www.sqreen.com Open in urlscan Pro
2a05:d014:275:cb02:b2b8:b4ca:8518:7335 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cto-security-checklist.sqreen.com/
Effective URL:
https://www.sqreen.com/checklists/saas-cto-security-checklist
Submission: On November 24 via automatic, source certstream-suspicious (November 24th 2021, 8:04:25 am UTC) — Scanned from DE

Summary HTTP 44 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 44 HTTP transactions. The main IP is 2a05:d014:275:cb02:b2b8:b4ca:8518:7335, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.sqreen.com.
TLS certificate: Issued by R3 on October 16th 2021. Valid for: 3 months.

This is the only time www.sqreen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2600:9000:215... 2600:9000:2156:0:4:2d4c:7b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 8	2a05:d014:275... 2a05:d014:275:cb02:b2b8:b4ca:8518:7335	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700::68... 2606:4700::6812:678	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.136 142.250.186.136	15169 (GOOGLE) (GOOGLE)
7	143.204.101.119 143.204.101.119	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
8	52.213.109.134 52.213.109.134	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
44	10

3 2600:9000:2156:0:4:2d4c:7b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cto-security-checklist.sqreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a05:d014:275:cb02:b2b8:b4ca:8518:7335 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

www.sqreen.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sqreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:678 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.101.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-119.fra50.r.cloudfront.net

d33wubrfki0l68.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.213.109.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-109-134.eu-west-1.compute.amazonaws.com

reports-api.sqreen.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	sqreen.com cto-security-checklist.sqreen.com www.sqreen.com	242 KB
9	sqreen.io 1 redirects www.sqreen.io reports-api.sqreen.io	4 KB
7	cloudfront.net d33wubrfki0l68.cloudfront.net	107 KB
7	cookiepro.com cookie-cdn.cookiepro.com	111 KB
1	onetrust.com geolocation.onetrust.com	398 B
1	googleapis.com fonts.googleapis.com	1 KB
1	jquery.com code.jquery.com	30 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
44	8

	Domain	Requested by
8	reports-api.sqreen.io	www.sqreen.com cookie-cdn.cookiepro.com
7	d33wubrfki0l68.cloudfront.net	www.sqreen.com
7	cookie-cdn.cookiepro.com	www.sqreen.com cookie-cdn.cookiepro.com
7	www.sqreen.com	cto-security-checklist.sqreen.com www.sqreen.com
3	cto-security-checklist.sqreen.com	cto-security-checklist.sqreen.com
1	geolocation.onetrust.com	cookie-cdn.cookiepro.com
1	fonts.googleapis.com	www.sqreen.com
1	code.jquery.com	www.sqreen.com
1	www.googletagmanager.com	www.sqreen.com
1	www.sqreen.io	1 redirects
44	10

This site contains links to these domains. Also see Links.

Domain
blog.sqreen.com
docs.sqreen.com
my.sqreen.com
www.datadoghq.com
sqreen.status.io
cookiepedia.co.uk
www.cookiepro.com

Subject Issuer	Validity	Valid
cto-security-checklist.sqreen.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
disrupt.sqreen.io R3	`2021-10-16` - `2022-01-14`	3 months	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2021-05-20` - `2022-05-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
reports-api.sqreen.com Amazon	`2021-11-16` - `2022-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.sqreen.com/checklists/saas-cto-security-checklist
Frame ID: BCE8E7F9C936ED20C347C3B4BC05E62A
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Application Security Management Platform | SqreenBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://cto-security-checklist.sqreen.com/ Page URL
https://www.sqreen.io/checklists/saas-cto-security-checklist HTTP 301
https://www.sqreen.com/checklists/saas-cto-security-checklist Page URL

Page Statistics

44
Requests

82 %
HTTPS

56 %
IPv6

8
Domains

10
Subdomains

10
IPs

4
Countries

528 kB
Transfer

1169 kB
Size

1
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.sqreen.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://docs.sqreen.com/
Title: Docs

Search URL Search Domain Scan URL

URL: https://my.sqreen.com/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.datadoghq.com/blog/datadog-acquires-sqreen
Title: See the full announcement for more details

Search URL Search Domain Scan URL

URL: https://sqreen.status.io/
Title: Service Status

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.cookiepro.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cto-security-checklist.sqreen.com/ Page URL
https://www.sqreen.io/checklists/saas-cto-security-checklist HTTP 301
https://www.sqreen.com/checklists/saas-cto-security-checklist Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
cto-security-checklist.sqreen.com/ 89 KB
16 KB 469ms
402ms Document
text/html 2600:9000:2156:0:4:2d4c:7b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cto-security-checklist.sqreen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:4:2d4c:7b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c65d5f03bb2e19294396faa0b9c630a79b33c961b6773cde5d0e8c9ad7e4daea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
last-modified: Tue, 30 Apr 2019 21:53:05 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 24 Nov 2021 08:04:21 GMT
etag: W/"a366a384b9ebfebcd02c0259d6dbe647"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: VXZh8_qT-Tk7ZK5nW75xPWEkDPl-0MCNQN97K8milyS0Fg5fCNDNvw==

GET
H2 200 style.min.css
cto-security-checklist.sqreen.com/css/ 18 KB
4 KB 394ms
393ms Stylesheet
text/css 2600:9000:2156:0:4:2d4c:7b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cto-security-checklist.sqreen.com/css/style.min.css
Requested by: Host: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:4:2d4c:7b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cto-security-checklist.sqreen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 08:04:21 GMT
content-encoding: gzip
last-modified: Tue, 30 Apr 2019 21:53:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"8b0aaeaa6d73c09b64ffd055f4aff00b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-id: KkJVhjBpjetXUSna2Gvk9WpGlO3K_8xupmFF1N060UUEfecTWlJc3A==

