app.alloy.ai Open in urlscan Pro
35.239.53.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://link.alloy.ai/ls/click?upn=0y50faD175Q2-2Brs9OcPEokOeqVfBY-2BOtkzOu7Gm02XZ3BP032rkiuQVOjyH8QAXroZ2Pt13emPg41wP...
Effective URL:
https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report
Submission: On May 15 via manual (May 15th 2020, 6:55:13 pm UTC) from US

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 23 HTTP transactions. The main IP is 35.239.53.74, located in United States and belongs to GOOGLE, US. The main domain is app.alloy.ai.
TLS certificate: Issued by GoGetSSL RSA DV CA on November 20th 2019. Valid for: 2 years.

This is the only time app.alloy.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.52 167.89.118.52	11377 (SENDGRID) (SENDGRID)
10	35.239.53.74 35.239.53.74	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
2	130.211.34.183 130.211.34.183	15169 (GOOGLE) (GOOGLE)
1	52.85.92.142 52.85.92.142	16509 (AMAZON-02) (AMAZON-02)
1	52.39.141.123 52.39.141.123	16509 (AMAZON-02) (AMAZON-02)
1	54.230.183.70 54.230.183.70	16509 (AMAZON-02) (AMAZON-02)
1	34.204.184.98 34.204.184.98	14618 (AMAZON-AES) (AMAZON-AES)
23	9

1 167.89.118.52 (United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x52.outbound-mail.sendgrid.net

link.alloy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.239.53.74 (United States)

ASN15169 (GOOGLE, US)
PTR: 74.53.239.35.bc.googleusercontent.com

app.alloy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.34.183 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 183.34.211.130.bc.googleusercontent.com

api.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.92.142 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-142.ham50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.39.141.123 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-39-141-123.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.183.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-70.ham50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.204.184.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-184-98.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	alloy.ai 1 redirects link.alloy.ai app.alloy.ai	897 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	gstatic.com fonts.gstatic.com	41 KB
2	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	34 KB
2	mixpanel.com api.mixpanel.com	457 B
1	segment.io api.segment.io	139 B
1	segment.com cdn.segment.com	64 KB
23	7

	Domain	Requested by
10	app.alloy.ai	app.alloy.ai
4	fonts.googleapis.com	app.alloy.ai
3	fonts.gstatic.com	app.alloy.ai
2	api.mixpanel.com	app.alloy.ai
1	heapanalytics.com
1	cdn.heapanalytics.com	cdn.segment.com
1	api.segment.io	app.alloy.ai
1	cdn.segment.com	app.alloy.ai
1	link.alloy.ai	1 redirects
23	9

This site contains no links.

Subject Issuer	Validity	Valid
*.alloy.ai GoGetSSL RSA DV CA	`2019-11-20` - `2022-02-21`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2019-06-24` - `2020-07-01`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2019-10-22` - `2020-11-22`	a year	crt.sh
heapanalytics.com Amazon	`2020-01-21` - `2021-02-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report
Frame ID: 3F88D39A1D4D931249E8D160D0AC450F
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://link.alloy.ai/ls/click?upn=0y50faD175Q2-2Brs9OcPEokOeqVfBY-2BOtkzOu7Gm02XZ3BP032rkiuQVOjyH... HTTP 302
https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /heap-\d+\.js/i

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

23
Requests

100 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

1039 kB
Transfer

3567 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://link.alloy.ai/ls/click?upn=0y50faD175Q2-2Brs9OcPEokOeqVfBY-2BOtkzOu7Gm02XZ3BP032rkiuQVOjyH8QAXroZ2Pt13emPg41wPSXfGWKQIV4C-2F7D0mWqutwNUdxMqI-3DSoTV_ZKkRsUqp5VAZ-2FHNf17HVHPqBM1tY-2Fgw9AoND-2FrjYfhjbOJVWk6VyJ5ZMoOFJgL82i9zvbOabkkqYSThYWUkHroF6vyt0jOAaeQDvkqnZBrWmC-2BI7u-2B-2FWXiwQQrrTKt1ytkemeM2zqFhrMbW-2BB0DrgadnipeHuGULldMRFCkX8L3alEfl0lYB4FJWJy2XVEHeYMxITEktfu57701cBIk9bpNL7NYEk-2Bn5YnNiT9davrwwLPmH7OnqxWcHHFEk6wyb HTTP 302
https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request siop-weekly-report Show response
app.alloy.ai/nautilus/analysis/11230/
Redirect Chain

