urlscan.io logo urlscan.io
SecurityTrails logo

cl-53157.services.portal-dev.gke.sojern.net Open in urlscan Pro
34.160.156.180  Public Scan

Go To Rescan Add Verdict Report
URL: https://cl-53157.services.portal-dev.gke.sojern.net/
Submission: On March 11 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 7 domains to perform 37 HTTP transactions. The main IP is 34.160.156.180, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is cl-53157.services.portal-dev.gke.sojern.net.
TLS certificate: Issued by GTS CA 1D4 on March 11th 2024. Valid for: 3 months.
This is the only time cl-53157.services.portal-dev.gke.sojern.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 34.160.156.180 15169 (GOOGLE)
3 2a04:4e42::622 54113 (FASTLY)
1 18.173.154.122 16509 (AMAZON-02)
2 3.225.190.224 14618 (AMAZON-AES)
5 151.101.64.176 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.149.36.171 15169 (GOOGLE)
1 50.112.21.45 16509 (AMAZON-02)
37 11
12    34.160.156.180 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 180.156.160.34.bc.googleusercontent.com
cl-53157.services.portal-dev.gke.sojern.net
3    2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)
fast.appcues.com
1    18.173.154.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-122.muc50.r.cloudfront.net
cdn.heapanalytics.com
2    3.225.190.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-190-224.compute-1.amazonaws.com
heapanalytics.com
5    151.101.64.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
4    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    34.149.36.171 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 171.36.149.34.bc.googleusercontent.com
backend.dev.apis.sojern.net
1    50.112.21.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-21-45.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
14 sojern.net
cl-53157.services.portal-dev.gke.sojern.net
backend.dev.apis.sojern.net
26 MB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
450 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
37 KB
4 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1155
m.stripe.com — Cisco Umbrella Rank: 1134
169 KB
3 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 776
heapanalytics.com — Cisco Umbrella Rank: 686
38 KB
3 appcues.com
fast.appcues.com — Cisco Umbrella Rank: 4649
135 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1243
16 KB
37 7
Domain Requested by
12 cl-53157.services.portal-dev.gke.sojern.net cl-53157.services.portal-dev.gke.sojern.net
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com cl-53157.services.portal-dev.gke.sojern.net
www.gstatic.com
www.google.com
3 js.stripe.com cl-53157.services.portal-dev.gke.sojern.net
js.stripe.com
3 fast.appcues.com cl-53157.services.portal-dev.gke.sojern.net
fast.appcues.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 backend.dev.apis.sojern.net cl-53157.services.portal-dev.gke.sojern.net
2 fonts.gstatic.com www.google.com
2 heapanalytics.com cl-53157.services.portal-dev.gke.sojern.net
1 m.stripe.com m.stripe.network
1 cdn.heapanalytics.com cl-53157.services.portal-dev.gke.sojern.net
37 11

This site contains links to these domains. Also see Links.

Domain
www.sojern.com
Subject Issuer Validity Valid
cl-53157.services.portal-dev.gke.sojern.net
GTS CA 1D4		 2024-03-11 -
2024-06-09		 3 months crt.sh
fast.appcues.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-05 -
2024-09-05		 a year crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M01		 2023-06-29 -
2024-07-27		 a year crt.sh
heapanalytics.com
Amazon RSA 2048 M02		 2023-11-09 -
2024-12-08		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-07 -
2024-05-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
backend.dev.apis.sojern.net
R3		 2024-01-29 -
2024-04-28		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2024-05-23		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://cl-53157.services.portal-dev.gke.sojern.net/
Frame ID: 0040E69120FCE10019025BCA8ECAB83F
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc-kTcbAAAAALlKO6aVyiMoFRwlUdx85PAAYfYm&co=aHR0cHM6Ly9jbC01MzE1Ny5zZXJ2aWNlcy5wb3J0YWwtZGV2LmdrZS5zb2plcm4ubmV0OjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=2qwermpqawlx
Frame ID: 5C3849504CE5CB769DE1A70F4C155CDD
Requests: 8 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: C12642CFB6B2BAAC4C1B1F2B69050FC0
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 2BE8F1D33E1C0609B3C3E914381050A4
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SojernSlice 1Slice 1Slice 1

