www.spendesk.com Open in urlscan Pro
52.210.79.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://control.kyb.spendesk.dev/
Effective URL:
https://www.spendesk.com/app?referer=kyb
Submission: On May 15 via automatic, source certstream-suspicious (May 15th 2021, 3:40:27 pm UTC)

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 32 HTTP transactions. The main IP is 52.210.79.254, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.spendesk.com.
TLS certificate: Issued by Amazon on August 24th 2020. Valid for: a year.

This is the only time www.spendesk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.30.106.56 52.30.106.56	16509 (AMAZON-02) (AMAZON-02)
7	13.32.6.119 13.32.6.119	16509 (AMAZON-02) (AMAZON-02)
4	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
19	52.210.79.254 52.210.79.254	16509 (AMAZON-02) (AMAZON-02)
32	4

1 52.30.106.56 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-106-56.eu-west-1.compute.amazonaws.com

control.kyb.spendesk.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.6.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-6-119.vie50.r.cloudfront.net

app-kyb--control.release.linc-preview.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o491652.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.210.79.254 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

www.spendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	spendesk.com www.spendesk.com	3 MB
7	linc-preview.sh app-kyb--control.release.linc-preview.sh	307 KB
4	sentry.io o491652.ingest.sentry.io	594 B
1	spendesk.dev 1 redirects control.kyb.spendesk.dev	136 B
32	4

	Domain	Requested by
19	www.spendesk.com	app-kyb--control.release.linc-preview.sh www.spendesk.com
7	app-kyb--control.release.linc-preview.sh	app-kyb--control.release.linc-preview.sh
4	o491652.ingest.sentry.io	app-kyb--control.release.linc-preview.sh www.spendesk.com
1	control.kyb.spendesk.dev	1 redirects
32	4

This site contains no links.

Subject Issuer	Validity	Valid
*.linc-preview.sh Amazon	`2020-12-20` - `2022-01-18`	a year	crt.sh
*.ingest.sentry.io R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh
www.spendesk.com Amazon	`2020-08-24` - `2021-09-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.spendesk.com/app?referer=kyb
Frame ID: DC4DE4DD1FA29ACD3ACCAFA2A1D5AA5E
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://control.kyb.spendesk.dev/ HTTP 302
https://app-kyb--control.release.linc-preview.sh/ Page URL
https://www.spendesk.com/app?referer=kyb Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

32
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2898 kB
Transfer

12397 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://control.kyb.spendesk.dev/ HTTP 302
https://app-kyb--control.release.linc-preview.sh/ Page URL
https://www.spendesk.com/app?referer=kyb Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://control.kyb.spendesk.dev/ HTTP 302
https://app-kyb--control.release.linc-preview.sh/

32 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
app-kyb--control.release.linc-preview.sh/
Redirect Chain

https://control.kyb.spendesk.dev/
https://app-kyb--control.release.linc-preview.sh/

1 KB
1 KB

1039ms
944ms

Document
text/html

13.32.6.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-kyb--control.release.linc-preview.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.6.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-6-119.vie50.r.cloudfront.net
Software: /
Resource Hash: c94326af4929de6d5302c3779e163207cdc627707c2252775b73cac1d2173b20

Request headers

:method: GET
:authority: app-kyb--control.release.linc-preview.sh
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sat, 15 May 2021 15:40:06 GMT
x-linc-bundle-id: 278a54bb2175e843611fd4499a5545a0
x-robots-tag: noindex
set-cookie: linc_guid=8a72ee79-b222-4886-8f9f-dbbac5c05f85; Max-Age=63072000; Domain=linc-preview.sh; HttpOnly; Secure
etag: W/"4c4-On6sUqYFvzowaCewh7TA8InzCog"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a64e3ccdb085056758f4ef32e887b5dd.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: anObsKO9uSq9nAoLoM3q0RCqJHA_vDQSk1qOn3AhHn4Lnm_8UGjZxQ==

Redirect headers

date: Sat, 15 May 2021 15:40:05 GMT
content-type: text/html
content-length: 138
location: https://app-kyb--control.release.linc-preview.sh/
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 config.js Show response
app-kyb--control.release.linc-preview.sh/ 271 B
638 B 984ms
981ms Script
application/javascript 13.32.6.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-kyb--control.release.linc-preview.sh/config.js
Requested by: Host: app-kyb--control.release.linc-preview.sh
URL: https://app-kyb--control.release.linc-preview.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.6.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-6-119.vie50.r.cloudfront.net
Software: /
Resource Hash: 7b33cc0436ef2d753042de55087ea6bd827d1cb31c6f5151d5f2b107253c5c37

Request headers

:path: /config.js
pragma: no-cache
cookie: linc_guid=8a72ee79-b222-4886-8f9f-dbbac5c05f85
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app-kyb--control.release.linc-preview.sh
referer: https://app-kyb--control.release.linc-preview.sh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app-kyb--control.release.linc-preview.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:07 GMT
via: 1.1 a64e3ccdb085056758f4ef32e887b5dd.cloudfront.net (CloudFront)
x-linc-bundle-id: 278a54bb2175e843611fd4499a5545a0
x-amz-cf-pop: VIE50-C2
etag: W/"10f-yvRl+a0hw4G06kgart2jTIpav4I"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-robots-tag: noindex
content-length: 271
x-amz-cf-id: -9Eh5DJqE1T-K-xhQreSsWtJlhCyy4JeguD5qFPEhXPt-GfFbpCX7g==