http://link.alloy.ai/ls/click?upn=0y50faD175Q2-2Brs9OcPEokOeqVfBY-2BOtkzOu7Gm02XZ3BP032rkiuQVOjyH8QAXroZ2Pt13emPg41wPSXfGWKQIV4C-2F7D0mWqutwNUdxMqI-3DSoTV_ZKkRsUqp5VAZ-2FHNf17HVHPqBM1tY-2Fgw9AoND-2...
https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report

2 KB
2 KB

399ms
121ms

Document
text/html

35.239.53.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.239.53.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

74.53.239.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

c7952a26668ed471969ceb5340b20e8c423f2c598b5339d048edb93cb2be5451

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: http://127.0.0.1:21648 https://.sentry.io https://sentry.io https://.mapbox.com https://.mixpanel.com https://heapanalytics.com https://.heapanalytics.com https://.intercomcdn.com wss://.intercom.io https://.intercom.io https://.intercomassets.com https://segment.com https://.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: app.alloy.ai
:scheme: https
:path: /nautilus/analysis/11230/siop-weekly-report
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
server: nginx
date: Fri, 15 May 2020 18:54:56 GMT
content-type: text/html; charset=UTF-8
last-modified: Fri, 15 May 2020 09:48:42 GMT
vary: Accept-Encoding
etag: W/"5ebe657a-895"
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' data: blob: http://127.0.0.1:21648 https://*.sentry.io https://sentry.io https://*.mapbox.com https://*.mixpanel.com https://heapanalytics.com https://*.heapanalytics.com https://*.intercomcdn.com wss://*.intercom.io https://*.intercom.io https://*.intercomassets.com https://segment.com https://*.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://*.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin
expect-ct: max-age=0, report-uri=https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2;
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 15 May 2020 18:54:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 86
Connection: keep-alive
Location: https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report
X-Robots-Tag: noindex, nofollow

GET
H2 200 76.2107ccf760146cdff0d5.css
app.alloy.ai/dist/ 93 KB
23 KB 222ms
222ms Stylesheet
text/css 35.239.53.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.alloy.ai/dist/76.2107ccf760146cdff0d5.css

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.239.53.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

74.53.239.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

fcc023e179dda0614c765283a436150bc566edfaf4b2fd415fd83cc2edbe80ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: http://127.0.0.1:21648 https://.sentry.io https://sentry.io https://.mapbox.com https://.mixpanel.com https://heapanalytics.com https://.heapanalytics.com https://.intercomcdn.com wss://.intercom.io https://.intercom.io https://.intercomassets.com https://segment.com https://.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 18:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 15 May 2020 09:48:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ebe657a-17479"
expect-ct: max-age=0, report-uri=https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2;
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=315360000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: blob: http://127.0.0.1:21648 https://*.sentry.io https://sentry.io https://*.mapbox.com https://*.mixpanel.com https://heapanalytics.com https://*.heapanalytics.com https://*.intercomcdn.com wss://*.intercom.io https://*.intercom.io https://*.intercomassets.com https://segment.com https://*.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://*.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 runtime.7b188fdff9ce918b5e3d.js Show response
app.alloy.ai/dist/ 10 KB
6 KB 227ms
227ms Script
application/javascript 35.239.53.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.alloy.ai/dist/runtime.7b188fdff9ce918b5e3d.js

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.239.53.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