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

37
Requests

97 %
HTTPS

40 %
IPv6

7
Domains

11
Subdomains

11
IPs

2
Countries

27791 kB
Transfer

95966 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cl-53157.services.portal-dev.gke.sojern.net/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cl-53157.services.portal-dev.gke.sojern.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.156.180 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.156.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b7537413c31565f6646bdb69c1c8031e06b4f60ac533d5345ac6e4bb2f18e7b1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-security-policy
default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
content-type
text/html
date
Mon, 11 Mar 2024 07:45:07 GMT
etag
W/"65eeb3ce-b10"
last-modified
Mon, 11 Mar 2024 07:33:34 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
master-only
33462.js
fast.appcues.com/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/33462.js
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
dff45a19ae3b77f9b1a5da04d3d4d401436a76ed34292df2a966ed606c24f95e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:07 GMT
content-encoding
gzip
via
1.1 varnish
age
175
x-cache
HIT
content-length
4886
x-request-id
F7ul77ochRh0TUzqDOlj
x-served-by
cache-fra-eddf8230126-FRA
server
Cowboy
x-timer
S1710143108.591161,VS0,VE1
vary
accept-encoding, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=120,public
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
1
vendor.98a57256631f9c599999.bundle.js
cl-53157.services.portal-dev.gke.sojern.net/js/ 		35 MB
9 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cl-53157.services.portal-dev.gke.sojern.net/js/vendor.98a57256631f9c599999.bundle.js
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.156.180 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.156.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c79f65a9e113907755f91fb90762009f5c6e1d3b34d6b369207713ae505071f0
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
last-modified
Mon, 11 Mar 2024 07:32:09 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
content-encoding
gzip
etag
W/"65eeb379-231a6dc"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
main.7d1a4f9e1452ff8ba360.bundle.js
cl-53157.services.portal-dev.gke.sojern.net/js/ 		56 MB
17 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://cl-53157.services.portal-dev.gke.sojern.net/js/main.7d1a4f9e1452ff8ba360.bundle.js
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.156.180 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.156.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e50c3b807e650205a1e334ec73f58c5cd0680bb3d1f7405d32029580146ca3cd
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
last-modified
Mon, 11 Mar 2024 07:33:33 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
content-encoding
gzip
etag
W/"65eeb3cd-37f8fb6"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
appcues.main.a862b0c97fa29d163ebae23c719b6fd35377fcb8.js
fast.appcues.com/generic/main/5.0.2/ 		450 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/5.0.2/appcues.main.a862b0c97fa29d163ebae23c719b6fd35377fcb8.js
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/33462.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c46ebeb837a100bce16db25c1f358eb8e048cd2f54d73ff305f79ff77e4574e3

Request headers

Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
Origin
https://cl-53157.services.portal-dev.gke.sojern.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:07 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
JN3R2J4F3B35K1KP
age
558458
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
129867
x-amz-id-2
Mb1K5ViRYrpw/mV9fkKZqjDuwIOHvIVZYAHHn87wiVoc2jum8lK76g7rre6htrdPhWwYLbXdK08=
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Mon, 04 Mar 2024 20:29:24 GMT
server
AmazonS3
x-timer
S1710143108.616995,VS0,VE0
etag
"61c370740223cb2a3f6e611dbdbd5733"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
215
heap-3605082106.js
cdn.heapanalytics.com/js/ 		115 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-3605082106.js
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-122.muc50.r.cloudfront.net
Software
nginx / Express
Resource Hash
5ba090464ac01bdc0d68835f915267b253a3ab386856d4a44efd25953d1b7cd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:07 GMT
content-encoding
br
via
1.1 2dd902cd86ee8f22d66046533880d3e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
MUC50-P3
x-powered-by
Express
etag
W/"1ca99-an0rqQ320leWWdYA637x47lC2NQ"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
PwesYo_a3KmroSwZRQHTpSxd6tTRW30GRdHpxRmNcH6XI_K8B-6w3A==
container.a862b0c97fa29d163ebae23c719b6fd35377fcb8.css
fast.appcues.com/generic/main/5.0.2/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.appcues.com/generic/main/5.0.2/container.a862b0c97fa29d163ebae23c719b6fd35377fcb8.css
Requested by
Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/5.0.2/appcues.main.a862b0c97fa29d163ebae23c719b6fd35377fcb8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb

Request headers

Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
Origin
https://cl-53157.services.portal-dev.gke.sojern.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:07 GMT
content-encoding
gzip
via
1.1 varnish
x-amz-request-id
JVYF2XC53V5ZRKM3
age
558572
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
1992
x-amz-id-2
s0aPK3KocxnYCCJGZKE0ki8yDCynhCpQ4dt1n78PFIS0PP0XKSpLqSz459D/PPNv8XGt+8paxearvCddueTzWQ==
x-served-by
cache-fra-eddf8230139-FRA
last-modified
Mon, 04 Mar 2024 20:29:23 GMT
server
AmazonS3
x-timer
S1710143108.683078,VS0,VE0
etag
"5be05ce494e7cac41d062a0b12a1657c"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css; charset=utf-8;
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Authorization
x-cache-hits
14419
h
heapanalytics.com/ 		37 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=3605082106&u=8566807470199494&v=1325491773411782&s=88201160999298&b=web&tv=4.0&z=0&h=%2F&d=cl-53157.services.portal-dev.gke.sojern.net&t=Sojern&ts=1710143107812&st=1710143107814
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.190.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-190-224.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 07:45:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
v3
js.stripe.com/ 		605 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/js/vendor.98a57256631f9c599999.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
78cbe967c1f4e24b0a586fff03fbcd4a98069b27ad23bfe0ef8aef9a9fa22739
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Mar 2024 07:45:09 GMT
via
1.1 varnish
age
60
x-cache
HIT
content-length
171169
x-request-id
ccc2626f-d66e-4a66-b83d-708209ce5452
x-served-by
cache-fra-etou8220048-FRA
last-modified
Sat, 09 Mar 2024 03:17:41 GMT
server
Fastly
etag
"0d82e47134264113b6f556b7b393025a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
edbbba476d29acc26580.woff2
cl-53157.services.portal-dev.gke.sojern.net/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cl-53157.services.portal-dev.gke.sojern.net/edbbba476d29acc26580.woff2
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.156.180 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.156.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4c307b8a6c94c602aa6bcb54ff46ef860f2dcd005eb17861fc25cec79bb8e4a7
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
Origin
https://cl-53157.services.portal-dev.gke.sojern.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
last-modified
Mon, 11 Mar 2024 07:32:09 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
via
1.1 google
etag
"65eeb379-411c"
x-frame-options
DENY
content-type
font/woff2
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16668
common.json
cl-53157.services.portal-dev.gke.sojern.net/locales/en-US/ 		6 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cl-53157.services.portal-dev.gke.sojern.net/locales/en-US/common.json
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/js/vendor.98a57256631f9c599999.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.156.180 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.156.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7b19fc9064da982815a315667e6ed967019b0a46ad0397e531ff2afa704697a1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
last-modified
Mon, 11 Mar 2024 07:32:09 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
via
1.1 google
etag
"65eeb379-1746"
x-frame-options
DENY
content-type
application/json
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5958
header.json
cl-53157.services.portal-dev.gke.sojern.net/locales/en-US/ 		175 B
197 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cl-53157.services.portal-dev.gke.sojern.net/locales/en-US/header.json
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/js/vendor.98a57256631f9c599999.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.156.180 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.156.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cffee18f08d710105a95a15eb6324ccf7ec52f175a2f2fba4eb8455dd6d06fae
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
last-modified
Mon, 11 Mar 2024 07:32:09 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
via
1.1 google
etag
"65eeb379-af"
x-frame-options
DENY
content-type
application/json
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
dashboard.json
cl-53157.services.portal-dev.gke.sojern.net/locales/en-US/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cl-53157.services.portal-dev.gke.sojern.net/locales/en-US/dashboard.json
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/js/vendor.98a57256631f9c599999.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.156.180 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.156.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
07224d1483b8933c2b13037f8824c1273b1b1ee40fd6d2dc0ff7b25adf48e16c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
last-modified
Mon, 11 Mar 2024 07:32:09 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
via
1.1 google
etag
"65eeb379-b22"
x-frame-options
DENY
content-type
application/json
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2850
enterprise.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6Lc-kTcbAAAAALlKO6aVyiMoFRwlUdx85PAAYfYm
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/js/main.7d1a4f9e1452ff8ba360.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e97e903e9b318cf47deacca765aee665b20a2a5369cf55ae1e56b47158acc0ca
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 11 Mar 2024 07:45:09 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ 		494 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lc-kTcbAAAAALlKO6aVyiMoFRwlUdx85PAAYfYm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
Origin
https://cl-53157.services.portal-dev.gke.sojern.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200579
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Mar 2025 07:16:54 GMT
anchor
www.google.com/recaptcha/enterprise/ Frame 5C38 		45 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc-kTcbAAAAALlKO6aVyiMoFRwlUdx85PAAYfYm&co=aHR0cHM6Ly9jbC01MzE1Ny5zZXJ2aWNlcy5wb3J0YWwtZGV2LmdrZS5zb2plcm4ubmV0OjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=2qwermpqawlx