GET
H2 200 segment.js Show response
app-kyb--control.release.linc-preview.sh/static/js/ 1 KB
982 B 962ms
959ms Script
application/javascript 13.32.6.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-kyb--control.release.linc-preview.sh/static/js/segment.js
Requested by: Host: app-kyb--control.release.linc-preview.sh
URL: https://app-kyb--control.release.linc-preview.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.6.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-6-119.vie50.r.cloudfront.net
Software: /
Resource Hash: e78a19f6cce7ba2a5ad2c67d1d70211c78d6a59d429c9a0a05843424a8f67f90

Request headers

:path: /static/js/segment.js
pragma: no-cache
cookie: linc_guid=8a72ee79-b222-4886-8f9f-dbbac5c05f85
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app-kyb--control.release.linc-preview.sh
referer: https://app-kyb--control.release.linc-preview.sh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app-kyb--control.release.linc-preview.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:07 GMT
content-encoding: gzip
x-linc-bundle-id: 278a54bb2175e843611fd4499a5545a0
x-amz-cf-pop: VIE50-C2
etag: W/"59a-EEztkPGrC94f9cRyzaPN7OyIU0w"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a64e3ccdb085056758f4ef32e887b5dd.cloudfront.net (CloudFront)
cache-control: no-cache
x-robots-tag: noindex
x-amz-cf-id: qbvWavUzwXFYe8l9ovqNafhiG_wB6MFGbrHQwZsvQ3vyeXuamCAvVA==

GET
H2 200 main.14e04048.chunk.css
app-kyb--control.release.linc-preview.sh/static/css/ 7 KB
3 KB 945ms
942ms Stylesheet
text/css 13.32.6.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-kyb--control.release.linc-preview.sh/static/css/main.14e04048.chunk.css
Requested by: Host: app-kyb--control.release.linc-preview.sh
URL: https://app-kyb--control.release.linc-preview.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.6.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-6-119.vie50.r.cloudfront.net
Software: /
Resource Hash: fd3af864e7eeeac315f407ad29fa9c2afe90ba36c6665dbec356ad9ed35b7314

Request headers

:path: /static/css/main.14e04048.chunk.css
pragma: no-cache
cookie: linc_guid=8a72ee79-b222-4886-8f9f-dbbac5c05f85
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: app-kyb--control.release.linc-preview.sh
referer: https://app-kyb--control.release.linc-preview.sh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app-kyb--control.release.linc-preview.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:07 GMT
content-encoding: gzip
x-linc-bundle-id: 278a54bb2175e843611fd4499a5545a0
x-amz-cf-pop: VIE50-C2
etag: W/"1cb9-0unICxp9aMO+qaPGcCHZsk/sNWg"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css; charset=utf-8
via: 1.1 a64e3ccdb085056758f4ef32e887b5dd.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-robots-tag: noindex
x-amz-cf-id: dKMSHxOwuWwoAwuu2VZGzpKzHidlTn6tOglTjOR74Bsf99TO2kNfoQ==

GET
H2 200 runtime-main.14d338a5.js Show response
app-kyb--control.release.linc-preview.sh/static/js/ 2 KB
1 KB 994ms
991ms Script
application/javascript 13.32.6.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-kyb--control.release.linc-preview.sh/static/js/runtime-main.14d338a5.js
Requested by: Host: app-kyb--control.release.linc-preview.sh
URL: https://app-kyb--control.release.linc-preview.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.6.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-6-119.vie50.r.cloudfront.net
Software: /
Resource Hash: 8e886f2e720d1d494cdae19f283d471164f7599860f3994c8b380b3fd7b50752

Request headers

:path: /static/js/runtime-main.14d338a5.js
pragma: no-cache
cookie: linc_guid=8a72ee79-b222-4886-8f9f-dbbac5c05f85
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app-kyb--control.release.linc-preview.sh
referer: https://app-kyb--control.release.linc-preview.sh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app-kyb--control.release.linc-preview.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:07 GMT
content-encoding: gzip
x-linc-bundle-id: 278a54bb2175e843611fd4499a5545a0
x-amz-cf-pop: VIE50-C2
etag: W/"619-WjKHnSMCmssNgAecP7zu3IqzW6Y"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 a64e3ccdb085056758f4ef32e887b5dd.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000, immutable
x-robots-tag: noindex
x-amz-cf-id: 4wGl4O7ngbeDSQe5im68cJwncGuOOr5KfOE54r1DLruPcvg8nF0QPw==

GET
H2 200 2.2e0522f6.chunk.js Show response
app-kyb--control.release.linc-preview.sh/static/js/ 1 MB
291 KB 1864ms
1862ms Script
application/javascript 13.32.6.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-kyb--control.release.linc-preview.sh/static/js/2.2e0522f6.chunk.js
Requested by: Host: app-kyb--control.release.linc-preview.sh
URL: https://app-kyb--control.release.linc-preview.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.6.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-6-119.vie50.r.cloudfront.net
Software: cloudflare /
Resource Hash: 91ebd1f4fd370002155ded59476dae1bdab41c61def7bc9d2ad27e7cedf7fdba