GET
H2 200 cross.svg
cto-security-checklist.sqreen.com/images/ 202 B
529 B 419ms
419ms Image
image/svg+xml 2600:9000:2156:0:4:2d4c:7b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cto-security-checklist.sqreen.com/images/cross.svg
Requested by: Host: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:0:4:2d4c:7b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cto-security-checklist.sqreen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 08:04:21 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2019 21:53:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "76fb4c49319a9528a3d8cf539814a077"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 202
x-amz-cf-id: 43p1ViAKSNpbSqxTFDEkMy0WCYSCcC3drXY6z7V_29AviTdJXnHBZQ==

GET burger.svg
cto-security-checklist.sqreen.com/images/ 0
0

GET scsc-logo.svg
cto-security-checklist.sqreen.com/images/ 0
0

GET arrow-bottom.svg
cto-security-checklist.sqreen.com/images/ 0
0

GET sqreen-logo.svg
cto-security-checklist.sqreen.com/images/ 0
0

GET icon-twitter-white.svg
cto-security-checklist.sqreen.com/images/ 0
0

GET jquery-3.1.1.min.js
cto-security-checklist.sqreen.com/js/vendors/ 0
0

GET isotope.pkgd.min.js
cto-security-checklist.sqreen.com/js/vendors/ 0
0

GET main.js
cto-security-checklist.sqreen.com/js/ 0
0

GET
H2

404

Primary Request saas-cto-security-checklist Show response
www.sqreen.com/checklists/
Redirect Chain

https://www.sqreen.io/checklists/saas-cto-security-checklist
https://www.sqreen.com/checklists/saas-cto-security-checklist

12 KB
4 KB

36ms
10ms

Document
text/html

2a05:d014:275:cb02:b2b8:b4ca:8518:7335
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/checklists/saas-cto-security-checklist

Requested by

Host: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb02:b2b8:b4ca:8518:7335 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

a9cd06cf1752bf76145cb9837f61dcb8a4a78cababf9c7f6cb8feab3445326d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cto-security-checklist.sqreen.com/

Response headers

cache-control: public, max-age=0, must-revalidate
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
content-type: text/html; charset=UTF-8
date: Sat, 20 Nov 2021 20:39:03 GMT
etag: "82de447b1ec215b8c3bfc6783a83d42d-ssl-df"
referrer-policy: same-origin
strict-transport-security: max-age=31536000
content-encoding: br
x-nf-request-id: 01FN8FJRJGR75AX31002VV4R30
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
age: 300317
server: Netlify
x-protected-by: Sqreen
x-xss-protection: 1; mode=block
content-length: 3902

Redirect headers

cache-control: public, max-age=0, must-revalidate
content-length: 77
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
content-type: text/plain; charset=utf-8
date: Wed, 17 Nov 2021 20:41:57 GMT
referrer-policy: same-origin
location: https://www.sqreen.com/checklists/saas-cto-security-checklist
x-nf-request-id: 01FN8FJRH7BVT7P8MK6WH3ZSQ8
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: DENY
age: 559343
server: Netlify
x-protected-by: Sqreen

GET
H2 200 OtAutoBlock.js Show response
cookie-cdn.cookiepro.com/consent/e7d9c27a-b693-426e-aa99-1fd04dc1e4d3/ 7 KB
3 KB 45ms
26ms Script
application/x-javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/e7d9c27a-b693-426e-aa99-1fd04dc1e4d3/OtAutoBlock.js

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7e9b7dca729081f131815512d7dbc51a864a21dbed692b07d7e3e89c7505ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Nov 2021 08:04:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: 67KMMmb7GHTBTeD4SnKL1Q==
age: 28
x-ms-lease-status: unlocked
last-modified: Thu, 01 Apr 2021 13:28:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9bfe43e6-b01e-005a-1591-985eaa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6b31203d9ee54ee0-FRA

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 19 KB
7 KB 46ms
27ms Script
application/javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Nov 2021 08:04:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: OPcq+YIYFFKAyM1Ar0weOg==
age: 3145321
x-ms-lease-status: unlocked
last-modified: Thu, 07 Oct 2021 01:50:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e79150b9-401e-002c-406e-c4d4e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 6b31203d9ee84ee0-FRA
expires: Thu, 02 Dec 2021 08:04:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 448ms
61ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-64824410-1

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

e34bcdf6e7ff798741d904a8bf8ec7d5ae0f0f3047758ce34e3233f63de09614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 08:04:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36119
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Nov 2021 08:04:21 GMT

GET
H2 200 style.css
www.sqreen.com/css/ 35 KB
6 KB 9ms
9ms Stylesheet
text/css 2a05:d014:275:cb02:b2b8:b4ca:8518:7335
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/css/style.css

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb02:b2b8:b4ca:8518:7335 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

32c03bc3f702a03d035d55bebf9f5a857fc180dafe6f67bb335750fe00ef0273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sqreen.com/checklists/saas-cto-security-checklist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FN8FJRKFV4JNFB7CTA22V4XR
date: Wed, 17 Nov 2021 16:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 574460
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
strict-transport-security: max-age=31536000
content-length: 6121
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "bbfccab2549f591e6de6344016a27ac2-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 datadog-sqreen-logos.svg
d33wubrfki0l68.cloudfront.net/045052ebcc36c839ff5de011aa57e705c16d3c7f/1988d/assets/img/logos/ 20 KB
8 KB 55ms
10ms Image
image/svg+xml 143.204.101.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/045052ebcc36c839ff5de011aa57e705c16d3c7f/1988d/assets/img/logos/datadog-sqreen-logos.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-119.fra50.r.cloudfront.net
Software: Netlify /
Resource Hash: 6dd9c79744f06bc3490cf09ed9272748934d32ed86f892910cd1d500af90d87d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 7029b331-26eb-4efe-8c18-4ec5bf8d89a8-8902009
date: Mon, 12 Apr 2021 07:49:56 GMT
content-encoding: gzip
age: 19527265
x-cache: Hit from cloudfront
content-length: 8027
access-control-allow-origin: *
server: Netlify
etag: 1b11bc61a264632e562b49cffc0e6dc3c5c4e0a3-df
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Ty7yeckQYqv2WRl9XCmbbo6gEMZtFEZrRqwHAP7zBxUc4YRcmzM-9g==