74.53.239.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

f9a39ebd1343869b62220536c4c93fa2994b6bfb794104d40f6d2bdc4d73351a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: http://127.0.0.1:21648 https://.sentry.io https://sentry.io https://.mapbox.com https://.mixpanel.com https://heapanalytics.com https://.heapanalytics.com https://.intercomcdn.com wss://.intercom.io https://.intercom.io https://.intercomassets.com https://segment.com https://.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 18:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 15 May 2020 09:48:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ebe657a-2724"
expect-ct: max-age=0, report-uri=https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2;
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: blob: http://127.0.0.1:21648 https://*.sentry.io https://sentry.io https://*.mapbox.com https://*.mixpanel.com https://heapanalytics.com https://*.heapanalytics.com https://*.intercomcdn.com wss://*.intercom.io https://*.intercom.io https://*.intercomassets.com https://segment.com https://*.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://*.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bundle.1b6f930bc50a070dcfd3.js Show response
app.alloy.ai/dist/ 2 MB
429 KB 326ms
325ms Script
application/javascript 35.239.53.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.alloy.ai/dist/bundle.1b6f930bc50a070dcfd3.js

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.239.53.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

74.53.239.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

041ec0e253878902794560d0d07e389a03cc1da693b9e15b0cab2bed8c0cf36c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: http://127.0.0.1:21648 https://.sentry.io https://sentry.io https://.mapbox.com https://.mixpanel.com https://heapanalytics.com https://.heapanalytics.com https://.intercomcdn.com wss://.intercom.io https://.intercom.io https://.intercomassets.com https://segment.com https://.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 18:54:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 15 May 2020 09:48:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ebe657a-1e974e"
expect-ct: max-age=0, report-uri=https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2;
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: blob: http://127.0.0.1:21648 https://*.sentry.io https://sentry.io https://*.mapbox.com https://*.mixpanel.com https://heapanalytics.com https://*.heapanalytics.com https://*.intercomcdn.com wss://*.intercom.io https://*.intercom.io https://*.intercomassets.com https://segment.com https://*.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://*.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
608 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,100,300,700

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc6b96a7245cd2f73ac09a4290d0a3ea04a4ae60496ec51cacbd4bc9dc2d6f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 May 2020 18:54:56 GMT
server: ESF
date: Fri, 15 May 2020 18:54:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 May 2020 18:54:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
778 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,500

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 May 2020 18:54:56 GMT
server: ESF
date: Fri, 15 May 2020 18:54:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 May 2020 18:54:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
802 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e11a39a7de5e23f8171829708551abdd8c8578bc1eb78314a2a031ad94c0c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 May 2020 18:54:56 GMT
server: ESF
date: Fri, 15 May 2020 18:54:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 May 2020 18:54:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
726 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/nautilus/analysis/11230/siop-weekly-report

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37adcb4e29a3f9fa7ddf4a03e046f071183672131309c0bb460538612be4d77b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 15 May 2020 18:54:56 GMT
server: ESF
date: Fri, 15 May 2020 18:54:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 May 2020 18:54:56 GMT

GET
H2 200 0.28be8530c3b1343c2813.css
app.alloy.ai/dist/ 162 KB
36 KB 120ms
120ms Stylesheet
text/css 35.239.53.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.alloy.ai/dist/0.28be8530c3b1343c2813.css

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/dist/runtime.7b188fdff9ce918b5e3d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.239.53.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

74.53.239.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ab69687176f0c9aaf220bd6e3b75743c22beb80f052faaa811a0ca9b3b614da8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: http://127.0.0.1:21648 https://.sentry.io https://sentry.io https://.mapbox.com https://.mixpanel.com https://heapanalytics.com https://.heapanalytics.com https://.intercomcdn.com wss://.intercom.io https://.intercom.io https://.intercomassets.com https://segment.com https://.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 18:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 15 May 2020 09:48:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ebe657a-289e8"
expect-ct: max-age=0, report-uri=https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2;
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=315360000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: blob: http://127.0.0.1:21648 https://*.sentry.io https://sentry.io https://*.mapbox.com https://*.mixpanel.com https://heapanalytics.com https://*.heapanalytics.com https://*.intercomcdn.com wss://*.intercom.io https://*.intercom.io https://*.intercomassets.com https://segment.com https://*.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://*.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 toolkit.9cc5e5277c6df39be08f.js Show response
app.alloy.ai/dist/ 815 KB
375 KB 120ms
120ms Script
application/javascript 35.239.53.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.alloy.ai/dist/toolkit.9cc5e5277c6df39be08f.js

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/dist/runtime.7b188fdff9ce918b5e3d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.239.53.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