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5ec0e41631cf83741e16b37fd608be4853dcbf9f17394b82ed90f43a69dacae8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rV19MVnQLQZvLN5s-fYjDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-rV19MVnQLQZvLN5s-fYjDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 11 Mar 2024 07:45:09 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
userProfile.json
cl-53157.services.portal-dev.gke.sojern.net/locales/en-US/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cl-53157.services.portal-dev.gke.sojern.net/locales/en-US/userProfile.json
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/js/vendor.98a57256631f9c599999.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.156.180 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.156.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
77cc9b4e0fccd1f49cbe8fca5e240728fdc5cd67d4767d19217b62566866de79
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
last-modified
Mon, 11 Mar 2024 07:32:09 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
via
1.1 google
etag
"65eeb379-65e"
x-frame-options
DENY
content-type
application/json
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1630
error.json
cl-53157.services.portal-dev.gke.sojern.net/locales/en-US/ 		334 B
356 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cl-53157.services.portal-dev.gke.sojern.net/locales/en-US/error.json
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/js/vendor.98a57256631f9c599999.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.156.180 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.156.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6b84b50d02b53735f29f223594b5e74f2f7a38a54a6f85382fb5efc458e5763c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
last-modified
Mon, 11 Mar 2024 07:32:09 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
via
1.1 google
etag
"65eeb379-14e"
x-frame-options
DENY
content-type
application/json
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
334
styles__ltr.css
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 5C38 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc-kTcbAAAAALlKO6aVyiMoFRwlUdx85PAAYfYm&co=aHR0cHM6Ly9jbC01MzE1Ny5zZXJ2aWNlcy5wb3J0YWwtZGV2LmdrZS5zb2plcm4ubmV0OjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=2qwermpqawlx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 22:44:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 10 Mar 2025 22:44:40 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/ Frame 5C38 		494 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc-kTcbAAAAALlKO6aVyiMoFRwlUdx85PAAYfYm&co=aHR0cHM6Ly9jbC01MzE1Ny5zZXJ2aWNlcy5wb3J0YWwtZGV2LmdrZS5zb2plcm4ubmV0OjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=2qwermpqawlx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200579
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 05:02:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Mar 2025 07:16:54 GMT
oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js
www.google.com/js/bg/ Frame 5C38 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/oN6JOQxO2CZdhDuvURgc1WDqFpXrbMZ6mY5cTBya2tA.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc-kTcbAAAAALlKO6aVyiMoFRwlUdx85PAAYfYm&co=aHR0cHM6Ly9jbC01MzE1Ny5zZXJ2aWNlcy5wb3J0YWwtZGV2LmdrZS5zb2plcm4ubmV0OjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=2qwermpqawlx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 08:57:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
514065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6931
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Mar 2025 08:57:24 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5C38 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/QquE1_MNjnFHgZF4HPsEcf_2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 03:45:28 GMT
x-content-type-options
nosniff
age
532781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 12 Mar 2024 03:45:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5C38 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc-kTcbAAAAALlKO6aVyiMoFRwlUdx85PAAYfYm&co=aHR0cHM6Ly9jbC01MzE1Ny5zZXJ2aWNlcy5wb3J0YWwtZGV2LmdrZS5zb2plcm4ubmV0OjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=2qwermpqawlx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 21:26:23 GMT
x-content-type-options
nosniff
age
555526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Mar 2025 21:26:23 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5C38 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc-kTcbAAAAALlKO6aVyiMoFRwlUdx85PAAYfYm&co=aHR0cHM6Ly9jbC01MzE1Ny5zZXJ2aWNlcy5wb3J0YWwtZGV2LmdrZS5zb2plcm4ubmV0OjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=2qwermpqawlx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 09:11:37 GMT
x-content-type-options
nosniff
age
513212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 09:11:37 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 5C38 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc-kTcbAAAAALlKO6aVyiMoFRwlUdx85PAAYfYm&co=aHR0cHM6Ly9jbC01MzE1Ny5zZXJ2aWNlcy5wb3J0YWwtZGV2LmdrZS5zb2plcm4ubmV0OjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=2qwermpqawlx
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc-kTcbAAAAALlKO6aVyiMoFRwlUdx85PAAYfYm&co=aHR0cHM6Ly9jbC01MzE1Ny5zZXJ2aWNlcy5wb3J0YWwtZGV2LmdrZS5zb2plcm4ubmV0OjQ0Mw..&hl=de&v=QquE1_MNjnFHgZF4HPsEcf_2&size=invisible&cb=2qwermpqawlx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 11 Mar 2024 07:45:09 GMT
graphql
backend.dev.apis.sojern.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://backend.dev.apis.sojern.net/v1/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.36.171 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.36.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://cl-53157.services.portal-dev.gke.sojern.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://cl-53157.services.portal-dev.gke.sojern.net
access-control-expose-headers
X-Hasura-Query-Cache-Key,X-Hasura-Query-Family-Cache-Key,Warning
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 11 Mar 2024 07:45:09 GMT
via
1.1 google
graphql
backend.dev.apis.sojern.net/v1/ 		108 B
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://backend.dev.apis.sojern.net/v1/graphql
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/js/vendor.98a57256631f9c599999.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.36.171 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.36.149.34.bc.googleusercontent.com
Software
/
Resource Hash
c4064b4c272367fd24cc73caeee1004abaccdf2c9200665942d54e553bd2dcf3