GET
H2 200 cloudbees-logo.png
d33wubrfki0l68.cloudfront.net/82d4c4a5d032fd0e38beb1a8050085cc41ce034a/280e3/assets/img/customers/logos/ 7 KB
7 KB 55ms
11ms Image
image/png 143.204.101.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/82d4c4a5d032fd0e38beb1a8050085cc41ce034a/280e3/assets/img/customers/logos/cloudbees-logo.png
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-119.fra50.r.cloudfront.net
Software: Netlify /
Resource Hash: 89d7ea1fad6db5ff32524d51659e7949775f833e7ef667e3bc9d66966a7182a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 60314a98-1f05-45dd-abf4-e39372afc197-7012768
date: Mon, 12 Apr 2021 07:49:56 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server: Netlify
age: 19527265
etag: 8d89417703f7630048f7110aa8348e595cc304d3
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7028
x-amz-cf-id: BoICcnre5DtgSyOv_P4BOsKybEsVwtsH0FrWh8ZCkHMB6fIRetDlCQ==

GET
H2 200 goldbelly-logo.png
d33wubrfki0l68.cloudfront.net/2cc62221e6505d3220c9f5f1885c1cf1585abe68/f0459/assets/img/customers/logos/ 17 KB
17 KB 56ms
12ms Image
image/png 143.204.101.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/2cc62221e6505d3220c9f5f1885c1cf1585abe68/f0459/assets/img/customers/logos/goldbelly-logo.png
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-119.fra50.r.cloudfront.net
Software: Netlify /
Resource Hash: bb8747f16c987740bb6e4f5d856b95f483bf07419a2f73a1d26de2d68524bd68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FEAS2VZ9N7YV348MQJ7FFD20
date: Sun, 29 Aug 2021 01:43:52 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server: Netlify
age: 7539628
etag: 6673c44c17806ed2eb3d65740706e83dcc1bc0b0
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 17077
x-amz-cf-id: lUPMU8Q_iIBplEkHApushQ3yX40svP13x4pOx9EfkT1XhlU34D9-vQ==

GET
H2 200 natixis-logo.png
d33wubrfki0l68.cloudfront.net/931d1eb396cec5a78df44938c105f50d0709fe30/53cb0/assets/img/customers/logos/ 19 KB
19 KB 62ms
18ms Image
image/png 143.204.101.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/931d1eb396cec5a78df44938c105f50d0709fe30/53cb0/assets/img/customers/logos/natixis-logo.png
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-119.fra50.r.cloudfront.net
Software: Netlify /
Resource Hash: 902e5ef5268bd782cd77095d1477b3dbbb73d9cbb62cf250bd3a8a896496d999

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: d53a185d-6ad6-4538-bd87-81f0e6a8aacf-37775774
date: Thu, 18 Feb 2021 14:44:12 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server: Netlify
age: 24081608
etag: d040f15e72bf1e2b600c553b29fb351c723696d6
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19225
x-amz-cf-id: KSOHZFJf6AAsmB1RCNRMQeVZGxHP7leXZgu_RnxuS8x68dAs_2wQIQ==

GET
H2 200 ninjacat-logo.svg
d33wubrfki0l68.cloudfront.net/8e8cd32c9cd1fab231969b3d47c70cd1289cb4c9/408fe/assets/img/customers/logos/ 15 KB
6 KB 63ms
19ms Image
image/svg+xml 143.204.101.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/8e8cd32c9cd1fab231969b3d47c70cd1289cb4c9/408fe/assets/img/customers/logos/ninjacat-logo.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-119.fra50.r.cloudfront.net
Software: Netlify /
Resource Hash: 39c7c69b54a2a3d65c1bf2b8ff84b5318476fecb1c11115ca34b96dbfa240a39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FEAS2VYZ3BS3DNJ72G7JKE5W
date: Mon, 30 Aug 2021 05:39:02 GMT
content-encoding: gzip
server: Netlify
age: 7439119
etag: 3740955af50d915bd411c8ea40635cefb916a8e0-df
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: pBqQctRuK5LNdV4KdSG3P4_h-q9mI7UrVXRtrr6cOEq_P9VGEUQp5w==
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)

GET
H2 200 rippling-logo.svg
d33wubrfki0l68.cloudfront.net/74787f716ae1c0af10f2506e24052c82291619b6/cb034/assets/img/customers/logos/ 2 KB
1 KB 25ms
19ms Image
image/svg+xml 143.204.101.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/74787f716ae1c0af10f2506e24052c82291619b6/cb034/assets/img/customers/logos/rippling-logo.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-119.fra50.r.cloudfront.net
Software: Netlify /
Resource Hash: c44982f7fce9a9dcdf6b6199d877f078330e3a133d5ea3b6cae5a4a34795b321

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 22553cbc-9c45-4606-a45b-fa72c7b766d2-22736690
date: Tue, 06 Apr 2021 11:26:52 GMT
content-encoding: gzip
age: 20032648
x-cache: Hit from cloudfront
content-length: 1003
access-control-allow-origin: *
server: Netlify
etag: d76ccc1dc6fbe2363cb78f4dd84348e9819de3e8-df
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: oOYqBIBDfbiVG-tglFy1Rj_2xGASegx737YmO90SW3arorGvto012Q==

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 553ms
19ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
Origin: https://www.sqreen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 08:04:21 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1637741061.dop238.am5.t,1637741061.cds239.am5.hn,1637741061.cds203.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