74.53.239.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

c785ea14854a12b7d67e7ae0b54962cde039a4771667515b1703d1c8ae0a4c80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: http://127.0.0.1:21648 https://.sentry.io https://sentry.io https://.mapbox.com https://.mixpanel.com https://heapanalytics.com https://.heapanalytics.com https://.intercomcdn.com wss://.intercom.io https://.intercom.io https://.intercomassets.com https://segment.com https://.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 18:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 15 May 2020 09:48:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ebe657a-cbba4"
expect-ct: max-age=0, report-uri=https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2;
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: blob: http://127.0.0.1:21648 https://*.sentry.io https://sentry.io https://*.mapbox.com https://*.mixpanel.com https://heapanalytics.com https://*.heapanalytics.com https://*.intercomcdn.com wss://*.intercom.io https://*.intercom.io https://*.intercomassets.com https://segment.com https://*.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://*.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 46.c679328f24ed05176662.css
app.alloy.ai/dist/ 2 KB
2 KB 140ms
140ms Stylesheet
text/css 35.239.53.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.alloy.ai/dist/46.c679328f24ed05176662.css

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/dist/runtime.7b188fdff9ce918b5e3d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.239.53.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

74.53.239.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

bc14bcc62c499e929dcce3bf7f02dcae4e19d9f0a41196342b9fc76233864c2b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: http://127.0.0.1:21648 https://.sentry.io https://sentry.io https://.mapbox.com https://.mixpanel.com https://heapanalytics.com https://.heapanalytics.com https://.intercomcdn.com wss://.intercom.io https://.intercom.io https://.intercomassets.com https://segment.com https://.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 18:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 15 May 2020 09:48:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ebe657a-69c"
expect-ct: max-age=0, report-uri=https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2;
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
cache-control: max-age=315360000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: blob: http://127.0.0.1:21648 https://*.sentry.io https://sentry.io https://*.mapbox.com https://*.mixpanel.com https://heapanalytics.com https://*.heapanalytics.com https://*.intercomcdn.com wss://*.intercom.io https://*.intercom.io https://*.intercomassets.com https://segment.com https://*.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://*.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 LoginPage.598f7bf107568cab5d45.js Show response
app.alloy.ai/dist/ 7 KB
4 KB 141ms
140ms Script
application/javascript 35.239.53.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.alloy.ai/dist/LoginPage.598f7bf107568cab5d45.js

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/dist/runtime.7b188fdff9ce918b5e3d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.239.53.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

74.53.239.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

59ae6893ee0449bdf99acc098ac6ae7bd37512816c83f29bb52c2740dbc5a89e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: http://127.0.0.1:21648 https://.sentry.io https://sentry.io https://.mapbox.com https://.mixpanel.com https://heapanalytics.com https://.heapanalytics.com https://.intercomcdn.com wss://.intercom.io https://.intercom.io https://.intercomassets.com https://segment.com https://.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 18:54:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 15 May 2020 09:48:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5ebe657a-1c51"
expect-ct: max-age=0, report-uri=https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2;
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: blob: http://127.0.0.1:21648 https://*.sentry.io https://sentry.io https://*.mapbox.com https://*.mixpanel.com https://heapanalytics.com https://*.heapanalytics.com https://*.intercomcdn.com wss://*.intercom.io https://*.intercom.io https://*.intercomassets.com https://segment.com https://*.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://*.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 public Show response
app.alloy.ai/api/environment/ 360 B
518 B 216ms
215ms Fetch
application/json 35.239.53.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://app.alloy.ai/api/environment/public
Requested by: Host: app.alloy.ai
URL: https://app.alloy.ai/dist/bundle.1b6f930bc50a070dcfd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.239.53.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 74.53.239.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9ed8f7bf202ee5f3be1cc28f3022f00caf7d789ee5a19bdda3028f4263ae8eb4

Request headers

Accept: application/json
X-Cloud-Trace-Context: 5a1b88ea-736d-4fb8-a90f-ad953c682da6
Referer: https://app.alloy.ai/
X-XSRF-TOKEN: undefined
ALLOY-VENDOR
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 15 May 2020 18:54:57 GMT
content-encoding: gzip
server: nginx
x-api-version: 20200515-094022-57ed2fa8c
vary: Accept-Encoding
content-type: application/json
status: 200
x-cloud-trace-context: 2d16cdb2-71e5-4d7b-8050-e089b94932c9
cache-control: private, no-cache, no-store, no-transform, must-revalidate
content-length: 288

