onboarding.novo.co Open in urlscan Pro
2606:4700::6812:12c9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://onboarding.novo.co/
Effective URL:
https://onboarding.novo.co/
Submission: On June 13 via api (June 13th 2024, 4:48:20 pm UTC) from US — Scanned from DE

Summary HTTP 127 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 33 domains to perform 127 HTTP transactions. The main IP is 2606:4700::6812:12c9, located in United States and belongs to CLOUDFLARENET, US. The main domain is onboarding.novo.co.
TLS certificate: Issued by GTS CA 1P5 on May 31st 2024. Valid for: 3 months.

This is the only time onboarding.novo.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2606:4700::68... 2606:4700::6812:12c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.195.39.4 54.195.39.4	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:6022... 2620:100:6022:18::a27d:4212	19679 (DROPBOX) (DROPBOX)
1	52.222.236.71 52.222.236.71	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:7da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:26f0:310... 2a02:26f0:3100::1735:283b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 7	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:ad4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1f85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
3	13.32.27.86 13.32.27.86	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:275... 2600:9000:275d:de00:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.32.27.12 13.32.27.12	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:6... 2600:1901:0:6ccc::	15169 (GOOGLE) (GOOGLE)
2	3.226.55.125 3.226.55.125	14618 (AMAZON-AES) (AMAZON-AES)
2	13.225.78.113 13.225.78.113	16509 (AMAZON-02) (AMAZON-02)
4	34.66.73.214 34.66.73.214	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	184.72.105.205 184.72.105.205	14618 (AMAZON-AES) (AMAZON-AES)
8	18.244.18.51 18.244.18.51	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	95.100.146.18 95.100.146.18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.222.236.94 52.222.236.94	16509 (AMAZON-02) (AMAZON-02)
2	18.205.209.78 18.205.209.78	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
1 2	95.101.111.153 95.101.111.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.202.100.181 52.202.100.181	14618 (AMAZON-AES) (AMAZON-AES)
1 1	18.66.102.115 18.66.102.115	16509 (AMAZON-02) (AMAZON-02)
1	13.33.187.51 13.33.187.51	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2646:0:a:b27c:d040:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:264... 2600:9000:2646:c200:0:cc59:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
127	40

28 2606:4700::6812:12c9 (United States)

ASN13335 (CLOUDFLARENET, US)

onboarding.novo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.39.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

mpsnare.iesnare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:6022:18::a27d:4212 (United States)

ASN19679 (DROPBOX, US)

www.dropbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-71.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7da (United States)

ASN13335 (CLOUDFLARENET, US)

js.partnerstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:283b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ad4 (United States)

ASN13335 (CLOUDFLARENET, US)

grsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1f85 (United States)

ASN13335 (CLOUDFLARENET, US)

partnerlinks.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-86.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:275d:de00:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-12.fra56.r.cloudfront.net

cdn.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:6ccc:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.sardine.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.226.55.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-55-125.compute-1.amazonaws.com

onboardingapi.novo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-113.fra2.r.cloudfront.net

api.rudderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.66.73.214 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 214.73.66.34.bc.googleusercontent.com

client-api.auryc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.72.105.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-105-205.compute-1.amazonaws.com

api.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.244.18.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-51.fra56.r.cloudfront.net

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 95.100.146.18 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-18.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o139498.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-94.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.205.209.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-209-78.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.111.153 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-153.deploy.static.akamaitechnologies.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.100.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-100-181.compute-1.amazonaws.com

arttrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.115 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-115.fra56.r.cloudfront.net

ads.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-51.fra60.r.cloudfront.net

evt.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:0:a:b27c:d040:93a1 (United States)

ASN16509 (AMAZON-02, US)

ext.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:c200:0:cc59:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	novo.co onboarding.novo.co onboardingapi.novo.co	2 MB
15	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 11474	97 KB
11	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 787	150 KB
8	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 352 www.linkedin.com — Cisco Umbrella Rank: 558 px4.ads.linkedin.com — Cisco Umbrella Rank: 6457	4 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	6 KB
5	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 2689 heapanalytics.com — Cisco Umbrella Rank: 2178	230 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 357	14 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	393 KB
4	auryc.com client-api.auryc.com — Cisco Umbrella Rank: 11963	1 KB
4	sprig.com cdn.sprig.com — Cisco Umbrella Rank: 7455 api.sprig.com — Cisco Umbrella Rank: 4713	71 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3078 www.google.com — Cisco Umbrella Rank: 5	366 B
3	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2364 rs.fullstory.com — Cisco Umbrella Rank: 2143	76 KB
2	chtbl.com ext.chtbl.com — Cisco Umbrella Rank: 37580 web.chtbl.com — Cisco Umbrella Rank: 36319	4 KB
2	undertone.com 1 redirects ads.undertone.com — Cisco Umbrella Rank: 12144 evt.undertone.com — Cisco Umbrella Rank: 11661	962 B
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2337	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 8196	126 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68	21 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 132	400 B
2	sentry.io o139498.ingest.sentry.io	436 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	74 KB
2	rudderstack.com api.rudderstack.com — Cisco Umbrella Rank: 10642	3 KB
2	sardine.ai api.sardine.ai — Cisco Umbrella Rank: 23638	26 KB
2	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5788	7 KB
2	iesnare.com mpsnare.iesnare.com — Cisco Umbrella Rank: 6192	14 KB
1	arttrk.com arttrk.com — Cisco Umbrella Rank: 4951	131 B
1	partnerlinks.io partnerlinks.io — Cisco Umbrella Rank: 18855	205 B
1	grsm.io grsm.io — Cisco Umbrella Rank: 18316	205 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 958	17 KB
1	partnerstack.com js.partnerstack.com — Cisco Umbrella Rank: 24857	3 KB
1	dropbox.com www.dropbox.com — Cisco Umbrella Rank: 2911	10 KB
0	acsbap.com Failed acsbap.com Failed
0	omappapi.com Failed a.omappapi.com Failed
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
127	33