POST
H2 200 f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
reports-api.sqreen.io/browser/v0/csp-violations/ 0
0 129ms
56ms Other
text/html 52.213.109.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.109.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-109-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

POST
H2 200 f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
reports-api.sqreen.io/browser/v0/csp-violations/ 0
0 104ms
79ms Other
text/html 52.213.109.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.109.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-109-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

POST
H2 200 f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
reports-api.sqreen.io/browser/v0/csp-violations/ 0
0 101ms
81ms Other
text/html 52.213.109.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
Requested by: Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.109.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-109-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 e7d9c27a-b693-426e-aa99-1fd04dc1e4d3.json Show response
cookie-cdn.cookiepro.com/consent/e7d9c27a-b693-426e-aa99-1fd04dc1e4d3/ 3 KB
2 KB 41ms
26ms XHR
application/x-javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/e7d9c27a-b693-426e-aa99-1fd04dc1e4d3/e7d9c27a-b693-426e-aa99-1fd04dc1e4d3.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77acdb3977ddae181ae320a2633b4b8925a4bc988b8491a75b054cb6a9adaf73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Nov 2021 08:04:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: bJ4GwqPSWvPwjCJbqXLqMw==
age: 26
x-ms-lease-status: unlocked
last-modified: Thu, 01 Apr 2021 13:28:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a405bdf4-301e-0009-3e14-8b7d9e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6b31203dea7d6901-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 433ms
48ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Code+Pro

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

99bac1fb8e90a22544f4be0e6e28ecc85deff1b902a0e362131ec253aa2e7be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 06:24:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 24 Nov 2021 08:04:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Nov 2021 08:04:21 GMT

POST
H2 200 f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
reports-api.sqreen.io/browser/v0/csp-violations/ 0
0 48ms
48ms Other
text/html 52.213.109.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
Requested by: Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.109.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-109-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 193 B
398 B 57ms
38ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 08:04:20 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b31203e5821c286-FRA

POST
H2 200 f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
reports-api.sqreen.io/browser/v0/csp-violations/ 0
0 45ms
45ms Other
text/html 52.213.109.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
Requested by: Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.109.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-109-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.16.0/ 374 KB
76 KB 41ms
41ms Script
application/javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Nov 2021 08:04:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: dGCXlveaBvO7BI0nfZKP+g==
age: 3145319
x-ms-lease-status: unlocked
last-modified: Tue, 30 Mar 2021 01:52:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4bd505e4-801e-00b5-146e-c4ab5f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 6b31203e98f34ee0-FRA
expires: Thu, 02 Dec 2021 08:04:20 GMT

POST
H2 429 f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
reports-api.sqreen.io/browser/v0/csp-violations/ 0
0 28ms
28ms Other
text/html 52.213.109.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
Requested by: Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.109.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-109-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/e7d9c27a-b693-426e-aa99-1fd04dc1e4d3/6d8f8ed2-49f6-4527-b52e-c709bff7bdd9/ 39 KB
9 KB 22ms
22ms Fetch
application/x-javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/e7d9c27a-b693-426e-aa99-1fd04dc1e4d3/6d8f8ed2-49f6-4527-b52e-c709bff7bdd9/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d4eb2369038a156502bbb52291e149e16853b950bdb65038d57cbe62f39267a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Nov 2021 08:04:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: LtfY0A+cXaek0V1+trPFSg==
age: 26
x-ms-lease-status: unlocked
last-modified: Thu, 01 Apr 2021 13:28:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bd246414-401e-0085-2dbc-371590000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6b31203efd106901-FRA

POST
H2 429 f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
reports-api.sqreen.io/browser/v0/csp-violations/ 0
0 28ms
28ms Other
text/html 52.213.109.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
Requested by: Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.109.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-109-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 otFloatingRoundedCorner.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.16.0/assets/ 10 KB
3 KB 38ms
37ms Fetch
application/json 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21818bca42a3202e4b46be64251ec2f3552487db68b8129a15c550c3943fa7a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Nov 2021 08:04:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: +qzcdQca4EjZqiNWotmnyQ==
age: 2269022
x-ms-lease-status: unlocked
last-modified: Tue, 30 Mar 2021 01:51:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 96928684-601e-0076-6066-ccb205000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 6b31203f2dce6901-FRA
expires: Thu, 02 Dec 2021 08:04:21 GMT

POST
H2 429 f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
reports-api.sqreen.io/browser/v0/csp-violations/ 0
0 28ms
28ms Other
text/html 52.213.109.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
Requested by: Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.109.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-109-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H2 200 otPcPanel.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.16.0/assets/v2/ 47 KB
12 KB 24ms
23ms Fetch
application/json 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/assets/v2/otPcPanel.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e65f44091d958bd6814ec918fd37cffaced53f8645db09447b8593d29bc3e1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 24 Nov 2021 08:04:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: HmR0GGwT5MYJ03Euoytx0g==
age: 3143822
x-ms-lease-status: unlocked
last-modified: Tue, 30 Mar 2021 01:51:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 64bac630-901e-0000-7d72-c4384d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 6b31203f3dd36901-FRA
expires: Thu, 02 Dec 2021 08:04:21 GMT

GET
H2 200 chevron.svg
www.sqreen.com/assets/img/icons/ 249 B
384 B 9ms
8ms Image
image/svg+xml 2a05:d014:275:cb02:b2b8:b4ca:8518:7335
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sqreen.com/assets/img/icons/chevron.svg

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb02:b2b8:b4ca:8518:7335 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ec4148c1382a92bcd73ba03bce486dc93e0d5aee315b91214bb9b855208b1efc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sqreen.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FN8FJS2Y3V0ZN54PFWEQFESF
date: Tue, 16 Nov 2021 02:47:19 GMT
x-content-type-options: nosniff
age: 710222
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
content-length: 249
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "82c48ae4e2d21340f344a21bd30bfc74-ssl"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 Moderat-Medium.woff2
www.sqreen.com/assets/fonts/ 42 KB
42 KB 69ms
69ms Font
font/woff2 2a05:d014:275:cb02:b2b8:b4ca:8518:7335
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/fonts/Moderat-Medium.woff2