Request headers

accept
*/*
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
accept-language
de-DE,de;q=0.9
authorization
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type
application/json

Response headers

date
Mon, 11 Mar 2024 07:45:09 GMT
via
1.1 google
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cl-53157.services.portal-dev.gke.sojern.net
access-control-expose-headers
X-Hasura-Query-Cache-Key,X-Hasura-Query-Family-Cache-Key,Warning
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108
src_Pages_Login_index_ts.627748ad39038428cd00.bundle.js
cl-53157.services.portal-dev.gke.sojern.net/js/ 		137 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cl-53157.services.portal-dev.gke.sojern.net/js/src_Pages_Login_index_ts.627748ad39038428cd00.bundle.js
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/js/main.7d1a4f9e1452ff8ba360.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.156.180 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.156.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
847b9aa934fc238ef221a873db673d419f27fe1ff32d4c8ff3ba4fb26157aa4c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/login?next=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
last-modified
Mon, 11 Mar 2024 07:33:34 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
content-encoding
gzip
etag
W/"65eeb3ce-22274"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
h
heapanalytics.com/ 		37 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=3605082106&u=8566807470199494&v=3716467033904952&s=88201160999298&b=web&tv=4.0&z=2&h=%2Flogin&q=%3Fnext%3D%2F&d=cl-53157.services.portal-dev.gke.sojern.net&t=Sojern&ts=1710143109858&pr=%2F&sp=ts&sp=1710143107812&sp=d&sp=cl-53157.services.portal-dev.gke.sojern.net&sp=h&sp=%2F&st=1710143109858
Requested by
Host: cl-53157.services.portal-dev.gke.sojern.net
URL: https://cl-53157.services.portal-dev.gke.sojern.net/login?next=/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.190.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-190-224.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Mar 2024 07:45:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame C126 		200 B
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3566830
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 11 Mar 2024 07:45:09 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
374368
x-content-type-options
nosniff
x-request-id
a8804533-3c5a-4d11-adcd-dab981b4d893
x-served-by
cache-fra-etou8220048-FRA
c100ded634307e7d4a44.svg
cl-53157.services.portal-dev.gke.sojern.net/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cl-53157.services.portal-dev.gke.sojern.net/c100ded634307e7d4a44.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.156.180 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.156.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cl-53157.services.portal-dev.gke.sojern.net/login?next=/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
last-modified
Mon, 11 Mar 2024 07:32:08 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
via
1.1 google
etag
"65eeb378-1638d"
x-frame-options
DENY
content-type
image/svg+xml
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91021
5e6c7e1b591d3c8fc01f.woff2
cl-53157.services.portal-dev.gke.sojern.net/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cl-53157.services.portal-dev.gke.sojern.net/5e6c7e1b591d3c8fc01f.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.156.180 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
180.156.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e0c8ebe383ce65c702e6a6032212b97205d58393e6e53db89cc3eb3670e8e684
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cl-53157.services.portal-dev.gke.sojern.net/
Origin
https://cl-53157.services.portal-dev.gke.sojern.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 07:45:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
last-modified
Mon, 11 Mar 2024 07:32:09 GMT
server
nginx
x-permitted-cross-domain-policies
master-only
via
1.1 google
etag
"65eeb379-4334"
x-frame-options
DENY
content-type
font/woff2
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17204
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame C126 		526 B
451 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 11 Mar 2024 07:45:09 GMT
via
1.1 varnish
age
3554739
x-cache
HIT
content-length
315
x-request-id
01da3b11-b456-45e0-b657-2f46850d5a4d
x-served-by
cache-fra-etou8220048-FRA
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
356168
inner.html
m.stripe.network/ Frame 2BE8 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
122
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 11 Mar 2024 07:45:10 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
82
x-content-type-options
nosniff
x-request-id
8f0aab0e-b96d-40cf-a6dc-ca7152893e2b
x-served-by
cache-fra-etou8220048-FRA
x-timer
S1710143110.023668,VS0,VE0
out-4.5.43.js
m.stripe.network/ Frame 2BE8 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Mon, 11 Mar 2024 07:45:10 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
288
x-cache
HIT
content-length
15509
x-request-id
aa5c23c7-055c-408b-9743-d3cdbf094703
x-served-by
cache-fra-etou8220048-FRA
server
Fastly
x-timer
S1710143110.035213,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
182
6
m.stripe.com/ Frame 2BE8 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.21.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-21-45.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9dcb904962ceaa2e197697810856c58b96460b236fd4e33407c62f897959f5e3
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Mon, 11 Mar 2024 07:45:10 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1710143110539041
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1710143110538673
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
6
m.stripe.com/ Frame 2BE8 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
m.stripe.com
URL
https://m.stripe.com/6