Request headers

:path: /static/js/2.2e0522f6.chunk.js
pragma: no-cache
cookie: linc_guid=8a72ee79-b222-4886-8f9f-dbbac5c05f85
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app-kyb--control.release.linc-preview.sh
referer: https://app-kyb--control.release.linc-preview.sh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app-kyb--control.release.linc-preview.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:08 GMT
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront), 1.1 a64e3ccdb085056758f4ef32e887b5dd.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: OSL50-C1 VIE50-C2
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
last-modified: Fri, 23 Apr 2021 14:13:13 GMT
content-encoding: gzip
cf-request-id: 0a1248644d00001bfe2595f000000001
x-robots-tag: noindex
x-linc-bundle-id: 278a54bb2175e843611fd4499a5545a0
server: cloudflare
etag: W/"bbd03d3661b8792d0b428a1815936823"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=55AVxvbKErDVubdQ7832kLKbg01LIK6wD5GxC%2FZXk%2B6Zn%2FRmkvPPOf7EPyAJTDOKO12DIoiuxGW8rwFqrL6%2BaMojw2umG2Xp72tDht5wLRk84QFF7VE%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: F7PYT8zuQm238uxS7I52yJJdaXgrBDJd
cache-control: public, max-age=31536000, immutable
cf-ray: 64fd76807a5f1bfe-OSL
x-amz-cf-id: yy18pbVMiU1zI-5B5PKKGct1pU5hHmOL7tViidoux9-VO5_oZZTkDQ==

GET
H2 200 main.179f5821.chunk.js Show response
app-kyb--control.release.linc-preview.sh/static/js/ 26 KB
10 KB 1086ms
1084ms Script
application/javascript 13.32.6.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-kyb--control.release.linc-preview.sh/static/js/main.179f5821.chunk.js
Requested by: Host: app-kyb--control.release.linc-preview.sh
URL: https://app-kyb--control.release.linc-preview.sh/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.6.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-6-119.vie50.r.cloudfront.net
Software: cloudflare /
Resource Hash: 9edf53631b554dc042406a97a374cdf1e91a550b26cc3c5c678d3008042b71ce

Request headers

:path: /static/js/main.179f5821.chunk.js
pragma: no-cache
cookie: linc_guid=8a72ee79-b222-4886-8f9f-dbbac5c05f85
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: app-kyb--control.release.linc-preview.sh
referer: https://app-kyb--control.release.linc-preview.sh/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://app-kyb--control.release.linc-preview.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:07 GMT
via: 1.1 2a0b2de39bbda8e631dd7bce49626470.cloudfront.net (CloudFront), 1.1 a64e3ccdb085056758f4ef32e887b5dd.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 546690
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
last-modified: Fri, 23 Apr 2021 11:40:54 GMT
content-encoding: gzip
cf-request-id: 0a124864a90000424486966000000001
x-robots-tag: noindex
x-linc-bundle-id: 278a54bb2175e843611fd4499a5545a0
server: cloudflare
etag: W/"1b5d0aeeb5fde719c24b5860265597ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LVOrYwp5nUuDsmpOhrCxy06YTFFNYgo5%2BJnfqRSbe2EcRaGbCR3wiOhqNMYRBV6N2F4ylZdLkJOB0hnxdzagowWMb0N8cY9el95O%2Fuw2t%2B8i4wGtw7g%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: tKI2BqyDLhk_52srCE53WJSgEqAT7gEI
cache-control: public, max-age=31536000, immutable
x-amz-cf-pop: LHR62-C2 VIE50-C2
cf-ray: 64fd768109964244-LHR
x-amz-cf-id: RUQLWRmHaYcAwRZ1Q5_KABW_xL5_-lfLBtaeFSgDuXriYPlvHOa73w==

POST
H2 200 /
o491652.ingest.sentry.io/api/5641184/envelope/ 2 B
263 B 129ms
30ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o491652.ingest.sentry.io/api/5641184/envelope/?sentry_key=cad75a657e4144a6ae2ba85c014db600&sentry_version=7

Requested by

Host: app-kyb--control.release.linc-preview.sh
URL: https://app-kyb--control.release.linc-preview.sh/static/js/2.2e0522f6.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app-kyb--control.release.linc-preview.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 May 2021 15:40:08 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://app-kyb--control.release.linc-preview.sh
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

GET
H2 200 Primary Request app Show response
www.spendesk.com/ 2 KB
3 KB 332ms
214ms Document
text/html 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/app?referer=kyb

Requested by

Host: app-kyb--control.release.linc-preview.sh
URL: https://app-kyb--control.release.linc-preview.sh/static/js/main.179f5821.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9e1cb9889c0f8448e31eb6d83501a26dab4a26efb44d6ae505667c0db82e9aee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:method: GET
:authority: www.spendesk.com
:scheme: https
:path: /app?referer=kyb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://app-kyb--control.release.linc-preview.sh/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://app-kyb--control.release.linc-preview.sh/

Response headers

date: Sat, 15 May 2021 15:40:08 GMT
content-type: text/html; charset=utf-8
server: nginx
cf-ray: 64fd7689ed4afa9c-AMS
age: 704410
cache-control: no-cache
last-modified: Fri, 07 May 2021 09:28:32 GMT
vary: Accept-Encoding
via: 1.1 559401aa49f4b835c1816ad004278e3e.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
cf-request-id: 0a12486a2e0000fa9cfaab6000000001
x-amz-cf-id: wl1rkyp-2umRVpvw6qlNeUX0acKeaAuGJNgZ0v8onTD20vC8HC0pIg==
x-amz-cf-pop: AMS50-C1
x-amz-version-id: gOMT1GAqVav9H7EdZnckeFmr34PDCCsu
x-cache: Hit from cloudfront
x-frame-options: sameorigin
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
x-dns-prefetch-control: off
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;

GET en.json
app-kyb--control.release.linc-preview.sh/static/lang/en/ 0
0

GET
H2 200 config.js Show response
www.spendesk.com/ 2 KB
3 KB 428ms
127ms Script
application/javascript 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/config.js