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb02:b2b8:b4ca:8518:7335 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

3ba84ba04a8963559da5488d4bc05c347c6be5e3a093dc77efbb34619d0239b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sqreen.com/css/style.css
Origin: https://www.sqreen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FN8FJS30XXSWKSYGJGM5TDW7
date: Tue, 16 Nov 2021 01:47:21 GMT
x-content-type-options: nosniff
age: 713821
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
content-length: 43196
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "747c83e931bcbb8c6480a5767b176c84-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 Moderat-Bold.woff2
www.sqreen.com/assets/fonts/ 42 KB
42 KB 9ms
8ms Font
font/woff2 2a05:d014:275:cb02:b2b8:b4ca:8518:7335
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/fonts/Moderat-Bold.woff2

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb02:b2b8:b4ca:8518:7335 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

06d38da8ea4edf750c8fb4f749f5b71a6dba952fd924a55771c0ccc213339eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sqreen.com/css/style.css
Origin: https://www.sqreen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FN8FJS30XSPV9TTE91800SHJ
date: Tue, 16 Nov 2021 15:24:29 GMT
x-content-type-options: nosniff
age: 664792
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
content-length: 43060
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "ff76c808961fc122fa8e558e2035d21c-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 hinted-ProximaNova-Regular.woff2
www.sqreen.com/assets/fonts/ 64 KB
64 KB 21ms
21ms Font
font/woff2 2a05:d014:275:cb02:b2b8:b4ca:8518:7335
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/fonts/hinted-ProximaNova-Regular.woff2

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb02:b2b8:b4ca:8518:7335 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

d5c416aad5a93ec52210006b33c49fd56518f38daa131352ab96f70bfbbdd4df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sqreen.com/css/style.css
Origin: https://www.sqreen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FN8FJS30RPNWE4CAG2R5SSD8
date: Tue, 16 Nov 2021 02:47:19 GMT
x-content-type-options: nosniff
age: 710222
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
content-length: 65184
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "c8df151821952a33a0a32e63d4acc978-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 flow-map.png
d33wubrfki0l68.cloudfront.net/0ce6d8fbae98ad7a1c92be8e7646b3ac00f35a9a/6599c/assets/img/product/ 48 KB
48 KB 11ms
10ms Image
image/png 143.204.101.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/0ce6d8fbae98ad7a1c92be8e7646b3ac00f35a9a/6599c/assets/img/product/flow-map.png
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-119.fra50.r.cloudfront.net
Software: Netlify /
Resource Hash: 3103dde67a70e24e5f6ceb5610586ed67e9a88259518711ac030e2ad9d4b99ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FH4DD9N9GAWK8CGW39HAN8PC
date: Mon, 04 Oct 2021 01:06:39 GMT
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
server: Netlify
age: 4431462
etag: 40b5c81f8a6d313bcd6d27dee741c3b3b689382c
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 48900
x-amz-cf-id: TdlfQzLX2vomYzyZypnpaxFR12z7H6Oz-L3fshLTU9TkdAaZsiE4kg==

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 hinted-ProximaNova-Semibold.woff2
www.sqreen.com/assets/fonts/ 63 KB
63 KB 9ms
9ms Font
font/woff2 2a05:d014:275:cb02:b2b8:b4ca:8518:7335
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/fonts/hinted-ProximaNova-Semibold.woff2

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb02:b2b8:b4ca:8518:7335 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

f2822d60f9ebd42bf712d5417a8fc4d846afd7f26a3a6afb5838698deeaf2b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sqreen.com/css/style.css
Origin: https://www.sqreen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-nf-request-id: 01FN8FJS7MZEPAGVG004FP5M9S
date: Tue, 16 Nov 2021 12:16:35 GMT
x-content-type-options: nosniff
age: 676066
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
content-length: 64312
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "5dfe65fe41a7e13cdd1a732b0d60ce05-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/images/burger.svg

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/images/scsc-logo.svg

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/images/arrow-bottom.svg

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/images/sqreen-logo.svg

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/images/icon-twitter-white.svg

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/js/vendors/jquery-3.1.1.min.js

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/js/vendors/isotope.pkgd.min.js