	Domain	Requested by
28	onboarding.novo.co	onboarding.novo.co
15	cdn.rudderlabs.com	onboarding.novo.co cdn.rudderlabs.com
11	analytics.tiktok.com	cdn.rudderlabs.com analytics.tiktok.com onboarding.novo.co
6	www.facebook.com
6	px.ads.linkedin.com	3 redirects snap.licdn.com onboarding.novo.co
4	bat.bing.com	cdn.rudderlabs.com bat.bing.com
4	www.googletagmanager.com	cdn.rudderlabs.com www.googletagmanager.com
4	client-api.auryc.com	onboarding.novo.co
3	cdn.heapanalytics.com	onboarding.novo.co cdn.heapanalytics.com
2	trkn.us	1 redirects
2	www.google.de
2	www.google-analytics.com	www.googletagmanager.com onboarding.novo.co
2	stats.g.doubleclick.net	www.googletagmanager.com onboarding.novo.co
2	region1.analytics.google.com	www.googletagmanager.com
2	heapanalytics.com
2	o139498.ingest.sentry.io
2	connect.facebook.net	cdn.rudderlabs.com connect.facebook.net
2	api.sprig.com	onboarding.novo.co
2	api.rudderstack.com	onboarding.novo.co
2	onboardingapi.novo.co	onboarding.novo.co
2	api.sardine.ai	onboarding.novo.co api.sardine.ai
2	cdn.sprig.com	onboarding.novo.co cdn.sprig.com
2	edge.fullstory.com	onboarding.novo.co edge.fullstory.com
2	widget.trustpilot.com	onboarding.novo.co widget.trustpilot.com
2	mpsnare.iesnare.com	onboarding.novo.co mpsnare.iesnare.com
1	www.google.com
1	web.chtbl.com	onboarding.novo.co
1	ext.chtbl.com	onboarding.novo.co
1	evt.undertone.com
1	ads.undertone.com	1 redirects
1	arttrk.com
1	rs.fullstory.com	edge.fullstory.com
1	partnerlinks.io	js.partnerstack.com
1	grsm.io	js.partnerstack.com
1	px4.ads.linkedin.com	onboarding.novo.co
1	www.linkedin.com	1 redirects
1	snap.licdn.com	onboarding.novo.co
1	js.partnerstack.com	onboarding.novo.co
1	www.dropbox.com	onboarding.novo.co
0	acsbap.com Failed	onboarding.novo.co
0	a.omappapi.com Failed	onboarding.novo.co
0	static.cloudflareinsights.com Failed	onboarding.novo.co
127	42

This site contains links to these domains. Also see Links.

Domain
enable-javascript.com
novo.co

Subject Issuer	Validity	Valid
novo.co GTS CA 1P5	`2024-05-31` - `2024-08-29`	3 months	crt.sh
mpsnare.iesnare.com DigiCert SHA2 High Assurance Server CA	`2024-05-06` - `2025-05-20`	a year	crt.sh
*.dropbox.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-11-30`	a year	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
partnerstack.com E1	`2024-05-25` - `2024-08-23`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-05-03` - `2024-08-01`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
grsm.io GTS CA 1P5	`2024-05-22` - `2024-08-20`	3 months	crt.sh
partnerlinks.io Cloudflare Inc ECC CA-3	`2023-10-07` - `2024-10-06`	a year	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-05-02` - `2024-07-31`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
*.rudderlabs.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
api.sprig.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
sardine.ai WR3	`2024-06-12` - `2024-09-10`	3 months	crt.sh
*.novo.co Amazon RSA 2048 M03	`2024-04-02` - `2025-05-01`	a year	crt.sh
*.rudderstack.com Amazon RSA 2048 M03	`2023-10-24` - `2024-11-19`	a year	crt.sh
*.auryc.com R3	`2024-05-24` - `2024-08-22`	3 months	crt.sh
istio-gateway.sprig.com Amazon RSA 2048 M03	`2024-04-22` - `2025-05-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-23` - `2024-06-21`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.google.de WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
adxcel-ec2.com Amazon RSA 2048 M01	`2023-09-18` - `2024-10-17`	a year	crt.sh
ext.chtbl.com Amazon RSA 2048 M03	`2023-10-24` - `2024-11-19`	a year	crt.sh
web.chtbl.com Amazon RSA 2048 M02	`2023-11-30` - `2024-12-28`	a year	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://onboarding.novo.co/
Frame ID: B79046CFCB200895AFA6A21FDF7E64B9
Requests: 119 HTTP requests in this frame

Frame: https://api.sardine.ai/assets/collector.min.6ea1273.html?r=2024-05-28-6ea1273
Frame ID: 33940BDC2BBF82B196F5FED39257BD2F
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/index.html?templateId=5419b637fa0340045cd0c936&businessunitId=620874112319ce926973bcd8
Frame ID: 7CC45E942EAAEE53406A937AC0CB6636
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Novo | Powerfully Simple Business Banking

Page URL History Show full URLs

http://onboarding.novo.co/ HTTP 307
https://onboarding.novo.co/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

127
Requests

93 %
HTTPS

45 %
IPv6

33
Domains

42
Subdomains

40
IPs

5
Countries

3463 kB
Transfer

9556 kB
Size

35
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://enable-javascript.com/
Title: here

Search URL Search Domain Scan URL

URL: https://novo.co/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://novo.co/privacy
Title: Privacy & Security Policy

Search URL Search Domain Scan URL

URL: https://novo.co/esign
Title: Novo E-sign and Electronic Communications Agreement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://onboarding.novo.co/ HTTP 307
https://onboarding.novo.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=652497&time=1718297294189&url=https%3A%2F%2Fonboarding.novo.co%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=652497&time=1718297294189&url=https%3A%2F%2Fonboarding.novo.co%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D652497%26time%3D1718297294189%26url%3Dhttps%253A%252F%252Fonboarding.novo.co%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=652497&time=1718297294189&url=https%3A%2F%2Fonboarding.novo.co%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=652497&time=1718297294189&url=https%3A%2F%2Fonboarding.novo.co%2F&cookiesTest=true&liSync=true&e_ipv6=AQKZiuUrdH4fIwAAAZASf_cF3-TugruuO5zOP65PgeQZZWZJ-I1d54mbV9R84BjStYsznTY3

Request Chain 99

https://trkn.us/pixel/conv?ppt=18307&g=sitewide_visits&gid=41965&ord=1782687712&gtmcb=786152644 HTTP 302
https://trkn.us/pixel/conv?ppt=18307&g=sitewide_visits&gid=41965&ord=1782687712&gtmcb=786152644;ip=185.213.155.134;cuidchk=1

Request Chain 101

https://ads.undertone.com/f?pid=9716904&cb=CACHEBUSTER_MACRO HTTP 307
https://evt.undertone.com/f?pid=9716904&cb=CACHEBUSTER_MACRO

127 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
onboarding.novo.co/
Redirect Chain

http://onboarding.novo.co/
https://onboarding.novo.co/

8 KB
5 KB

493ms
429ms

Document
text/html

2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4d0e562864e1bef3f96a3e58324c638c2a5aafdd2041411c51422ce4175ccb8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 893391259ec05d41-FRA
content-encoding: gzip
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
content-type: text/html; charset=utf-8
date: Thu, 13 Jun 2024 16:48:14 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Location: https://onboarding.novo.co/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 Muli-Regular.woff2
onboarding.novo.co/assets/fonts/ 32 KB
34 KB 465ms
463ms Font
font/woff2 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/fonts/Muli-Regular.woff2