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/app?referer=kyb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

bc63871856f49f584c02b728553d7c7b00b08ca95034106ca21f1246f6e4a94e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:path: /config.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:09 GMT
content-encoding: br
x-content-type-options: nosniff
x-dns-prefetch-control: off
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a12486c340000012a58a55000000001
referrer-policy: origin-when-cross-origin
server: nginx
x-frame-options: sameorigin
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: no-cache
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
cf-ray: 64fd768d1bf6012a-AMS
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;

GET
H2 200 segment.js Show response
www.spendesk.com/static/js/ 1 KB
3 KB 458ms
157ms Script
application/javascript 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/static/js/segment.js

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/app?referer=kyb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6f49ce8bc093f5f68a727ffac43076749071adf15e08b694b7a9297063a648e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:path: /static/js/segment.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:09 GMT
via: 1.1 630336d6cdf08cf266841fd503dc03d0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1400134
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a12486c3900000b43e22cf000000001
cf-ray: 64fd768d2c830b43-AMS
referrer-policy: origin-when-cross-origin
last-modified: Tue, 27 Apr 2021 14:02:19 GMT
server: nginx
x-frame-options: sameorigin
etag: W/"b4b4e0191958da4bbfa0a86bda711367"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: Kee59d8mhteKEoVExLlD5ljZSUM_wgIn
vary: Accept-Encoding
cache-control: no-cache
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: AMS54-C1
content-type: application/javascript; charset=utf-8
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
x-amz-cf-id: HxzCPdAzWYF7GrakO4rCDLN4LR7efTef4hT46ikLsRcAFvzVyGwlVA==

GET
H2 200 app.557e7dad.chunk.css
www.spendesk.com/static/css/ 919 KB
140 KB 462ms
162ms Stylesheet
text/css 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/static/css/app.557e7dad.chunk.css

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/app?referer=kyb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1e81811ee0c899bb2f48b80f9d16921d8a2044c329fdfb3f054a81519eb5edc9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /static/css/app.557e7dad.chunk.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:09 GMT
via: 1.1 49b63bcd8e98358b5820f18285c2b4d5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 787122
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a12486c4100009c334207f000000001
cf-ray: 64fd768d3c1b9c33-AMS
referrer-policy: origin-when-cross-origin
last-modified: Thu, 06 May 2021 12:43:37 GMT
server: nginx
etag: W/"510d35dc7cb48031bf845c7d264d4fff"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: 3YSuZ.tWFS6USR4x2Tk5tWmGkAXSChlD
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: FCO50-C1
content-type: text/css
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
x-amz-cf-id: iEqu1UkqsRRGhenuW8tkRpXWpW09BnC6BMxFg9AheL9UZtiK5l1oAQ==

GET
H2 200 logo-loading.gif
www.spendesk.com/static/img/ 128 KB
130 KB 453ms
152ms Image
image/gif 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.spendesk.com/static/img/logo-loading.gif

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/app?referer=kyb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ee605f53b63b1312cbfcab4cfbe20c1b5c62eaf29f26928f16ec6af40d54bde6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:path: /static/img/logo-loading.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:09 GMT
via: 1.1 ba140d1feaa494b27e3ecd7fb6c940a2.cloudfront.net (CloudFront)
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
cf-cache-status: HIT
age: 1400123
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130586
cf-request-id: 0a12486e08000000d164047000000001
cf-ray: 64fd76900c8b00d1-AMS
referrer-policy: origin-when-cross-origin
last-modified: Tue, 27 Apr 2021 14:02:19 GMT
server: nginx
x-frame-options: sameorigin
etag: "dcd4d19677cb6a4727c224d15a27c4d7"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
vary: Accept-Encoding
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: b4FgIAZ5Gz1r3F_89Iia4e22R1fEmom7
cache-control: no-cache
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: X2y5v0F_5p7c3vXG_P-f_qa9ut0y9AbPHN22ViwllC8G4jNpRfasTA==
x-content-type-options: nosniff

GET
H2 200 runtime-app.js Show response
www.spendesk.com/static/js/ 2 KB
3 KB 465ms
163ms Script
application/javascript 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/static/js/runtime-app.js

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/app?referer=kyb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

91d67435e3c28c0dac20cee2bd20d94b03915d88245e825c7029796de3fb5316

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:path: /static/js/runtime-app.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:09 GMT
via: 1.1 4cc2a0a7eb7d5483edc69be298297f9e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1400114
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a12486e1000000b67c1988000000001
cf-ray: 64fd76901ce10b67-AMS
referrer-policy: origin-when-cross-origin
last-modified: Tue, 27 Apr 2021 14:02:19 GMT
server: nginx
x-frame-options: sameorigin
etag: W/"970d4ccd30243538638225d25c9b4930"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: d3kYTC4gP4CmXFw4ZOZ6j4G1FDag0XFP
vary: Accept-Encoding
cache-control: no-cache
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: AMS54-C1
content-type: application/javascript; charset=utf-8
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
x-amz-cf-id: vku2tZAZRDfxR-O1J2Ta4D7uxLiLOvBl-U6a4ahgbypCC-SnymPwOg==

GET
H2 200 0.44bc613a.chunk.js Show response
www.spendesk.com/static/js/ 296 KB
95 KB 499ms
197ms Script
application/javascript 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/static/js/0.44bc613a.chunk.js

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/app?referer=kyb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ea509d67d9ce75feff7061beaab73b5c2fbb5a031a271dc0734e2a92400efd66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /static/js/0.44bc613a.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:09 GMT
via: 1.1 63cf97e5788a160a76e89d4e12e2ca29.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 720757
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a12486e070000fa583e363000000001
cf-ray: 64fd76900e11fa58-AMS
referrer-policy: origin-when-cross-origin
last-modified: Fri, 07 May 2021 07:22:50 GMT
server: nginx
etag: W/"0e15d53d62484552d9a4ce209cff6654"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: J64eKja3ZXGwNTWUgQvooJIYwPtaBVmY
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: AMS50-C1
content-type: application/javascript; charset=utf-8
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
x-amz-cf-id: 6uLHGFZKxTw8DKfIWE4rTX1VV2nYOST7YV5U4jS48dPZffyNyD2e5Q==