GET
H2 200 9e132c8d67bbaed70c2137f225989dfc.gif
app.alloy.ai/dist/ 18 KB
19 KB 135ms
135ms Image
image/gif 35.239.53.74
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.alloy.ai/dist/9e132c8d67bbaed70c2137f225989dfc.gif

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.239.53.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

74.53.239.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

0d6c6cfba3a05c34af15bb182f8afd76165f84c99fcd1f593b4fb31c2cfab6fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: http://127.0.0.1:21648 https://.sentry.io https://sentry.io https://.mapbox.com https://.mixpanel.com https://heapanalytics.com https://.heapanalytics.com https://.intercomcdn.com wss://.intercom.io https://.intercom.io https://.intercomassets.com https://segment.com https://.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 18:54:57 GMT
x-content-type-options: nosniff
status: 200
content-length: 18500
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
last-modified: Fri, 15 May 2020 09:48:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5ebe657a-4844"
expect-ct: max-age=0, report-uri=https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2;
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=315360000
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
content-security-policy: default-src 'self' data: blob: http://127.0.0.1:21648 https://*.sentry.io https://sentry.io https://*.mapbox.com https://*.mixpanel.com https://heapanalytics.com https://*.heapanalytics.com https://*.intercomcdn.com wss://*.intercom.io https://*.intercom.io https://*.intercomassets.com https://segment.com https://*.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://*.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,100,300,700
Origin: https://app.alloy.ai

Response headers

date: Wed, 13 May 2020 00:17:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 239831
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Thu, 13 May 2021 00:17:46 GMT

GET
DATA 200
OK truncated
/ 348 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f867f0fd4710a9f5f6e42a36c8bdb3a212c6a38f3651f4d6a050273419cc77a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/dist/bundle.1b6f930bc50a070dcfd3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,100,300,700
Origin: https://app.alloy.ai

Response headers

date: Fri, 08 May 2020 09:41:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:39 GMT
server: sffe
age: 638036
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
expires: Sat, 08 May 2021 09:41:01 GMT

GET
DATA 200
OK truncated
/ 426 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bb12cf92a3a3e38f2325fcc6923e02a38a15798187ff4a4ef7b42e4fdadbbb6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: app.alloy.ai
URL: https://app.alloy.ai/dist/bundle.1b6f930bc50a070dcfd3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,100,300,700
Origin: https://app.alloy.ai

Response headers

date: Fri, 08 May 2020 16:35:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 613167
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
expires: Sat, 08 May 2021 16:35:30 GMT

GET
DATA 200
OK truncated
/ 618 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 128e20d5fb1c848ff8071b701ff765ec0892fff65b5545c56d49efa872ad11f6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
api.mixpanel.com/decide/ 65 B
325 B 70ms
28ms XHR
application/json 130.211.34.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=3407db27bac181ed06543a4c8855b293&ip=1&_=1589568897343
Requested by: Host: app.alloy.ai
URL: https://app.alloy.ai/dist/bundle.1b6f930bc50a070dcfd3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.34.183 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.34.211.130.bc.googleusercontent.com
Software: gunicorn/19.9.0 /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 18:54:57 GMT
via: 1.1 google
server: gunicorn/19.9.0
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://app.alloy.ai
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 / Show response
api.mixpanel.com/track/ 1 B
132 B 161ms
121ms XHR
application/json 130.211.34.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiTWFjIE9TIFgiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkY3VycmVudF91cmwiOiAiaHR0cHM6Ly9hcHAuYWxsb3kuYWkvbG9naW4iLCIkYnJvd3Nlcl92ZXJzaW9uIjogNzQsIiRzY3JlZW5faGVpZ2h0IjogMTIwMCwiJHNjcmVlbl93aWR0aCI6IDE2MDAsIm1wX2xpYiI6ICJ3ZWIiLCIkbGliX3ZlcnNpb24iOiAiMi4yOC4wIiwidGltZSI6IDE1ODk1Njg4OTcuMzQ1LCJkaXN0aW5jdF9pZCI6ICIxNzIxOWIwODEzYzM5Mi0wMTRhMzVjMWY3YTJjYy0zNzY0N2UwMy0xZDRjMDAtMTcyMTliMDgxM2RhNDQiLCIkZGV2aWNlX2lkIjogIjE3MjE5YjA4MTNjMzkyLTAxNGEzNWMxZjdhMmNjLTM3NjQ3ZTAzLTFkNGMwMC0xNzIxOWIwODEzZGE0NCIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogImh0dHBzOi8vYXBwLmFsbG95LmFpL2xvZ2luIiwibXBfYnJvd3NlciI6ICJDaHJvbWUiLCJtcF9wbGF0Zm9ybSI6ICJNYWMgT1MgWCIsInRva2VuIjogIjM0MDdkYjI3YmFjMTgxZWQwNjU0M2E0Yzg4NTViMjkzIn19&ip=1&_=1589568897346
Requested by: Host: app.alloy.ai
URL: https://app.alloy.ai/dist/bundle.1b6f930bc50a070dcfd3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.34.183 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.34.211.130.bc.googleusercontent.com
Software: envoy /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 18:54:57 GMT
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://app.alloy.ai
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: clear
content-length: 1