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| AppcuesBundleSettings object| Appcues object| heap object| regeneratorRuntime object| webpackChunkSojern object| __SVG_SPRITE__ string| __react_router_build__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| DD_LOGS object| DD_RUM object| core object| ace number| __sc-data-styled__ function| _ function| saveAs object| L object| __APOLLO_CLIENT__ object| webpackChunkStripeJSouter function| noop function| Stripe object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_70163

6 Cookies

Domain/Path Name / Value
.sojern.net/ Name: _hp2_ses_props.3605082106
Value: %7B%22ts%22%3A1710143107812%2C%22d%22%3A%22cl-53157.services.portal-dev.gke.sojern.net%22%2C%22h%22%3A%22%2F%22%7D
.sojern.net/ Name: _hp2_id.3605082106
Value: %7B%22userId%22%3A%228566807470199494%22%2C%22pageviewId%22%3A%223716467033904952%22%2C%22sessionId%22%3A%2288201160999298%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
m.stripe.com/ Name: m
Value: 63cc0c03-67fd-4c76-935e-6090d14557d55b444a
.cl-53157.services.portal-dev.gke.sojern.net/ Name: __stripe_mid
Value: 2924eb21-6c30-4f71-9451-a2348c3f054a8adac1
.cl-53157.services.portal-dev.gke.sojern.net/ Name: __stripe_sid
Value: 3d5ce169-ecd1-44bc-93f0-b55385d946c8af3af1
cl-53157.services.portal-dev.gke.sojern.net/ Name: _dd_s
Value: rum=1&id=19164a5b-ca86-4e77-b35c-8edca4c5b7bd&created=1710143109526&expire=1710144009532&logs=1