GET
H2 200 1.41ebe6c3.chunk.js Show response
www.spendesk.com/static/js/ 1 MB
283 KB 499ms
198ms Script
application/javascript 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/static/js/1.41ebe6c3.chunk.js

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/app?referer=kyb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0198951d02c24413c724c081c24dad6f33e937efef654919e44b7a1e8b696dcc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /static/js/1.41ebe6c3.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:09 GMT
via: 1.1 5345148f0ba8ae3c67b69d035acdbfc5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 720757
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a12486e050000bdb4ee3d0000000001
cf-ray: 64fd76900fa9bdb4-AMS
referrer-policy: origin-when-cross-origin
last-modified: Thu, 06 May 2021 14:21:40 GMT
server: nginx
etag: W/"ad3ea0eff0fb6a353044bc9d9e73b212"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: VkuSn_61A0cYtmV0G2gpeV.uDYzbqaZs
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: AMS50-C1
content-type: application/javascript; charset=utf-8
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
x-amz-cf-id: N5i2KG3PJ88VN7NUyj5ZkFDoah9w0DHQhFhy_lpAu6-OsuWIFjgnnw==

GET
H2 200 app.f20e5b66.chunk.js Show response
www.spendesk.com/static/js/ 8 MB
2 MB 448ms
147ms Script
application/javascript 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/static/js/app.f20e5b66.chunk.js

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/app?referer=kyb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d1b0a57ba1bf8eea8b24223dbd25dc02423bc9a8395fe573227357f630941f60

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /static/js/app.f20e5b66.chunk.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:09 GMT
via: 1.1 182732bb63f7d4f88e7cac0874b0cfef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 704407
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a12486e0500004c00338d9000000001
cf-ray: 64fd76900afe4c00-AMS
referrer-policy: origin-when-cross-origin
last-modified: Fri, 07 May 2021 09:28:32 GMT
server: nginx
etag: W/"0ab4ca2500b353f09df850fbc08469f9-2"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: 3DN66C3_msokhOr2Li.xpSYtyK2jG7Aj
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: AMS50-C1
content-type: application/javascript; charset=utf-8
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
x-amz-cf-id: CUu86rl38EDTsDfklCClAm1OzfES3U26pv5cJ1S6GVIwa0mrJDAwWA==

POST
H2 204 csp
www.spendesk.com/security/report/ 0
2 KB 351ms
50ms Other
text/plain 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/security/report/csp

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/static/js/app.f20e5b66.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: no-cors
origin: https://www.spendesk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: report
content-length: 2837
:path: /security/report/csp
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 15 May 2021 15:40:10 GMT
x-correlation-id: 6400d67d-fe3b-4526-b03b-9fb68c21878d
x-content-type-options: nosniff
x-dns-prefetch-control: off
vary: Origin
referrer-policy: origin-when-cross-origin
server: nginx
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
access-control-allow-origin: https://www.spendesk.com
x-spd-srv-version: 1.753.0
access-control-expose-headers: Content-Disposition
cache-control: no-cache, private, max-age=0
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-spd-srv-bind: 3000
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;

POST
H2 200 / Show response
o491652.ingest.sentry.io/api/5557543/envelope/ 2 B
122 B 30ms
30ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o491652.ingest.sentry.io/api/5557543/envelope/?sentry_key=77fd7860d21f4a7abc8bf99fd0a8a6b3&sentry_version=7

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/static/js/app.f20e5b66.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.spendesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 May 2021 15:40:10 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.spendesk.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

POST
H2 204 csp
www.spendesk.com/security/report/ 0
2 KB 351ms
50ms Other
text/plain 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/security/report/csp

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/static/js/app.f20e5b66.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: no-cors
origin: https://www.spendesk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: report
content-length: 2766
:path: /security/report/csp
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 15 May 2021 15:40:10 GMT
x-correlation-id: 23f1ef54-3250-4463-8aba-d9ad564bcad2
x-content-type-options: nosniff
x-dns-prefetch-control: off
vary: Origin
referrer-policy: origin-when-cross-origin
server: nginx
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
access-control-allow-origin: https://www.spendesk.com
x-spd-srv-version: 1.753.1
access-control-expose-headers: Content-Disposition
cache-control: no-cache, private, max-age=0
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-spd-srv-bind: 3000
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;

POST
H2 200 / Show response
o491652.ingest.sentry.io/api/5557543/envelope/ 2 B
102 B 30ms
29ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o491652.ingest.sentry.io/api/5557543/envelope/?sentry_key=77fd7860d21f4a7abc8bf99fd0a8a6b3&sentry_version=7

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/static/js/app.f20e5b66.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.spendesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 May 2021 15:40:10 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.spendesk.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

POST
H2 204 csp
www.spendesk.com/security/report/ 0
2 KB 351ms
50ms Other
text/plain 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/security/report/csp