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/oHh31iE5nwfYvQWKjNyAU8oMRuswwYDx/ 353 KB
64 KB 873ms
819ms Script
text/javascript 52.85.92.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/oHh31iE5nwfYvQWKjNyAU8oMRuswwYDx/analytics.min.js
Requested by: Host: app.alloy.ai
URL: https://app.alloy.ai/dist/bundle.1b6f930bc50a070dcfd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.92.142 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-92-142.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63fd15209ecd9d0dc62c35e17bb4d16d4871fc6c2f1b913a2c558b38183dbc96

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 18:54:58 GMT
content-encoding: gzip
x-amz-cf-pop: HAM50-C1
x-cache: Miss from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-length: 65188
access-control-allow-origin: *
last-modified: Fri, 15 May 2020 17:53:04 GMT
server: AmazonS3
etag: "83f1af3fed3a3b70fa6a0dd71871d53a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: Hunw4ZLCyExAiB4O7A0k0SrAjfYPJRSz
via: 1.1 04545073f97f94a6b7b4580892eff70d.cloudfront.net (CloudFront)
cache-control: public, max-age=300
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
x-amz-cf-id: sirbzqfu4nHgTBvEL3WOhCEVxeM-_oG5swwXfKdf24m4h7uf23Oo8A==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
139 B 540ms
179ms XHR
application/json 52.39.141.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: app.alloy.ai
URL: https://app.alloy.ai/dist/bundle.1b6f930bc50a070dcfd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.39.141.123 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-39-141-123.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
date: Fri, 15 May 2020 18:54:58 GMT
access-control-allow-origin: https://app.alloy.ai
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 heap-2259843680.js Show response
cdn.heapanalytics.com/js/ 81 KB
34 KB 252ms
137ms Script
application/javascript 54.230.183.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/heap-2259843680.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/oHh31iE5nwfYvQWKjNyAU8oMRuswwYDx/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.183.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-183-70.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 103eb5f8be86736a3689fe6bb3206224c730193b8b3a0ba03e3cdc9e0315c01b

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 15 May 2020 18:54:58 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: HAM50-C3
etag: W/"14272-OpF9Qn8Ycy2dlx6Va+eWJA"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=120
x-amz-cf-id: nQOlv5uRIBg6GVoy8BLc5q-Na4RPCFZlRrgKE5RaGg073-UkyMHEbw==
via: 1.1 9a017d15c75b3a14dee95340cd7042cb.cloudfront.net (CloudFront)