1 Console Messages

Source Level URL
Text
other warning URL: https://cl-53157.services.portal-dev.gke.sojern.net/login?next=/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' https://*.firebaseapp.com/ https://*.appcues.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.googleapis.com/ https://*.firebaseio.com/ https://ad.doubleclick.net/ https://www.facebook.com/ https://*.sojern.com/ https://*.sojern.net/ https://*.datadoghq.com/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/; style-src 'self' 'unsafe-inline' https://use.fontawesome.com/ https://*.appcues.com/; font-src 'self' https://use.fontawesome.com/ data:; img-src 'self' https://*.tile.openstreetmap.org/ https://heapanalytics.com/ https://*.googleapis.com/ https://*.2mdn.net/ https://*.sojern.com/ https://*.sojern.net/ blob: data:; connect-src 'self' https://*.tile.openstreetmap.org/ wss://*.firebaseio.com/ https://*.sentry.io/ wss://*.appcues.net/ wss://*.sojern.net/ https://*.sojern.net/ https://*.sojern.com/ https://*.googleapis.com/ https://*.datadoghq.com/ https://*.doubleclick.net/ https://*.googlesyndication.com https://*.browser-intake-datadoghq.com/ data:; script-src 'self' https://*.truste.com/ https://*.appcues.com/ https://*.heapanalytics.com/ https://*.gstatic.com/ https://*.stripe.com/ https://*.google.com/ https://*.firebaseio.com/ https://*.datadoghq.com/ https://*.googletagservices.com/ https://*.doubleclick.net/ https://*.googlesyndication.com/ https://*.2mdn.net/ https://*.browser-intake-datadoghq.com/ 'unsafe-inline'; style-src-elem 'self' 'unsafe-inline' https://*.googleapis.com/ https://*.appcues.com/;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

backend.dev.apis.sojern.net
cdn.heapanalytics.com
cl-53157.services.portal-dev.gke.sojern.net
fast.appcues.com
fonts.gstatic.com
heapanalytics.com
js.stripe.com
m.stripe.com
m.stripe.network
www.google.com
www.gstatic.com
m.stripe.com
151.101.64.176
18.173.154.122
2a00:1450:4001:811::2004
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2003
2a04:4e42::622
3.225.190.224
34.149.36.171
34.160.156.180
50.112.21.45
07224d1483b8933c2b13037f8824c1273b1b1ee40fd6d2dc0ff7b25adf48e16c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4c307b8a6c94c602aa6bcb54ff46ef860f2dcd005eb17861fc25cec79bb8e4a7
5564f45c0991c7cceb19c0fb637ee44b119fb14c6cbf3691540a9cad11e1edf3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ba090464ac01bdc0d68835f915267b253a3ab386856d4a44efd25953d1b7cd3
5ec0e41631cf83741e16b37fd608be4853dcbf9f17394b82ed90f43a69dacae8
6b84b50d02b53735f29f223594b5e74f2f7a38a54a6f85382fb5efc458e5763c
77cc9b4e0fccd1f49cbe8fca5e240728fdc5cd67d4767d19217b62566866de79
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78cbe967c1f4e24b0a586fff03fbcd4a98069b27ad23bfe0ef8aef9a9fa22739
7b19fc9064da982815a315667e6ed967019b0a46ad0397e531ff2afa704697a1
847b9aa934fc238ef221a873db673d419f27fe1ff32d4c8ff3ba4fb26157aa4c
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9dcb904962ceaa2e197697810856c58b96460b236fd4e33407c62f897959f5e3
a0de89390c4ed8265d843baf51181cd560ea1695eb6cc67a998e5c4c1c9adad0
a8bfdecce5d2156da95876601ab50733e863513e3689ce32498a8370e79a5687
b7537413c31565f6646bdb69c1c8031e06b4f60ac533d5345ac6e4bb2f18e7b1
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2f5a697cf483b8a50b286ec9481c2767bcc448ad563047894e7e623de8049eb
c4064b4c272367fd24cc73caeee1004abaccdf2c9200665942d54e553bd2dcf3
c46ebeb837a100bce16db25c1f358eb8e048cd2f54d73ff305f79ff77e4574e3
c79f65a9e113907755f91fb90762009f5c6e1d3b34d6b369207713ae505071f0
cffee18f08d710105a95a15eb6324ccf7ec52f175a2f2fba4eb8455dd6d06fae
dff45a19ae3b77f9b1a5da04d3d4d401436a76ed34292df2a966ed606c24f95e
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0c8ebe383ce65c702e6a6032212b97205d58393e6e53db89cc3eb3670e8e684
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50c3b807e650205a1e334ec73f58c5cd0680bb3d1f7405d32029580146ca3cd
e97e903e9b318cf47deacca765aee665b20a2a5369cf55ae1e56b47158acc0ca