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/static/js/app.f20e5b66.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: no-cors
origin: https://www.spendesk.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: report
content-length: 2834
:path: /security/report/csp
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/csp-report
accept: */*
cache-control: no-cache
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 15 May 2021 15:40:10 GMT
x-correlation-id: 0118d68b-7d69-4519-be6b-f692a062f288
x-content-type-options: nosniff
x-dns-prefetch-control: off
vary: Origin
referrer-policy: origin-when-cross-origin
server: nginx
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
access-control-allow-origin: https://www.spendesk.com
x-spd-srv-version: 1.753.1
access-control-expose-headers: Content-Disposition
cache-control: no-cache, private, max-age=0
access-control-allow-credentials: true
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-spd-srv-bind: 3001
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;

POST
H2 200 / Show response
o491652.ingest.sentry.io/api/5557543/store/ 41 B
107 B 30ms
30ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o491652.ingest.sentry.io/api/5557543/store/?sentry_key=77fd7860d21f4a7abc8bf99fd0a8a6b3&sentry_version=7

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/static/js/app.f20e5b66.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

cb193b1107b8291923f847652db3599700519860f4b797608acba527550e566e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.spendesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 15 May 2021 15:40:10 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.spendesk.com
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 41

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Referer: https://www.spendesk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
BLOB 200
OK 5fe9d8c6-2972-4f02-a606-cb1066c7f13a
https://www.spendesk.com/ 7 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.spendesk.com/5fe9d8c6-2972-4f02-a606-cb1066c7f13a
Requested by: Host: www.spendesk.com
URL: https://www.spendesk.com/app?referer=kyb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8189328d8aafdf0fc5401e63ba0cb7dcd072b36eb801dc2da7c1434cf2d9821

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 6780

GET
H2 200 auth.json Show response
www.spendesk.com/static/lang/en/ 10 KB
6 KB 498ms
197ms Fetch
application/json 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/static/lang/en/auth.json

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/static/js/1.41ebe6c3.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

bf2115b6d58ceef63ef24a893746a12db07cd5e6efb8fd538674dbe1d49a0a1d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:path: /static/lang/en/auth.json
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:11 GMT
via: 1.1 0b3cd120321973f1462a42e82c43c1cd.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 700754
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a124873ce000000f41f947000000001
cf-ray: 64fd76994ea400f4-AMS
referrer-policy: origin-when-cross-origin
last-modified: Fri, 07 May 2021 13:00:19 GMT
server: nginx
x-frame-options: sameorigin
etag: W/"4b7125a90650926f960ebdda04fca94b"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: 0WmODjcpxZZdr9_D7TrM0v232mjZSwgn
vary: Accept-Encoding
cache-control: no-cache
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: AMS50-C1
content-type: application/json
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
x-amz-cf-id: mocPIuNKorQpLmbkY5lgCq7wwm-F26bla7ms6zcaU4bcQMNKXNyzNg==

GET
H2 200 card.json Show response
www.spendesk.com/static/lang/en/ 284 B
3 KB 557ms
256ms Fetch
application/json 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/static/lang/en/card.json

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/static/js/1.41ebe6c3.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6e7a0622a5d68e3b6f0e52db4a42ea463fa0ff02ce7cd8bdd9cb842ee6e3e94f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:path: /static/lang/en/card.json
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:11 GMT
via: 1.1 d8c5e23736c47a3e5184b0a78042898f.cloudfront.net (CloudFront)
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
cf-cache-status: DYNAMIC
age: 1555148
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a124873c600000c01cc3b9000000001
cf-ray: 64fd76993fc60c01-AMS
referrer-policy: origin-when-cross-origin
last-modified: Tue, 27 Apr 2021 15:31:32 GMT
server: nginx
x-frame-options: sameorigin
etag: W/"c187e453d826d70a7a271de8df33f9ff"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
vary: Accept-Encoding
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: YmPRRq6N22VKaapZ7ZeXConJVlNBkaab
cache-control: no-cache
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: AMS50-C1
content-type: application/json
x-amz-cf-id: DrIcsXbcNbRxJyymu9123p_SYGCuuH3hEYVXZHSiUJxz-lXwPe_g9Q==
x-content-type-options: nosniff

GET
H2 200 countries.json Show response
www.spendesk.com/static/lang/en/ 7 KB
5 KB 567ms
265ms Fetch
application/json 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/static/lang/en/countries.json

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/static/js/1.41ebe6c3.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1db0c6c997db6115460178aad837c294b0b23a71507c21f13289286ee3772996

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:path: /static/lang/en/countries.json
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:11 GMT
via: 1.1 0f6f1904b6904f4881311d3f5570a9ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1558731
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a124873db00007227a8229000000001
cf-ray: 64fd76995f2d7227-AMS
referrer-policy: origin-when-cross-origin
last-modified: Tue, 27 Apr 2021 14:38:24 GMT
server: nginx
x-frame-options: sameorigin
etag: W/"f50d7efda08ff9b6a6e2ef9288041aad"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: 3wRBC1YRCC5WOm79dMlBI6fw_iSjel2B
vary: Accept-Encoding
cache-control: no-cache
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: MXP64-C1
content-type: application/json
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
x-amz-cf-id: cOCzrWMj1EQsS4PlBcIy11SybGwnlJabxnWky1zXFvWPR-0HYFjLWQ==

GET
H2 200 errors.json Show response
www.spendesk.com/static/lang/en/ 6 KB
5 KB 472ms
170ms Fetch
application/json 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/static/lang/en/errors.json