GET
H2 200 h
heapanalytics.com/ 37 B
212 B 336ms
108ms Image
image/gif 34.204.184.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heapanalytics.com/h?a=2259843680&u=1450152387291489&v=8507360409354321&s=8220294653763972&b=web&tv=4.0&z=0&h=%2Flogin&d=app.alloy.ai&t=Alloy&ts=1589568898775&st=1589568898777
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.184.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-184-98.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://app.alloy.ai/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 May 2020 18:54:59 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.alloy.ai/	1970-01-19 18:18:24	Name: mp_3407db27bac181ed06543a4c8855b293_mixpanel Value: %7B%22distinct_id%22%3A%20%2217219b0813c392-014a35c1f7a2cc-37647e03-1d4c00-17219b0813da44%22%2C%22%24device_id%22%3A%20%2217219b0813c392-014a35c1f7a2cc-37647e03-1d4c00-17219b0813da44%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' data: blob: http://127.0.0.1:21648 https://.sentry.io https://sentry.io https://.mapbox.com https://.mixpanel.com https://heapanalytics.com https://.heapanalytics.com https://.intercomcdn.com wss://.intercom.io https://.intercom.io https://.intercomassets.com https://segment.com https://.segment.com https://api.segment.io https://static.zdassets.com https://ekr.zdassets.com https://alloyai.zendesk.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com https://id.zopim.com https://.zopim.io; frame-src 'self' data: blob: https://play.vidyard.com; style-src 'self' 'unsafe-inline' data: blob: https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' data: https://fonts.gstatic.com https://*.intercomcdn.com; report-uri https://sentry.io/api/1295092/security/?sentry_key=1322ab305aa641fabe587841f73c7bc2
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mixpanel.com
api.segment.io
app.alloy.ai
cdn.heapanalytics.com
cdn.segment.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
link.alloy.ai
130.211.34.183
167.89.118.52
2a00:1450:4001:800::200a
2a00:1450:4001:820::2003
34.204.184.98
35.239.53.74
52.39.141.123
52.85.92.142
54.230.183.70
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
041ec0e253878902794560d0d07e389a03cc1da693b9e15b0cab2bed8c0cf36c
0d6c6cfba3a05c34af15bb182f8afd76165f84c99fcd1f593b4fb31c2cfab6fa
0f867f0fd4710a9f5f6e42a36c8bdb3a212c6a38f3651f4d6a050273419cc77a
103eb5f8be86736a3689fe6bb3206224c730193b8b3a0ba03e3cdc9e0315c01b
128e20d5fb1c848ff8071b701ff765ec0892fff65b5545c56d49efa872ad11f6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
2e11a39a7de5e23f8171829708551abdd8c8578bc1eb78314a2a031ad94c0c5d
37adcb4e29a3f9fa7ddf4a03e046f071183672131309c0bb460538612be4d77b
59ae6893ee0449bdf99acc098ac6ae7bd37512816c83f29bb52c2740dbc5a89e
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
63fd15209ecd9d0dc62c35e17bb4d16d4871fc6c2f1b913a2c558b38183dbc96
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
8bb12cf92a3a3e38f2325fcc6923e02a38a15798187ff4a4ef7b42e4fdadbbb6
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9ed8f7bf202ee5f3be1cc28f3022f00caf7d789ee5a19bdda3028f4263ae8eb4
ab69687176f0c9aaf220bd6e3b75743c22beb80f052faaa811a0ca9b3b614da8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc14bcc62c499e929dcce3bf7f02dcae4e19d9f0a41196342b9fc76233864c2b
bc6b96a7245cd2f73ac09a4290d0a3ea04a4ae60496ec51cacbd4bc9dc2d6f39
c785ea14854a12b7d67e7ae0b54962cde039a4771667515b1703d1c8ae0a4c80
c7952a26668ed471969ceb5340b20e8c423f2c598b5339d048edb93cb2be5451
d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa
f9a39ebd1343869b62220536c4c93fa2994b6bfb794104d40f6d2bdc4d73351a
fcc023e179dda0614c765283a436150bc566edfaf4b2fd415fd83cc2edbe80ea

app.alloy.ai Open in urlscan Pro 35.239.53.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

22 %IPv6

7 Domains

9 Subdomains

9 IPs

2 Countries

1039 kBTransfer

3567 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

app.alloy.ai Open in urlscan Pro
35.239.53.74 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

22 %
IPv6

7
Domains

9
Subdomains

9
IPs

2
Countries

1039 kB
Transfer

3567 kB
Size

1
Cookies

23 HTTP transactions
3 data transactions