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b494e448795d0b41df7bfb96134ea58dd77dd2283a439b7c4704b89fcc929d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
content-length: 32580
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"7f44-18ff1811ef6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 893391285a5e5d41-FRA
expires: Thu, 13 Jun 2024 20:48:14 GMT

GET
H2 200 Muli-ExtraBold.woff2
onboarding.novo.co/assets/fonts/ 32 KB
34 KB 427ms
425ms Font
font/woff2 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/fonts/Muli-ExtraBold.woff2

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b11a84074a6ad0ba77822a70afe2f407beb06321cbac879dc46f516440259d3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
content-length: 32688
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"7fb0-18ff1811ef6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 893391285a615d41-FRA
expires: Thu, 13 Jun 2024 20:48:14 GMT

GET
H2 200 Muli-Bold.woff2
onboarding.novo.co/assets/fonts/ 32 KB
32 KB 476ms
474ms Font
font/woff2 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/fonts/Muli-Bold.woff2

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e84c006dd828a89cd98cf1e359b3d9d1473c149a6b8f8c7c478531b36e39c54

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
content-length: 32756
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"7ff4-18ff1811ef6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 893391285a655d41-FRA
expires: Thu, 13 Jun 2024 20:48:14 GMT

GET
H2 200 Muli-Black.woff2
onboarding.novo.co/assets/fonts/ 32 KB
33 KB 444ms
443ms Font
font/woff2 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/fonts/Muli-Black.woff2

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6565468cb46835c6ca264f154954bb00a93f571db539c6f20c5d5154a91b18f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
content-length: 33244
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"81dc-18ff1811ef6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 893391285a695d41-FRA
expires: Thu, 13 Jun 2024 20:48:14 GMT

GET
H2 200 Muli-SemiBold.woff2
onboarding.novo.co/assets/fonts/ 32 KB
32 KB 462ms
460ms Font
font/woff2 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/fonts/Muli-SemiBold.woff2

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61d6750540056c2d0a8af84697d5f16fc4ac4da63853475ee0a3e4f9a02fbcfa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
content-length: 32656
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"7f90-18ff1811ef6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 893391285a6d5d41-FRA
expires: Thu, 13 Jun 2024 20:48:14 GMT

GET
H2 200 fa-solid-900.woff2
onboarding.novo.co/assets/fonts/ 73 KB
74 KB 479ms
477ms Font
font/woff2 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/fonts/fa-solid-900.woff2

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d206f999709698a938ea4e948c199086ab626a1274af358edb2be73c0ac03aee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
content-length: 75212
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"125cc-18ff1811efa"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 893391285a715d41-FRA
expires: Thu, 13 Jun 2024 20:48:14 GMT

GET
H2 200 ABCGintoNormal-Bold.woff2
onboarding.novo.co/assets/fonts/ABCGinto/ 37 KB
39 KB 476ms
475ms Font
font/woff2 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/fonts/ABCGinto/ABCGintoNormal-Bold.woff2

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31a2541bb0190eef1cade5d12bc770a206724018dcb1a6513ecf05b3ee3d8ada

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
content-length: 37608
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"92e8-18ff1811f06"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 893391285a775d41-FRA
expires: Thu, 13 Jun 2024 20:48:14 GMT

GET
H2 200 ABCGintoNormal-Light.woff2
onboarding.novo.co/assets/fonts/ABCGinto/ 34 KB
34 KB 453ms
452ms Font
font/woff2 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/fonts/ABCGinto/ABCGintoNormal-Light.woff2

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02b2ea02c7620134bd0e2fee193bc59fc1c7a242c2da7a3097ad613292e7f56d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
content-length: 34776
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"87d8-18ff1811f06"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 893391285a795d41-FRA
expires: Thu, 13 Jun 2024 20:48:14 GMT

GET
H2 200 ABCGintoNormal-Medium.woff2
onboarding.novo.co/assets/fonts/ABCGinto/ 37 KB
37 KB 478ms
477ms Font
font/woff2 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/fonts/ABCGinto/ABCGintoNormal-Medium.woff2

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24b82226387a0da4a49f019ee3f5fca0e5601de51fe9af4b6ef5e15039c1137e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
content-length: 37648
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"9310-18ff1811f06"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 893391285a825d41-FRA
expires: Thu, 13 Jun 2024 20:48:14 GMT

GET
H2 200 ABCGintoNormal-Regular.woff2
onboarding.novo.co/assets/fonts/ABCGinto/ 32 KB
33 KB 487ms
486ms Font
font/woff2 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/fonts/ABCGinto/ABCGintoNormal-Regular.woff2

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52043a07c593d11bb6fc3294a971ca12f3616dc1a11fb8592369dcb838a17ad3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
content-length: 33244
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"81dc-18ff1811f06"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 893391285a895d41-FRA
expires: Thu, 13 Jun 2024 20:48:14 GMT

GET
H/1.1 200
OK snare.js Show response
mpsnare.iesnare.com/ 38 KB
13 KB 120ms
34ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/snare.js

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c742aeaffd37182433995e88a1c32f6f90b434d77d883d7eb202f25568a05dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 13 Jun 2024 16:48:14 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: no-cache, private
Connection: keep-alive
Expires: 0

GET
H2 200 dropins.js Show response
www.dropbox.com/static/api/2/ 36 KB
10 KB 163ms
125ms Script
text/javascript 2620:100:6022:18::a27d:4212
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dropbox.com/static/api/2/dropins.js

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:6022:18::a27d:4212 , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

c5240c4c2d0698ef54c04ab88c1e48a1d33c27b1ac1dc418f4ffbbda240a5f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 13 Jun 2024 12:28:29 GMT
server: envoy
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-dropbox-request-id: db109f7a50224507bd70725f8dd75a64
cache-control: no-cache, no-store
x-dropbox-response-origin: remote
timing-allow-origin: https://www.dropbox.com
x-cached: HIT
expires: Thu, 13 Jun 2024 17:48:14 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 35ms
8ms Script
application/x-javascript 52.222.236.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.71 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-71.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 01:37:57 GMT
content-encoding: gzip
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P4
age: 54618
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: X_b3kmEmWSMmVUePdoUT3-pmogLON-ACLFkmD6ch_CF9BuN-GQKGPQ==

GET
H2 200 app.2f7c31a5.bundle.js Show response
onboarding.novo.co/2f7c/ 4 MB
793 KB 456ms
455ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/2f7c/app.2f7c31a5.bundle.js