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/static/js/1.41ebe6c3.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3adf7b8494bf94d0416564a53ab8e01a460d5e4a8ccdab47c52e1aa02e0cbbca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:path: /static/lang/en/errors.json
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:11 GMT
via: 1.1 66dd60a280ca9f6b133d158ccf4dd40a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1388161
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a124873c400004c67ed0f6000000001
cf-ray: 64fd76993f954c67-AMS
referrer-policy: origin-when-cross-origin
last-modified: Thu, 29 Apr 2021 13:15:40 GMT
server: nginx
x-frame-options: sameorigin
etag: W/"66984f56ed96b38a3ac671c32bd8fdd6"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: 3nrGvXnTUA2_I3vMADHe0n2NP2Lgvja.
vary: Accept-Encoding
cache-control: no-cache
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: AMS50-C1
content-type: application/json
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
x-amz-cf-id: OU94L-yOTOTcwKPYzmeINh3mIodoQyg9HCDeTjfyRaOjr1ZTlQwyQg==

GET
H2 200 global.json Show response
www.spendesk.com/static/lang/en/ 387 KB
93 KB 526ms
224ms Fetch
application/json 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/static/lang/en/global.json

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/static/js/1.41ebe6c3.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

33c8acc6b4b0a3a3c7a238662698ca67e851628b6b8bc28295a69da8cde2a15c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:path: /static/lang/en/global.json
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:11 GMT
via: 1.1 d8c5e23736c47a3e5184b0a78042898f.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 700747
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a124873d50000c8374a115000000001
cf-ray: 64fd76995c1ac837-AMS
referrer-policy: origin-when-cross-origin
last-modified: Fri, 07 May 2021 13:00:20 GMT
server: nginx
x-frame-options: sameorigin
etag: W/"29f7347eaacf548f6c9039589d94b1d3"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: HYAsevfVy.oAMv4yDlUPwr798pl822sM
vary: Accept-Encoding
cache-control: no-cache
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: AMS50-C1
content-type: application/json
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
x-amz-cf-id: bCWrLM5jxPc_97dDw5kKOlUL4C-WXLVMu0CRbv1SrOa1_9ItU_PnCw==

GET
H2 200 notifications.json Show response
www.spendesk.com/static/lang/en/ 3 KB
3 KB 475ms
174ms Fetch
application/json 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/static/lang/en/notifications.json

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/static/js/1.41ebe6c3.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

4843f7a6a76109c6e779db38bbe4fb5e5a4f1b01b64ba7644be7145c9752c87c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:path: /static/lang/en/notifications.json
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:11 GMT
via: 1.1 fd4c476aa3616f643565cbbf3a891a79.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 1555148
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a124873d100000c8db7ac4000000001
cf-ray: 64fd76994ef90c8d-AMS
referrer-policy: origin-when-cross-origin
last-modified: Tue, 27 Apr 2021 15:31:32 GMT
server: nginx
x-frame-options: sameorigin
etag: W/"ffd6621a352eb9d41278331b0f0c1e42"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: xrQKoNzHANK4naxj7kDYbllJmqreb7oU
vary: Accept-Encoding
cache-control: no-cache
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: AMS50-C1
content-type: application/json
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
x-amz-cf-id: GI3L1KbffbOCpTgLC9NgjnbksJF6Y5yW4dTgxUIvGN7Z9ZkTfXjc6A==

GET
H2 200 onboardingV2.json Show response
www.spendesk.com/static/lang/en/ 23 KB
9 KB 495ms
194ms Fetch
application/json 52.210.79.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spendesk.com/static/lang/en/onboardingV2.json

Requested by

Host: www.spendesk.com
URL: https://www.spendesk.com/static/js/1.41ebe6c3.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.210.79.254 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-79-254.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9f75e7e2eed2ccb225e390c55e33093e0ea341c8914b13c10aa76202910bc8c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://.spendesk.com https://.spendesk.dev https://spendesk.com https://spendesk.dev;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

