp.com/ X-CSRF-Token undefined User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 X-Requested-With XMLHttpRequest Response headers X-Runtime 0.006615 Strict-Transport-Security max-age=31536000; includeSubDomains Via 1.1 spaces-router (fc27938738da-dirty) Referrer-Policy strict-origin-when-cross-origin X-Permitted-Cross-Domain-Policies none Date Wed, 14 Apr 2021 04:24:51 GMT X-Download-Options noopen X-Frame-Options SAMEORIGIN Content-Type application/json; charset=utf-8 Cache-Control no-cache X-Content-Type-Options nosniff Content-Length 63 X-Xss-Protection 1; mode=block X-Request-Id bb238612-f1ce-7300-df0e-298ce042096b
GET H/1.1	200 OK	ping Show response staging.tradegecko.com/	4 B 882 B	445ms 224ms	XHR text/plain	52.204.93.39 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://staging.tradegecko.com/ping Requested by Host: cdn.ravenjs.com URL: https://cdn.ravenjs.com/3.22.1/raven.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.204.93.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-204-93-39.compute-1.amazonaws.com Software Cowboy / Resource Hash 9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://bulbasaur-identity.herokuapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 14 Apr 2021 04:24:52 GMT Access-Control-Request-Method * X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies none Access-Control-Allow-Origin * Connection close Content-Encoding gzip Vary Origin,Accept-Encoding X-Xss-Protection 1; mode=block X-Request-Id d3d38426-4a83-4fdb-bde8-380e6c851331 X-Runtime 0.026656 Referrer-Policy strict-origin-when-cross-origin Server Cowboy X-Frame-Options SAMEORIGIN Etag W/"9795c5ff8937f23526ccb207a5684c1f" X-Download-Options noopen Strict-Transport-Security max-age=31536000; includeSubDomains Access-Control-Allow-Methods GET, OPTIONS Content-Type text/plain; charset=utf-8 Via 1.1 vegur Cache-Control max-age=0, private, must-revalidate Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept, Authorization
GET H/1.1	200 OK	store-not-found.svg bulbasaur-identity.herokuapp.com/assets/images/	9 KB 10 KB	303ms 302ms	Image image/svg+xml	18.205.61.98 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bulbasaur-identity.herokuapp.com/assets/images/store-not-found.svg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.205.61.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-61-98.compute-1.amazonaws.com Software / Resource Hash 5961a42ecdc9166609c334d84528cbb09b7b6fbf9581d89e48bc7d67a067af09 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://bulbasaur-identity.herokuapp.com/store-not-found User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Runtime 0.001197 Strict-Transport-Security max-age=31536000; includeSubDomains Via 1.1 spaces-router (fc27938738da-dirty) Last-Modified Tue, 13 Apr 2021 06:54:12 GMT Date Wed, 14 Apr 2021 04:24:52 GMT Content-Type image/svg+xml Cache-Control no-cache Content-Length 9013 X-Request-Id 6db28e3b-7c3e-87e5-8c68-9361d6e85a54
GET H/1.1	200 OK	qbcommerce-logo.svg bulbasaur-identity.herokuapp.com/assets/images/	4 KB 4 KB	101ms 100ms	Image image/svg+xml	18.205.61.98 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bulbasaur-identity.herokuapp.com/assets/images/qbcommerce-logo.svg Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.205.61.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-205-61-98.compute-1.amazonaws.com Software / Resource Hash 7e0be802630a6b8b20dbe130899b4c023fa8f96f0e4f776d3e046ceb8f0e8180 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://bulbasaur-identity.herokuapp.com/store-not-found User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers X-Runtime 0.001268 Strict-Transport-Security max-age=31536000; includeSubDomains Via 1.1 spaces-router (fc27938738da-dirty) Last-Modified Tue, 13 Apr 2021 06:54:12 GMT Date Wed, 14 Apr 2021 04:24:52 GMT Content-Type image/svg+xml Cache-Control no-cache Content-Length 3590 X-Request-Id 81379e5f-8f9f-f5fb-fd44-690a7a07c2fb
GET H2	200	1Ptug8zYS_SKggPNyC0ITw.woff2 fonts.gstatic.com/s/raleway/v19/	46 KB 46 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Raleway:300,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://bulbasaur-identity.herokuapp.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 10:03:38 GMT x-content-type-options nosniff last-modified Thu, 28 Jan 2021 22:37:32 GMT server sffe age 238874 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47272 x-xss-protection 0 expires Mon, 11 Apr 2022 10:03:38 GMT