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efa933c4ba5eb170097c369997b92097d12e611c2b1822d0f2152d77743d0e58

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"3f7abb-18ff1811f12"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 893391286a945d41-FRA
expires: Thu, 13 Jun 2024 20:48:14 GMT

GET
H2 200 logo_w.svg
onboarding.novo.co/assets/images/logo/ 2 KB
1 KB 367ms
366ms Image
image/svg+xml 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.novo.co/assets/images/logo/logo_w.svg

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a79c747ccdc97b4bb6899be824d29fe45f7c573a4b684e48fb7466592877e682

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"801-18ff1811f0e"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 893391286a905d41-FRA
expires: Thu, 13 Jun 2024 20:48:14 GMT

GET
H2 200 email-decode.min.js Show response
onboarding.novo.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
813 B 38ms
38ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Jun 2024 15:13:46 GMT
server: cloudflare
etag: W/"666323aa-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 893391286a935d41-FRA
expires: Sat, 15 Jun 2024 16:48:14 GMT

GET
H2 200 / Show response
js.partnerstack.com/v1/ 6 KB
3 KB 57ms
25ms Script
application/javascript 2606:4700::6812:7da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.partnerstack.com/v1/
Requested by: Host: onboarding.novo.co
URL: https://onboarding.novo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0447a16b013d19042b42be1a4eaadf522f4dac16ef6867ed8664ec53a80b1500

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 19:31:09 GMT
server: cloudflare
age: 52
etag: W/"65de387d-19ce"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 893391289fdd925f-FRA
expires: Thu, 13 Jun 2024 20:48:14 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 273 KB
74 KB 55ms
15ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: onboarding.novo.co
URL: https://onboarding.novo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ae662bc47f598b1deec34ecd7a9432c766c4db2f2ae8a951fa76336b6c001f85

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:14:10 GMT
content-encoding: br
age: 2044
x-guploader-uploadid: ABPtcPoOZezqb6wCw6NIZHVo6j6WXaSJ2SpISt_EuSj4G_0uwqVlgs_HqtJHxn_t86daSM63VQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75362
last-modified: Thu, 06 Jun 2024 13:11:57 GMT
server: UploadServer
etag: "505d5df439fda0ef6083305f079651ff"
vary: Accept-Encoding
x-goog-generation: 1717679517113319
x-goog-hash: crc32c=dZHqrA==, md5=UF1d9Dn9oO9ggzBfB5ZR/w==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 75362
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 13 Jun 2024 17:14:10 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 38ms
10ms Script
application/javascript 2a02:26f0:3100::1735:283b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:283b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 May 2024 16:52:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=65330
accept-ranges: bytes
content-length: 16683

GET vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 0
0

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
816 B 194ms
171ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=652497&time=1718297294189&url=https%3A%2F%2Fonboarding.novo.co%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:13 GMT
content-encoding: gzip
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F4A34AACAE794DBFAE10D4B866A663A2 Ref B: FRAEDGE1412 Ref C: 2024-06-13T16:48:14Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYayEPYIVgZIl591+heJw==
x-fs-uuid: 00061ac843d8215819225e7dd7e85e27

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=652497&time=1718297294189&url=https%3A%2F%2Fonboarding.novo.co%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=652497&time=1718297294189&url=https%3A%2F%2Fonboarding.novo.co%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D652497%26time%3D1718297294189%26url%3Dhttps%253A%252F%252Fonboarding.novo.co%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=652497&time=1718297294189&url=https%3A%2F%2Fonboarding.novo.co%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=652497&time=1718297294189&url=https%3A%2F%2Fonboarding.novo.co%2F&cookiesTest=true&liSync=true&e_ipv6=AQKZiuUrdH4fIwAAAZASf_cF3-TugruuO5zOP65PgeQ...

0
265 B

121ms
105ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=652497&time=1718297294189&url=https%3A%2F%2Fonboarding.novo.co%2F&cookiesTest=true&liSync=true&e_ipv6=AQKZiuUrdH4fIwAAAZASf_cF3-TugruuO5zOP65PgeQZZWZJ-I1d54mbV9R84BjStYsznTY3
Requested by: Host: onboarding.novo.co
URL: https://onboarding.novo.co/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://onboarding.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8B71145C24CF4508A9A02EA7AEF50A83 Ref B: FRAEDGE1911 Ref C: 2024-06-13T16:48:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYayEPeqO1u8itZ2NHncw==

Redirect headers

date: Thu, 13 Jun 2024 16:48:13 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 6AFB644B35F345FABADF7B1AF208CB5C Ref B: FRAEDGE1114 Ref C: 2024-06-13T16:48:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=652497&time=1718297294189&url=https%3A%2F%2Fonboarding.novo.co%2F&cookiesTest=true&liSync=true&e_ipv6=AQKZiuUrdH4fIwAAAZASf_cF3-TugruuO5zOP65PgeQZZWZJ-I1d54mbV9R84BjStYsznTY3
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYayEPc0yYf8Lx7UJKyxg==

GET
H2 200 pk_nwV0RbNSmmTXrGfneCUqcrzYNkIltE9c Show response
grsm.io/pr/gpk/ 0
205 B 93ms
24ms XHR
text/plain 2606:4700::6812:ad4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://grsm.io/pr/gpk/pk_nwV0RbNSmmTXrGfneCUqcrzYNkIltE9c
Requested by: Host: js.partnerstack.com
URL: https://js.partnerstack.com/v1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
server: cloudflare
vary: Accept-Encoding
p3p: CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin: https://onboarding.novo.co
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
cf-ray: 893391294baa085c-FRA
content-length: 0

GET
H2 200 web Show response
edge.fullstory.com/s/settings/o-1MZ1A5-na1/v1/ 4 KB
1 KB 135ms
134ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1MZ1A5-na1/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9e074330ccdd9b155912ea4bea675df2283c8514e33db05edd0ba4f5ae9baf3a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPqBT5yNmE5CjiuPy7rWyOWomER90bYM1ToPwBC4OmeqVTFzb1MJZqFHZO6DqesykR7GOvY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1224
last-modified: Sun, 25 Feb 2024 12:40:25 GMT
server: UploadServer
etag: "5bb9f84faaed01f98cb13212435d7187"
x-goog-generation: 1708864825220016
x-goog-hash: crc32c=pPS5wA==, md5=W7n4T6rtAfmMsTISQ11xhw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1224
accept-ranges: bytes
content-type: application/json
expires: Thu, 13 Jun 2024 17:03:14 GMT