:path: /static/lang/en/onboardingV2.json
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.spendesk.com
referer: https://www.spendesk.com/app?referer=kyb
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.spendesk.com/app?referer=kyb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 15:40:11 GMT
via: 1.1 d9fcaa7ae40e5e547fbbd3d693139fae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 785580
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a124873ce0000c7618abd8000000001
cf-ray: 64fd76994f82c761-AMS
referrer-policy: origin-when-cross-origin
last-modified: Thu, 06 May 2021 13:26:41 GMT
server: nginx
x-frame-options: sameorigin
etag: W/"c884f8f0d1765f28546e0dd1d2c39801"
expect-ct: report-uri="https://www.spendesk.com/security/report/ct",max-age=63072000,enforce
strict-transport-security: max-age=63072000; includeSubDomains; preload
report-to: { "group": "csp-endpoint", "max_age": 63072000, "endpoints": [{ "url": "https://www.spendesk.com/security/report/csp" }] }
x-amz-version-id: qLJtbQdye4Rm93EGQeTp0CRypp.qo0gp
vary: Accept-Encoding
cache-control: no-cache
content-security-policy: frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev;
x-amz-cf-pop: AMS50-C1
content-type: application/json
content-security-policy-report-only: connect-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://api.segment.io https://preview.contentful.com https://api-js.mixpanel.com https://api-iam.intercom.io https://sessions.bugsnag.com/ https://d3r43gyd9zmfep.cloudfront.net wss://nexus-websocket-a.intercom.io https://rs.fullstory.com https://appvizer.one https://stats.g.doubleclick.net https://in.hotjar.com https://forms.hubspot.com https://bat.bing.com https://new-collect.albacross.com https://fastly.trychameleon.com 'report-sample'; script-src 'self' https://*.spendesk.com https://*.spendesk.dev https://*.spendesk.tools https://js.intercomcdn.com https://www.google-analytics.com https://cdn.wootric.com https://fast.trychameleon.com https://widget.intercom.io https://cdn.mxpnl.com https://cdn.segment.com https://tracking.g2crowd.com https://scout-cdn.salesloft.com https://serve.albacross.com https://js.hsforms.net https://d3r43gyd9zmfep.cloudfront.net https://cdn-3.convertexperiments.com https://www.googleoptimize.com https://apis.google.com https://edge.fullstory.com https://analytics.twitter.com https://appvizer.one https://bat.bing.com https://cdn.heapanalytics.com https://code.jquery.com https://connect.facebook.net https://fastly.trychameleon.com https://googleads.g.doubleclick.net https://js.hs-analytics.net https://js.hs-banner.com https://js.hsleadflows.net https://js.hs-scripts.com https://script.hotjar.com https://snap.licdn.com https://static.ads-twitter.com https://static.hotjar.com https://www.googleadservices.com https://www.googletagmanager.com 'sha512-M4Q0ZK7rUle6vKdTdV+cHBsjhrJQJQRfMgzZnhJ7ZNxCt/fiyb0SfINEUkNrO3OP+vL9YsunQnS7riOBRm8NHw==' 'sha512-uuehVCUzjJ6Mdnrs9GYst1UHGzy0/AyrRKJaqL4scI6M3/UEKjVr0kQrFVXH3rPrrhfIbqRJuAS4A5w5+fyRRQ==' 'sha512-XtmMtDEcNz2j7ekrtHvOVR4iwwaD6o/FUJe6+Zq+HgcCsk3kj4uSQQR8weQ2QVj1o0Pk6PwYLohm206ZzNfubg==' 'sha512-u1L7Dp3BKUP3gijgSRoMTNxmDl/5o+XOHupwwa7jsI1rMzHrllSLKsGOfqjYl8vrEG+8ghnRPNA/SCltmJCZpQ==' 'report-sample'; worker-src 'self' https://*.spendesk.com https://*.spendesk.dev blob:; frame-ancestors 'self' chrome-extension://dipeehgoehnglgojdgfmndjemdfepkeb https://*.spendesk.com https://*.spendesk.dev https://spendesk.com https://spendesk.dev; report-uri https://www.spendesk.com/security/report/csp; block-all-mixed-content;
x-amz-cf-id: d_jZbTIT2ZyivMqnWO0caVXUIWdljtuYfMNRhExRFl6vI7GnnG2gJw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app-kyb--control.release.linc-preview.sh
URL: https://app-kyb--control.release.linc-preview.sh/static/lang/en/en.json

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-kyb--control.release.linc-preview.sh
control.kyb.spendesk.dev
o491652.ingest.sentry.io
www.spendesk.com
app-kyb--control.release.linc-preview.sh
13.32.6.119
34.120.195.249
52.210.79.254
52.30.106.56
0198951d02c24413c724c081c24dad6f33e937efef654919e44b7a1e8b696dcc
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
1db0c6c997db6115460178aad837c294b0b23a71507c21f13289286ee3772996
1e81811ee0c899bb2f48b80f9d16921d8a2044c329fdfb3f054a81519eb5edc9
33c8acc6b4b0a3a3c7a238662698ca67e851628b6b8bc28295a69da8cde2a15c
3adf7b8494bf94d0416564a53ab8e01a460d5e4a8ccdab47c52e1aa02e0cbbca
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4843f7a6a76109c6e779db38bbe4fb5e5a4f1b01b64ba7644be7145c9752c87c
6e7a0622a5d68e3b6f0e52db4a42ea463fa0ff02ce7cd8bdd9cb842ee6e3e94f
6f49ce8bc093f5f68a727ffac43076749071adf15e08b694b7a9297063a648e0
7b33cc0436ef2d753042de55087ea6bd827d1cb31c6f5151d5f2b107253c5c37
8e886f2e720d1d494cdae19f283d471164f7599860f3994c8b380b3fd7b50752
91d67435e3c28c0dac20cee2bd20d94b03915d88245e825c7029796de3fb5316
91ebd1f4fd370002155ded59476dae1bdab41c61def7bc9d2ad27e7cedf7fdba
9e1cb9889c0f8448e31eb6d83501a26dab4a26efb44d6ae505667c0db82e9aee
9edf53631b554dc042406a97a374cdf1e91a550b26cc3c5c678d3008042b71ce
9f75e7e2eed2ccb225e390c55e33093e0ea341c8914b13c10aa76202910bc8c5
bc63871856f49f584c02b728553d7c7b00b08ca95034106ca21f1246f6e4a94e
bf2115b6d58ceef63ef24a893746a12db07cd5e6efb8fd538674dbe1d49a0a1d
c94326af4929de6d5302c3779e163207cdc627707c2252775b73cac1d2173b20
cb193b1107b8291923f847652db3599700519860f4b797608acba527550e566e
d1b0a57ba1bf8eea8b24223dbd25dc02423bc9a8395fe573227357f630941f60
d8189328d8aafdf0fc5401e63ba0cb7dcd072b36eb801dc2da7c1434cf2d9821
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78a19f6cce7ba2a5ad2c67d1d70211c78d6a59d429c9a0a05843424a8f67f90
ea509d67d9ce75feff7061beaab73b5c2fbb5a031a271dc0734e2a92400efd66
ee605f53b63b1312cbfcab4cfbe20c1b5c62eaf29f26928f16ec6af40d54bde6
fd3af864e7eeeac315f407ad29fa9c2afe90ba36c6665dbec356ad9ed35b7314

www.spendesk.com Open in urlscan Pro 52.210.79.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

94 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

2898 kBTransfer

12397 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.spendesk.com Open in urlscan Pro
52.210.79.254 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

94 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2898 kB
Transfer

12397 kB
Size

0
Cookies

32 HTTP transactions
1 data transactions