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/js/main.js

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.sqreen.com/	1970-01-20 07:41:17	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Wed+Nov+24+2021+08%3A04%3A21+GMT%2B0000+(GMT)&version=6.16.0&hosts=&landingPath=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.sqreen.com/checklists/saas-cto-security-checklist Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.sqreen.com/checklists/saas-cto-security-checklist Message: [Report Only] Refused to load the script 'https://cookie-cdn.cookiepro.com/consent/e7d9c27a-b693-426e-aa99-1fd04dc1e4d3/OtAutoBlock.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://.ads-twitter.com http://.appcues.com http://.facebook.net http://.g.doubleclick.net http://.getdrip.com http://.google-analytics.com http://.googleadservices.com http://.googletagmanager.com http://.heapanalytics.com http://.hotjar.com http://.perfectaudience.com http://.prfct.co http://.segment.com http://.sqreen.io http://heapanalytics.com https://.ads-twitter.com https://.ads.linkedin.com https://.akamaihd.net https://.amazonaws.com https://.amplitude.com https://.appcues.com https://.b-cdn.net https://.bufferapp.com https://.cloudflare.com https://.cloudfront.net https://.facebook.net https://.fullstory.com https://.g.doubleclick.net https://.getdrip.com https://.google-analytics.com https://.googleadservices.com https://.googleapis.com https://.googletagmanager.com https://.headwayapp.co https://.heapanalytics.com https://.herokuapp.com https://.hotjar.com https://.intercom.io https://.intercomcdn.com https://.jquery.com https://.licdn.com https://.linkedin.com https://.marketo.net https://.perfectaudience.com https://.pinterest.com https://.prfct.co https://.recurly.com https://.reddit.com https://.redditstatic.com https://.segment.com https://.sqreen.com https://.sqreen.io https://.sumo.com https://.timekit.io https://.twitter.com https://.typeform.com https://.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://.hotjar.com wss://.hotjar.com wss://*.intercom.io". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://www.sqreen.com/checklists/saas-cto-security-checklist Message: [Report Only] Refused to load the script 'https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://.ads-twitter.com http://.appcues.com http://.facebook.net http://.g.doubleclick.net http://.getdrip.com http://.google-analytics.com http://.googleadservices.com http://.googletagmanager.com http://.heapanalytics.com http://.hotjar.com http://.perfectaudience.com http://.prfct.co http://.segment.com http://.sqreen.io http://heapanalytics.com https://.ads-twitter.com https://.ads.linkedin.com https://.akamaihd.net https://.amazonaws.com https://.amplitude.com https://.appcues.com https://.b-cdn.net https://.bufferapp.com https://.cloudflare.com https://.cloudfront.net https://.facebook.net https://.fullstory.com https://.g.doubleclick.net https://.getdrip.com https://.google-analytics.com https://.googleadservices.com https://.googleapis.com https://.googletagmanager.com https://.headwayapp.co https://.heapanalytics.com https://.herokuapp.com https://.hotjar.com https://.intercom.io https://.intercomcdn.com https://.jquery.com https://.licdn.com https://.linkedin.com https://.marketo.net https://.perfectaudience.com https://.pinterest.com https://.prfct.co https://.recurly.com https://.reddit.com https://.redditstatic.com https://.segment.com https://.sqreen.com https://.sqreen.io https://.sumo.com https://.timekit.io https://.twitter.com https://.typeform.com https://.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://.hotjar.com wss://.hotjar.com wss://*.intercom.io". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js Message: [Report Only] Refused to connect to 'https://cookie-cdn.cookiepro.com/consent/e7d9c27a-b693-426e-aa99-1fd04dc1e4d3/e7d9c27a-b693-426e-aa99-1fd04dc1e4d3.json' because it violates the following Content Security Policy directive: "connect-src 'self' http://.g.doubleclick.net http://.google-analytics.com http://.google.com http://.hotjar.com http://.prfct.co http://.sqreen.io http://heapanalytics.com https://.ads.linkedin.com https://.akamaihd.net https://.amplitude.com https://.cloudflare.com https://.contentful.com https://.delighted.com https://.facebook.com https://.fullstory.com https://.g.doubleclick.net https://.getsentry.com https://.githubusercontent.com https://.google-analytics.com https://.google.com https://.googleapis.com https://.herokuapp.com https://.hotjar.com https://.hotjar.com:12443 https://.intercom.io https://.intercomcdn.com https://.lever.co https://.linkedin.com https://.litix.io https://.mktoresp.com https://.prfct.co https://.recurly.com https://.reddit.com https://.segment.io https://.sqreen.com https://.sqreen.io https://.sumo.com https://.timekit.io https://.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://.hotjar.com wss://.appcues.net wss://.hotjar.com wss://.intercom.io".
security	error	URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js Message: [Report Only] Refused to load the script 'https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://.ads-twitter.com http://.appcues.com http://.facebook.net http://.g.doubleclick.net http://.getdrip.com http://.google-analytics.com http://.googleadservices.com http://.googletagmanager.com http://.heapanalytics.com http://.hotjar.com http://.perfectaudience.com http://.prfct.co http://.segment.com http://.sqreen.io http://heapanalytics.com https://.ads-twitter.com https://.ads.linkedin.com https://.akamaihd.net https://.amazonaws.com https://.amplitude.com https://.appcues.com https://.b-cdn.net https://.bufferapp.com https://.cloudflare.com https://.cloudfront.net https://.facebook.net https://.fullstory.com https://.g.doubleclick.net https://.getdrip.com https://.google-analytics.com https://.googleadservices.com https://.googleapis.com https://.googletagmanager.com https://.headwayapp.co https://.heapanalytics.com https://.herokuapp.com https://.hotjar.com https://.intercom.io https://.intercomcdn.com https://.jquery.com https://.licdn.com https://.linkedin.com https://.marketo.net https://.perfectaudience.com https://.pinterest.com https://.prfct.co https://.recurly.com https://.reddit.com https://.redditstatic.com https://.segment.com https://.sqreen.com https://.sqreen.io https://.sumo.com https://.timekit.io https://.twitter.com https://.typeform.com https://.