GET
H/1.1 200
OK logo.js Show response
mpsnare.iesnare.com/script/ 96 B
809 B 32ms
32ms Script
text/javascript 54.195.39.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://mpsnare.iesnare.com/script/logo.js

Requested by

Host: mpsnare.iesnare.com
URL: https://mpsnare.iesnare.com/snare.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.195.39.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-39-4.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9d4f9c787288db5ba08ab9b43d25656cdcc887b1a0c128dc7e87cada5ab355ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 13 Jun 2024 16:48:14 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Server: nginx
Accept-CH: Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
p3p: CP="NON DSP COR CURa"
Cache-Control: private
Connection: keep-alive
Expires: Fri, 13 Jun 2025 16:48:14 GMT

GET
H2 200 pk_nwV0RbNSmmTXrGfneCUqcrzYNkIltE9c Show response
partnerlinks.io/pr/gpk/ 0
205 B 80ms
38ms XHR
text/plain 2606:4700::6812:1f85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partnerlinks.io/pr/gpk/pk_nwV0RbNSmmTXrGfneCUqcrzYNkIltE9c
Requested by: Host: js.partnerstack.com
URL: https://js.partnerstack.com/v1/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
server: cloudflare
vary: Accept-Encoding
p3p: CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin: https://onboarding.novo.co
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
cf-ray: 89339129ae092bfa-FRA
content-length: 0

POST
H2 202 page Show response
rs.fullstory.com/rec/ 71 B
281 B 166ms
130ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

eac81d9e33471676d196674d072ca7645bd436299f04887009d224e204279e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://onboarding.novo.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
198 B 109ms
109ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://onboarding.novo.co/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:14 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CC1D83C1FE0B48B7AC0DB251EB05926F Ref B: FRAEDGE1114 Ref C: 2024-06-13T16:48:14Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://onboarding.novo.co
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYayEPgVkQiUk9b9NVl+g==

GET
H2 200 heap-3775576419.js Show response
cdn.heapanalytics.com/js/ 121 KB
39 KB 132ms
105ms Script
application/javascript 13.32.27.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3775576419.js

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-86.fra56.r.cloudfront.net

Software

nginx / Express

Resource Hash

57c5d862562497ff869a79e82e2413c14ae5dad8b6ad357e456e83f173937385

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:47:18 GMT
content-encoding: br
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA56-C2
age: 57
x-powered-by: Express
etag: W/"1e2dc-zgGR4Nkz/S0CxpJsngnzyit26yk"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4d50-ySugdANzdQkTqIEzzChgu0BKPz5bdhgPOFMi8wf9g8pk-ihrQ==

GET
H2 200 rsa.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/ 92 KB
25 KB 51ms
13ms Script
application/javascript 2600:9000:275d:de00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/rsa.min.js
Requested by: Host: onboarding.novo.co
URL: https://onboarding.novo.co/2f7c/app.2f7c31a5.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:de00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06a96844277207b6d681e9eea92c6d74fbb49b39b27613ae3fd962b30174d7a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:15 GMT
content-encoding: br
via: 1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2024 06:04:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 2318
x-amz-server-side-encryption: AES256
etag: W/"b29d49b2a7682b3a216609c7c4467ee8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IaXix0laUmC8pRawIg-CrCEXxVLDfpPn5lTn9VvzXHu73Fybu2GY5Q==

GET
H2 200 shim.js Show response
cdn.sprig.com/ 147 KB
49 KB 39ms
11ms Script
application/javascript 13.32.27.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sprig.com/shim.js?id=_NCBHaUVs3QG
Requested by: Host: onboarding.novo.co
URL: https://onboarding.novo.co/2f7c/app.2f7c31a5.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 255766f6f3ca2832371e26bb1dd1feb722b94d493e509d37171d143dfe9e01ea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 17:39:38 GMT
x-amz-version-id: b0SmKEHGfQJsy47CtaTofNMmo7P9fX9a
content-encoding: br
last-modified: Thu, 06 Jun 2024 23:16:35 GMT
server: AmazonS3
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"32c02efbafec7761ebcb96874c0cb8c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 83318
cross-origin-resource-policy: cross-origin
x-amz-cf-id: kBpzEOcqzEcFZBCAR9iRgAivPZdqDZgsCmRuWhpBNLU3n7cc4RbCKw==

GET
H2 200 loader.min.js Show response
api.sardine.ai/assets/ 74 KB
26 KB 63ms
22ms Script
text/javascript 2600:1901:0:6ccc::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sardine.ai/assets/loader.min.js
Requested by: Host: onboarding.novo.co
URL: https://onboarding.novo.co/2f7c/app.2f7c31a5.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:6ccc:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3ab613dc645fdb11a78c05b119b3650709c78eb165cffdce8d01f6ec10cd73b0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:32:53 GMT
content-encoding: gzip
age: 922
x-guploader-uploadid: ABPtcPoebWYWtLRW1Z32Q_G7CB1Dyx6dP2ftFkiaDgvb773T3NFqMgtAiMfphq1R-iFBO0GEzNwXKFUtUA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25898
last-modified: Tue, 28 May 2024 19:10:53 GMT
server: UploadServer
etag: "66e173c32d917c1534d3c14a8c6adb14"
x-goog-hash: crc32c=9GSRoQ==, md5=ZuFzwy2RfBU008FKjGrbFA==
x-goog-generation: 1716923453608214
access-control-allow-origin: *
content-language: en
access-control-expose-headers: *
cache-control: public, max-age=1800,no-transform
x-goog-stored-content-length: 25898
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 13 Jun 2024 17:02:53 GMT

POST
H2 200 open Show response
onboardingapi.novo.co/api/ 11 KB
11 KB 118ms
118ms XHR
application/json 3.226.55.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://onboardingapi.novo.co/api/open

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/2f7c/app.2f7c31a5.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.226.55.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-55-125.compute-1.amazonaws.com

Software

Resource Hash

52e62ba826346a5ec586a3f87fe694cfebcbb43ff4af24b0af7c2e4406a0dc92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://onboarding.novo.co/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: same-origin
content-length: 11001
x-xss-protection: 0
referrer-policy: no-referrer
cross-origin-opener-policy: same-origin
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onboarding.novo.co
origin-agent-cluster: ?1
access-control-allow-headers: Content-Type, Authorization

OPTIONS
H2 200 open
onboardingapi.novo.co/api/ Frame 0
0 358ms
110ms Preflight
text/plain 3.226.55.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://onboardingapi.novo.co/api/open