GET H2	200	mem8YaGs126MiZpBA-UFVZ0b.woff2 fonts.gstatic.com/s/opensans/v18/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,400italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://bulbasaur-identity.herokuapp.com Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 10:03:38 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:22 GMT server sffe age 238874 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14380 x-xss-protection 0 expires Mon, 11 Apr 2022 10:03:38 GMT
POST H/1.1	200 OK	/ Show response app.getsentry.com/api/50308/store/	41 B 462 B	508ms 127ms	Fetch application/json	35.188.42.15 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.getsentry.com/api/50308/store/?sentry_version=7&sentry_client=raven-js%2F3.22.1&sentry_key=cbda981d014b419b93fdfee8ec15efa2 Requested by Host: cdn.ravenjs.com URL: https://cdn.ravenjs.com/3.22.1/raven.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 15.42.188.35.bc.googleusercontent.com Software nginx / Resource Hash 6524df7017f5597f4577d8c6cedc09304bf5ecdc61a28fb7a001f1f8f8359df3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://bulbasaur-identity.herokuapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Wed, 14 Apr 2021 04:24:52 GMT vary Origin Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Type application/json access-control-allow-origin https://bulbasaur-identity.herokuapp.com access-control-expose-headers x-sentry-error, x-sentry-rate-limits, retry-after x-envoy-upstream-service-time 0 Connection keep-alive Content-Length 41

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Raven object| loader function| define function| requireModule function| require function| requirejs boolean| runningTests function| _createClass function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded boolean| preferNative function| _get undefined| __ember_auto_import__ function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| __guard__ function| __guardMethod__ object| EmberENV function| moment object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| mainContext object| Ember object| Em function| Pikaday object| base64 function| tinycolor function| UAParser function| ResizeSensor function| Hammer function| Tether object| webpackJsonp_ember_auto_import_ function| _eai_r function| _eai_d function| emberAutoImportDynamic object| Charmander object| analytics

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bulbasaur-identity.herokuapp.com/	1969-12-31 23:59:59	Name: ember_simple_auth-session Value: %7B%22authenticated%22%3A%7B%7D%7D
			bulbasaur-identity.herokuapp.com/	1969-12-31 23:59:59	Name: _bulbasaur_session Value: LV2WSmMQHWhkllftbuQrjlE8v1AiKAW%2BISLrT9otvBr%2Fgk3WvhzmQcwfKYTb50rIUO77zfsO5M2hm41NH%2FfAQzP16AOlXFkoEtaHnXg2zpgKRzPwYMLB7LAYTBhV2Y3qJFB9cNiPBPergFj%2B%2FJXn%2F7GPnITEcZQdtLA8d1juTKVquLla07k%2BCHvd--M4gz3yxvOOvcoMDC--KbXJJvLFS%2BD2tN9X%2FRdraA%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.ravenjs.com/3.22.1/raven.min.js(Line 2) Message: 1618374291796 Error loading storefront data: Reason : Error: Ember Data Request GET /api/accounts returned a 404 Payload (application/json; charset=utf-8) [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.getsentry.com
bulbasaur-identity.herokuapp.com
cdn.ravenjs.com
cdn.segment.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
staging.tradegecko.com
18.205.61.98
2606:4700::6812:bcf
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a04:4e42:600::729
35.188.42.15
52.204.93.39
99.84.151.85
0bce161c1546eba68585e5b193dd43e865c729dfaae9fe8904fcca51bbb55b33
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
495ee113ad8fb652cdfbaf27ca586a60fcd9e363e352e82ded113ff9755c9475
578d33f073e9abdfed9a6e598a5b1c482113a97b4094ede891fc22697dd1d1c8
5961a42ecdc9166609c334d84528cbb09b7b6fbf9581d89e48bc7d67a067af09
6524df7017f5597f4577d8c6cedc09304bf5ecdc61a28fb7a001f1f8f8359df3
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e0be802630a6b8b20dbe130899b4c023fa8f96f0e4f776d3e046ceb8f0e8180
9795c5ff8937f23526ccb207a5684c1fc94a7854e19c021b39d944e51f5baef2
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a629564a81fd21b88fd0c0597ce75469ab5266eb054a29eade51a11d12679b5e
bbb83118b0b4e3c837a3d2706dd7928231ee80189d6f94d5a433f39b7a4d1887
bc4838cb8c5bdfb6513758ce954a9e5de62c4686a814693589296aea93cebc4c
d1cc8b286d1044d8f51d0045251e891a046660346e885c1246afc08462f34ef1
db229f21b6e3a11d8fce9a5b063ab4109987d65b8469b3d149b7c2b2395b8601
ed7417187bc535fe583beec5f8796cd36869aff2763265a2c29536530319c59e
f31404d1cd5f6abf769d866f8cf6688c98e426da64bc6ea8965391492d1295f8