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://.hotjar.com wss://.hotjar.com wss://*.intercom.io". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js Message: [Report Only] Refused to load the script 'https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://.ads-twitter.com http://.appcues.com http://.facebook.net http://.g.doubleclick.net http://.getdrip.com http://.google-analytics.com http://.googleadservices.com http://.googletagmanager.com http://.heapanalytics.com http://.hotjar.com http://.perfectaudience.com http://.prfct.co http://.segment.com http://.sqreen.io http://heapanalytics.com https://.ads-twitter.com https://.ads.linkedin.com https://.akamaihd.net https://.amazonaws.com https://.amplitude.com https://.appcues.com https://.b-cdn.net https://.bufferapp.com https://.cloudflare.com https://.cloudfront.net https://.facebook.net https://.fullstory.com https://.g.doubleclick.net https://.getdrip.com https://.google-analytics.com https://.googleadservices.com https://.googleapis.com https://.googletagmanager.com https://.headwayapp.co https://.heapanalytics.com https://.herokuapp.com https://.hotjar.com https://.intercom.io https://.intercomcdn.com https://.jquery.com https://.licdn.com https://.linkedin.com https://.marketo.net https://.perfectaudience.com https://.pinterest.com https://.prfct.co https://.recurly.com https://.reddit.com https://.redditstatic.com https://.segment.com https://.sqreen.com https://.sqreen.io https://.sumo.com https://.timekit.io https://.twitter.com https://.typeform.com https://.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://.hotjar.com wss://.hotjar.com wss://*.intercom.io". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js(Line 6) Message: [Report Only] Refused to connect to 'https://cookie-cdn.cookiepro.com/consent/e7d9c27a-b693-426e-aa99-1fd04dc1e4d3/6d8f8ed2-49f6-4527-b52e-c709bff7bdd9/en.json' because it violates the following Content Security Policy directive: "connect-src 'self' http://.g.doubleclick.net http://.google-analytics.com http://.google.com http://.hotjar.com http://.prfct.co http://.sqreen.io http://heapanalytics.com https://.ads.linkedin.com https://.akamaihd.net https://.amplitude.com https://.cloudflare.com https://.contentful.com https://.delighted.com https://.facebook.com https://.fullstory.com https://.g.doubleclick.net https://.getsentry.com https://.githubusercontent.com https://.google-analytics.com https://.google.com https://.googleapis.com https://.herokuapp.com https://.hotjar.com https://.hotjar.com:12443 https://.intercom.io https://.intercomcdn.com https://.lever.co https://.linkedin.com https://.litix.io https://.mktoresp.com https://.prfct.co https://.recurly.com https://.reddit.com https://.segment.io https://.sqreen.com https://.sqreen.io https://.sumo.com https://.timekit.io https://.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://.hotjar.com wss://.appcues.net wss://.hotjar.com wss://.intercom.io".
security	error	URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js(Line 6) Message: [Report Only] Refused to connect to 'https://cookie-cdn.cookiepro.com/consent/e7d9c27a-b693-426e-aa99-1fd04dc1e4d3/6d8f8ed2-49f6-4527-b52e-c709bff7bdd9/en.json' because it violates the following Content Security Policy directive: "connect-src 'self' http://.g.doubleclick.net http://.google-analytics.com http://.google.com http://.hotjar.com http://.prfct.co http://.sqreen.io http://heapanalytics.com https://.ads.linkedin.com https://.akamaihd.net https://.amplitude.com https://.cloudflare.com https://.contentful.com https://.delighted.com https://.facebook.com https://.fullstory.com https://.g.doubleclick.net https://.getsentry.com https://.githubusercontent.com https://.google-analytics.com https://.google.com https://.googleapis.com https://.herokuapp.com https://.hotjar.com https://.hotjar.com:12443 https://.intercom.io https://.intercomcdn.com https://.lever.co https://.linkedin.com https://.litix.io https://.mktoresp.com https://.prfct.co https://.recurly.com https://.reddit.com https://.segment.io https://.sqreen.com https://.sqreen.io https://.sumo.com https://.timekit.io https://.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://.hotjar.com wss://.appcues.net wss://.hotjar.com wss://.intercom.io".
security	error	URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js(Line 6) Message: [Report Only] Refused to connect to 'https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/assets/otFloatingRoundedCorner.json' because it violates the following Content Security Policy directive: "connect-src 'self' http://.g.doubleclick.net http://.google-analytics.com http://.google.com http://.hotjar.com http://.prfct.co http://.sqreen.io http://heapanalytics.com https://.ads.linkedin.com https://.akamaihd.net https://.amplitude.com https://.cloudflare.com https://.contentful.com https://.delighted.com https://.facebook.com https://.fullstory.com https://.g.doubleclick.net https://.getsentry.com https://.githubusercontent.com https://.google-analytics.com https://.google.com https://.googleapis.com https://.herokuapp.com https://.hotjar.com https://.hotjar.com:12443 https://.intercom.io https://.intercomcdn.com https://.lever.co https://.linkedin.com https://.litix.io https://.mktoresp.com https://.prfct.co https://.recurly.com https://.reddit.com https://.segment.io https://.sqreen.com https://.sqreen.io https://.sumo.com https://.timekit.io https://.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://.hotjar.com wss://.appcues.net wss://.hotjar.com wss://.intercom.io".