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.226.55.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-226-55-125.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://onboarding.novo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: https://onboarding.novo.co
content-length: 2
content-type: text/plain; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 13 Jun 2024 16:48:15 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-agent-cluster: ?1
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 container.js Show response
cdn.heapanalytics.com/js/replay/9930-HeapProductionV2-prod-heap/ 9 KB
5 KB 8ms
8ms Script
application/javascript 13.32.27.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/replay/9930-HeapProductionV2-prod-heap/container.js
Requested by: Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/heap-3775576419.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ce006ee43e665f7bdd6bf80a9fe0fca4a42c9e7b1556119b187fb214e648498

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: rT2qA.9hIYaEfX4u8JidD91poIVoQ84y
content-encoding: gzip
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
date: Thu, 13 Jun 2024 09:54:55 GMT
x-amz-cf-pop: FRA56-C2
age: 24987
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4366
last-modified: Thu, 11 Jan 2024 13:39:56 GMT
server: AmazonS3
etag: "1743de76088b87ecdd57118dcaf36fd4"
content-type: application/javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-amz-cf-id: XUL-Zpz-0--5cN8qeiML7d8_Pfw_HaM0yt5T0l--edVrV67EGrgM9A==

GET
H2 200 collector.min.6ea1273.html
api.sardine.ai/assets/ Frame 3394 0
0 48ms
17ms Document
text/html 2600:1901:0:6ccc::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sardine.ai/assets/collector.min.6ea1273.html?r=2024-05-28-6ea1273
Requested by: Host: api.sardine.ai
URL: https://api.sardine.ai/assets/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:6ccc:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://onboarding.novo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
age: 881
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1800,no-transform
content-encoding: gzip
content-language: en
content-length: 210
content-type: text/html
date: Thu, 13 Jun 2024 16:33:34 GMT
etag: "0c0a3eef35ff3d8168b69c2e502413b4"
expires: Thu, 13 Jun 2024 17:03:34 GMT
last-modified: Tue, 28 May 2024 19:10:53 GMT
server: UploadServer
x-goog-generation: 1716923453507789
x-goog-hash: crc32c=0eiBVQ== md5=DAo+7zX/PYFotpwuUCQTtA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 210
x-guploader-uploadid: ABPtcPpzkKLxjqziGN2v3htYjTlm08b9IjYu6dNEyuV33BxlylcAlagNHY3IDdcsPYlAXXRCgKs

OPTIONS
H2 204 /
api.rudderstack.com/sourceConfig/ Frame 0
0 134ms
105ms Preflight 13.225.78.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rudderstack.com/sourceConfig/?p=cdn&v=3.0.0-beta.24&build=modern&writeKey=2WhuE44XPF8VDlRPwCDuNGD1Ztn&lockIntegrationsVersion=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-113.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://onboarding.novo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 900
age: 39
alt-svc: h3=":443"; ma=86400
date: Thu, 13 Jun 2024 16:47:36 GMT
vary: Origin
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
x-amz-cf-id: gjOa4Zt8kEPAyePEwZ0DCEyAY-jRDym3Bt6Ihpr6uYi1C3sQIaK9Ig==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-request-id: a327bac0-29a4-11ef-9002-e96185c42eb7

GET
H2 200 / Show response
api.rudderstack.com/sourceConfig/ 8 KB
3 KB 110ms
110ms XHR
application/json 13.225.78.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rudderstack.com/sourceConfig/?p=cdn&v=3.0.0-beta.24&build=modern&writeKey=2WhuE44XPF8VDlRPwCDuNGD1Ztn&lockIntegrationsVersion=false

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/2f7c/app.2f7c31a5.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-113.fra2.r.cloudfront.net

Software

Resource Hash

483a0fdd84a14558248daf506766d7472d88476a01ad89c59968febf3877668d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Basic MldodUU0NFhQRjhWRGxSUHdDRHVOR0QxWnRuOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json
Referer: https://onboarding.novo.co/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:45:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 170
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 556ae960-29a4-11ef-8881-b76a08911c92
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-amz-cf-id: HYZ42Z22NSb-6wpUeLTODktXw1g00sAcnx1OyOCI0Npq1ZGpgNN0zQ==

GET
H2 200 releasesettings Show response
client-api.auryc.com/ 2 B
160 B 126ms
126ms XHR
application/json 34.66.73.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/releasesettings?lib=Web

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/2f7c/app.2f7c31a5.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.73.66.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-authorized-identity: 9930-HeapProductionV2-prod-heap
Referer: https://onboarding.novo.co/
x-authorized-token: af33509cee3db7970398b5069a6bc08a
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 16:48:15 GMT
server: istio-envoy
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://onboarding.novo.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 releasesettings
client-api.auryc.com/ Frame 0
0 385ms
122ms Preflight 34.66.73.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/releasesettings?lib=Web

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.73.66.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-authorized-identity,x-authorized-token
Access-Control-Request-Method: GET
Origin: https://onboarding.novo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-authorized-identity, x-authorized-token
access-control-allow-methods: OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://onboarding.novo.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Thu, 13 Jun 2024 16:48:15 GMT
expires: 0
pragma: no-cache
server: istio-envoy
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 204
No Content config
api.sprig.com/sdk/1/environments/_NCBHaUVs3QG/ Frame 0
0 366ms
143ms Preflight 184.72.105.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/_NCBHaUVs3QG/config
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 184.72.105.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-105-205.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: GET
Origin: https://onboarding.novo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Thu, 13 Jun 2024 16:48:15 GMT
server: istio-envoy
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 4

GET
H/1.1 200
OK config Show response
api.sprig.com/sdk/1/environments/_NCBHaUVs3QG/ 2 KB
1 KB 162ms
162ms Fetch
application/json 184.72.105.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/_NCBHaUVs3QG/config
Requested by: Host: onboarding.novo.co
URL: https://onboarding.novo.co/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 184.72.105.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-184-72-105-205.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 00228b96da058a559d153010cf7b0de8b077d95eaf0ab297efd8a7d3ae91d294

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-ul-visitor-id: 2c95266a-c5be-4df1-8d6d-4498a93e53ca
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://onboarding.novo.co/
x-ul-sdk-version: 2.30.0
x-ul-environment-id: _NCBHaUVs3QG
userleap-platform: web
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
content-encoding: gzip
server: istio-envoy
etag: W/"8a3-Pjda6LMRQGjarHWXfJ+079xL9gY"
vary: Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 34
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

GET
H2 200 logo_favicon.png
onboarding.novo.co/assets/images/logo/ 3 KB
5 KB 337ms
336ms Other
image/png 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/images/logo/logo_favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a243318ac8f8922fa8ac82630b0a7ea477470afd0ba7bbf82e24845f89b87488

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
content-length: 3089
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"c11-18ff1811f0e"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89339131fef05d41-FRA
expires: Thu, 13 Jun 2024 20:48:15 GMT