security	error	URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js(Line 6) Message: [Report Only] Refused to connect to 'https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/assets/otFloatingRoundedCorner.json' because it violates the following Content Security Policy directive: "connect-src 'self' http://.g.doubleclick.net http://.google-analytics.com http://.google.com http://.hotjar.com http://.prfct.co http://.sqreen.io http://heapanalytics.com https://.ads.linkedin.com https://.akamaihd.net https://.amplitude.com https://.cloudflare.com https://.contentful.com https://.delighted.com https://.facebook.com https://.fullstory.com https://.g.doubleclick.net https://.getsentry.com https://.githubusercontent.com https://.google-analytics.com https://.google.com https://.googleapis.com https://.herokuapp.com https://.hotjar.com https://.hotjar.com:12443 https://.intercom.io https://.intercomcdn.com https://.lever.co https://.linkedin.com https://.litix.io https://.mktoresp.com https://.prfct.co https://.recurly.com https://.reddit.com https://.segment.io https://.sqreen.com https://.sqreen.io https://.sumo.com https://.timekit.io https://.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://.hotjar.com wss://.appcues.net wss://.hotjar.com wss://.intercom.io".
security	error	URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js(Line 6) Message: [Report Only] Refused to connect to 'https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/assets/v2/otPcPanel.json' because it violates the following Content Security Policy directive: "connect-src 'self' http://.g.doubleclick.net http://.google-analytics.com http://.google.com http://.hotjar.com http://.prfct.co http://.sqreen.io http://heapanalytics.com https://.ads.linkedin.com https://.akamaihd.net https://.amplitude.com https://.cloudflare.com https://.contentful.com https://.delighted.com https://.facebook.com https://.fullstory.com https://.g.doubleclick.net https://.getsentry.com https://.githubusercontent.com https://.google-analytics.com https://.google.com https://.googleapis.com https://.herokuapp.com https://.hotjar.com https://.hotjar.com:12443 https://.intercom.io https://.intercomcdn.com https://.lever.co https://.linkedin.com https://.litix.io https://.mktoresp.com https://.prfct.co https://.recurly.com https://.reddit.com https://.segment.io https://.sqreen.com https://.sqreen.io https://.sumo.com https://.timekit.io https://.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://.hotjar.com wss://.appcues.net wss://.hotjar.com wss://.intercom.io".
security	error	URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/otBannerSdk.js(Line 6) Message: [Report Only] Refused to connect to 'https://cookie-cdn.cookiepro.com/scripttemplates/6.16.0/assets/v2/otPcPanel.json' because it violates the following Content Security Policy directive: "connect-src 'self' http://.g.doubleclick.net http://.google-analytics.com http://.google.com http://.hotjar.com http://.prfct.co http://.sqreen.io http://heapanalytics.com https://.ads.linkedin.com https://.akamaihd.net https://.amplitude.com https://.cloudflare.com https://.contentful.com https://.delighted.com https://.facebook.com https://.fullstory.com https://.g.doubleclick.net https://.getsentry.com https://.githubusercontent.com https://.google-analytics.com https://.google.com https://.googleapis.com https://.herokuapp.com https://.hotjar.com https://.hotjar.com:12443 https://.intercom.io https://.intercomcdn.com https://.lever.co https://.linkedin.com https://.litix.io https://.mktoresp.com https://.prfct.co https://.recurly.com https://.reddit.com https://.segment.io https://.sqreen.com https://.sqreen.io https://.sumo.com https://.timekit.io https://.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://.hotjar.com wss://.appcues.net wss://.hotjar.com wss://.intercom.io".
network	error	URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4 Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4 Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
cookie-cdn.cookiepro.com
cto-security-checklist.sqreen.com
d33wubrfki0l68.cloudfront.net
fonts.googleapis.com
geolocation.onetrust.com
reports-api.sqreen.io
www.googletagmanager.com
www.sqreen.com
www.sqreen.io
cto-security-checklist.sqreen.com
142.250.186.136
142.250.186.170
143.204.101.119
2001:4de0:ac18::1:a:3a
2600:9000:2156:0:4:2d4c:7b00:93a1
2606:4700:10::6814:b944
2606:4700::6812:678
2a05:d014:275:cb02:b2b8:b4ca:8518:7335
52.213.109.134
06d38da8ea4edf750c8fb4f749f5b71a6dba952fd924a55771c0ccc213339eab
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
21818bca42a3202e4b46be64251ec2f3552487db68b8129a15c550c3943fa7a5
3103dde67a70e24e5f6ceb5610586ed67e9a88259518711ac030e2ad9d4b99ff
32c03bc3f702a03d035d55bebf9f5a857fc180dafe6f67bb335750fe00ef0273
353bcd41d11cc5a2bcb6763c269e41ac785c06ace29ac10053bb7c0fa3bf1ecf
39c7c69b54a2a3d65c1bf2b8ff84b5318476fecb1c11115ca34b96dbfa240a39
3ba84ba04a8963559da5488d4bc05c347c6be5e3a093dc77efbb34619d0239b0
6dd9c79744f06bc3490cf09ed9272748934d32ed86f892910cd1d500af90d87d
77acdb3977ddae181ae320a2633b4b8925a4bc988b8491a75b054cb6a9adaf73
89d7ea1fad6db5ff32524d51659e7949775f833e7ef667e3bc9d66966a7182a0
8d4eb2369038a156502bbb52291e149e16853b950bdb65038d57cbe62f39267a
902e5ef5268bd782cd77095d1477b3dbbb73d9cbb62cf250bd3a8a896496d999
99bac1fb8e90a22544f4be0e6e28ecc85deff1b902a0e362131ec253aa2e7be0
a9cd06cf1752bf76145cb9837f61dcb8a4a78cababf9c7f6cb8feab3445326d3
bb8747f16c987740bb6e4f5d856b95f483bf07419a2f73a1d26de2d68524bd68
c44982f7fce9a9dcdf6b6199d877f078330e3a133d5ea3b6cae5a4a34795b321
c65d5f03bb2e19294396faa0b9c630a79b33c961b6773cde5d0e8c9ad7e4daea
d5c416aad5a93ec52210006b33c49fd56518f38daa131352ab96f70bfbbdd4df
d7e9b7dca729081f131815512d7dbc51a864a21dbed692b07d7e3e89c7505ac2
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
e34bcdf6e7ff798741d904a8bf8ec7d5ae0f0f3047758ce34e3233f63de09614
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65f44091d958bd6814ec918fd37cffaced53f8645db09447b8593d29bc3e1a5
ec4148c1382a92bcd73ba03bce486dc93e0d5aee315b91214bb9b855208b1efc
f2822d60f9ebd42bf712d5417a8fc4d846afd7f26a3a6afb5838698deeaf2b2a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.sqreen.com Open in urlscan Pro 2a05:d014:275:cb02:b2b8:b4ca:8518:7335 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

44 Requests

82 %HTTPS

56 %IPv6

8 Domains

10 Subdomains

10 IPs

4 Countries

528 kBTransfer

1169 kBSize

1 Cookies

7 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sqreen.com Open in urlscan Pro
2a05:d014:275:cb02:b2b8:b4ca:8518:7335 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

82 %
HTTPS

56 %
IPv6

8
Domains

10
Subdomains

10
IPs

4
Countries

528 kB
Transfer

1169 kB
Size

1
Cookies

44 HTTP transactions
1 data transactions