GET
H3 200 rsa-plugins.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/ 3 KB
969 B 23ms
13ms Script
application/javascript 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/rsa-plugins.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/rsa.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05d5f6cd93dc84ca58c6865068d2c47c3ef5d1b006b10c2fd5247e738df66d4e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:15 GMT
content-encoding: br
via: 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
age: 2316
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 06:04:19 GMT
server: AmazonS3
etag: W/"230b3e8e115473782343bfd3b82b4587"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: WuLrZyYkFUCMZhhgUF7cxqvtu3yeCq12XoVHFJBBqk-p5M3P3OHQFg==

GET
H3 200 rsa-plugins-remote-StorageEncryption.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/ 339 B
724 B 11ms
11ms Script
application/javascript 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/rsa-plugins-remote-StorageEncryption.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/rsa-plugins.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d9dae571d29319e5284206c040d4e39446f9ad2ee9a4612f51ee237f476a71c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.rudderlabs.com/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:15 GMT
via: 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
age: 2316
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 339
last-modified: Tue, 19 Mar 2024 06:04:19 GMT
server: AmazonS3
etag: "00f91a244d4832383dea79a06978190a"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 7pszwfI4dODuRbElGzXAEEbtMEZHjkQ8kJe8qNYn0FtaPFeI9RBIOg==

GET
H3 200 rsa-plugins-remote-BeaconQueue.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/ 2 KB
1 KB 12ms
12ms Script
application/javascript 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/rsa-plugins-remote-BeaconQueue.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/rsa-plugins.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4489ecf23d5c491799639acb0e5013e4dbf987915f0ef1263136fa203a19a9f8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.rudderlabs.com/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:15 GMT
content-encoding: br
via: 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
age: 2316
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 06:04:19 GMT
server: AmazonS3
etag: W/"ea7000e7870a8ca04e1985b2ec7ada6f"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: jtrs_F1FEXI_T0eEzdGnwMoQz1arbd6VXY10dL5FHnBJ1SEvHBR9Zw==

GET
H3 200 rsa-plugins-remote-DeviceModeDestinations.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/ 6 KB
3 KB 13ms
13ms Script
application/javascript 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/rsa-plugins-remote-DeviceModeDestinations.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/rsa-plugins.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea7270ed0fbe71c16e9efbbd24111e417d263e9e93e7a49ae71a2f07c9dc1996

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.rudderlabs.com/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:15 GMT
content-encoding: br
via: 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
age: 2316
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 06:04:19 GMT
server: AmazonS3
etag: W/"be708000a926633b0f4493fbf3766286"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: CgVwNYeK4mzm0tRf7e6_FnbdY9beHgW2XJxIv6CofNyFqe4eWWrFWw==

GET
H3 200 rsa-plugins-remote-NativeDestinationQueue.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/ 2 KB
1 KB 14ms
13ms Script
application/javascript 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/rsa-plugins-remote-NativeDestinationQueue.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/rsa-plugins.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd1120e498b007002075783856ef73950269fbc18af1fd7e2a215b9e99ae8c70

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.rudderlabs.com/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:15 GMT
content-encoding: br
via: 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
age: 2316
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 06:04:19 GMT
server: AmazonS3
etag: W/"03d61115d199f05fd680d532031e4629"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: pJkt3OSpgzJF9HyionnmJaOTD4UIp29uNyV_O81cRjuaXJTZ6XXNrg==

GET
H3 200 rsa-plugins-common.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/ 6 KB
3 KB 15ms
14ms Script
application/javascript 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/rsa-plugins-common.min.js
Requested by: Host: onboarding.novo.co
URL: https://onboarding.novo.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 907ff9a58f01ce9587c2546a8ac922f7508c4d91c5b41759c8273ec6eb5c7466

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.rudderlabs.com/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:15 GMT
content-encoding: br
via: 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
age: 2316
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 06:04:19 GMT
server: AmazonS3
etag: W/"1e091d3105a6e16ec22a23a32685529e"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 6v0lmyWUlMP-W2FkWuKhlhDCNTMfAW41ty1SU2BfeOFhNwa6wvQBfA==

GET
H3 200 rsa-plugins-RetryQueue.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/ 9 KB
3 KB 13ms
13ms Script
application/javascript 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/rsa-plugins-RetryQueue.min.js
Requested by: Host: onboarding.novo.co
URL: https://onboarding.novo.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 030afe0e702e26624aed13bc0679d617b4060c6bc82eb2a4a3daeee2ded73a6a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.rudderlabs.com/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:15 GMT
content-encoding: br
via: 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
age: 2315
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 06:04:19 GMT
server: AmazonS3
etag: W/"682a87d304772cee73527e36a557e705"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: Pe6IfDRQVUbfWC_qRAkRp8XJyymGVyXnGN8v7WNyEpSf66BkQHByJQ==

GET
H3 200 rsa-plugins-deviceModeDestinations.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/ 3 KB
1 KB 14ms
14ms Script
application/javascript 18.244.18.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/plugins/rsa-plugins-deviceModeDestinations.min.js
Requested by: Host: onboarding.novo.co
URL: https://onboarding.novo.co/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.244.18.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dfd5a932873d1985acc42d57f51c2bbd77901d6264f19b3b1b04ab38572f1668

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.rudderlabs.com/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:15 GMT
content-encoding: br
via: 1.1 1f5c750c03b26301631398b45f61e262.cloudfront.net (CloudFront)
age: 2315
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 06:04:19 GMT
server: AmazonS3
etag: W/"ea033e01631ed62f8f3ec1c23ee6c4b2"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 56Coa_kq-rZQEWXPWCw3hi_nMnXmNlMbsGb-eWH5vmFT7hq5fBWiEQ==

GET
H2 200 BingAds.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/ 21 KB
8 KB 12ms
11ms Script
application/javascript 2600:9000:275d:de00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/BingAds.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/rsa.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:de00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d3648cf49f52d16b4037316fe919646b733499a8a8986eefe39ce7672e638d6e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:09:41 GMT
content-encoding: br
via: 1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2024 06:04:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 2315
x-amz-server-side-encryption: AES256
etag: W/"1218b49257c8808727804244a8106668"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: p_ciKIur8-MKrU-dAeRTELTaoaJw_l3zdeKYBmHBwQVOfUcKANeV3g==

GET
H2 200 FacebookPixel.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/ 41 KB
14 KB 11ms
10ms Script
application/javascript 2600:9000:275d:de00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/FacebookPixel.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/rsa.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:de00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b88eda62cd0778ae4de2057728af07b10a6274138462cbc3adab0fd0fbb456c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:09:41 GMT
content-encoding: br
via: 1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2024 06:04:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 2315
x-amz-server-side-encryption: AES256
etag: W/"158e2e86ac0674b8c9f0c80f5c4bfa71"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: DRc-IiuIqgWJ5whbacrV7kz0B0A4_QRnDiFrqKSyUbwnSJi8H9i_bA==

GET
H2 200 GoogleAds.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/ 33 KB
11 KB 12ms
11ms Script
application/javascript 2600:9000:275d:de00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/GoogleAds.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/rsa.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:de00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a44a7b662faf9ddcc98bdcbf254d50c51c7a1be8336ddfb069a9cd4f8ed7aace

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 15:59:37 GMT
content-encoding: br
via: 1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2024 06:04:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 2919
x-amz-server-side-encryption: AES256
etag: W/"5b2c34040d018b374a55b9355ebcf335"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: q3f68OaqtbbRSTDaK__LsNimvkwiGx_kzSNVzK2M84gxyphhmeYYLA==

GET
H2 200 GoogleTagManager.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/ 4 KB
2 KB 13ms
13ms Script
application/javascript 2600:9000:275d:de00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/GoogleTagManager.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/rsa.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:de00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63c4a9ba59d59da24aae96e52b1bbf8af0f5cc48c9413a26ba5e295f2fb759a2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:09:42 GMT
content-encoding: br
via: 1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2024 06:04:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 2314
x-amz-server-side-encryption: AES256
etag: W/"f9081d821d7465f5ad0b0f2e8f662b09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hqhjizgNFkQ00hxKsHBtIDip2EfeX9BxzDqg1lKYRgYovRUEO2jBRQ==

GET
H2 200 TiktokAds.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/ 24 KB
9 KB 14ms
14ms Script
application/javascript 2600:9000:275d:de00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/TiktokAds.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/rsa.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:de00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 673f8d5cc405522bad27485f2cac8e269159f3b617ab55184271a1c9d85d52f5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:09:42 GMT
content-encoding: br
via: 1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2024 06:04:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 2314
x-amz-server-side-encryption: AES256
etag: W/"3fb442c8200cd05ec817322e43fd131d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: kDWtjIQB6DtjYE7U58cjk7YwKy4UgpqpfPo7zX4_OP5C41WDpr0BVw==

GET
H2 200 GA4.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/ 46 KB
15 KB 14ms
13ms Script
application/javascript 2600:9000:275d:de00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/GA4.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/rsa.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:de00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cfa1dc569b8da7ca3f840f6d7dc126a4776ab788cee51629b97303271daeb62

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:09:42 GMT
content-encoding: br
via: 1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2024 06:04:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 2314
x-amz-server-side-encryption: AES256
etag: W/"31e00b63e63bd89cd70eb971adb0d8fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HKCZoOyeIMMk-qIscNQUXRqclHV2f1Ts5sxgzAuAm_3E_UKCLl6JCQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 35ms
8ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/FacebookPixel.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Jun 2024 16:48:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1368, tbw=2780, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: RNyUogN/9CEW/KAdb7+9H3qz+9NIORaC3fGUKzehJOBOmLnSt1HMwt8AHfubeiwzDDe4jqqBO125xLXWwD7VXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 148ms
69ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-803601028

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/GoogleAds.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df503b068a293b5645d738cfbc37e8361d7fe714faede08aef6576ed31bf3d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93219
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Jun 2024 16:48:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 314 KB
107 KB 199ms
122ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KLKK2C8

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/GoogleTagManager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e700ab64d246beabf083e5d0a7de3bd5d05246b392c1eaf42c9a6afd5afc58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109142
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Jun 2024 16:48:16 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 62ms
30ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/BingAds.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 13 Jun 2024 16:48:15 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F5BE14231B3C40B8A31979CBA2E3FA41 Ref B: FRAEDGE1922 Ref C: 2024-06-13T16:48:15Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 10 KB
3 KB 184ms
137ms Script
application/javascript 95.100.146.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C69DBF15469I4JJV9JDG&lib=ttq
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/TiktokAds.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.18 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 91a6e291cec25c988d8940b87940c149a1d2535340c0f2659ed9466127dec43f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 3b73b4e.2d0f7d85
date: Thu, 13 Jun 2024 16:48:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2406131648160E1420896A03564EDBF8-2E0D9F549EED1A49-00
x-cache: TCP_MISS from a95-100-146-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 105,95.100.146.14
server-timing: cdn-cache; desc=MISS, edge; dur=99, origin; dur=9, inner; dur=4
content-length: 2576
pragma: no-cache
server: nginx
x-tt-logid: 202406131648160E1420896A03564EDBF8
x-cache-remote: TCP_MISS from a23-15-7-186.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.15.7.186
x-tt-trace-host: 01a34bad20c0e93383c0dd032906d573615a5572528733e22ccad21b506a018fe5857db9e7e24dcfddbcb118aec1777bc4f38df885235f7d40bc7e04a01c705b7dedf94c6aa3775c6cfd759c0832ef6be0732d3329e37ccd638e449112a6f25a43c59095dbfa5c3aed79668f16b9c76cb4
expires: Thu, 13 Jun 2024 16:48:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
103 KB 144ms
75ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QR05S7NGSS

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/modern/js-integrations/GA4.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

371a29625aa377a58ec683b56e7a09fa4285714795bb807d687f5c336cf9c6e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105698
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 13 Jun 2024 16:48:16 GMT

GET
H2 200 423277594767394 Show response
connect.facebook.net/signals/config/ 69 KB
15 KB 228ms
227ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/423277594767394?v=2.9.158&r=stable&domain=onboarding.novo.co&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d4ec7954754384de21f760ae02a3061d213ac89d85c6a87ec404ba43edb08d5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 13 Jun 2024 16:48:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=62, mss=1368, tbw=63542, tp=-1, tpl=-1, uplat=174, ullat=1
pragma: public
x-fb-debug: aqYCDnsn7/HbOaMPw7IP/FTzQ9JyIIXWDzkFm533RvO/Bk0f4aGnDSJHi9t0FrLHuWPGyPdM7/rjGp+jDmWgog==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 26097601.js Show response
bat.bing.com/p/action/ 0
117 B 32ms
32ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26097601.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 13 Jun 2024 16:48:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EB70E7C3FA8A4F35A32D6D073B8602B7 Ref B: FRAEDGE1922 Ref C: 2024-06-13T16:48:15Z
x-cache: CONFIG_NOCACHE

POST
H2 200 / Show response
o139498.ingest.sentry.io/api/1402863/envelope/ 41 B
340 B 147ms
88ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o139498.ingest.sentry.io/api/1402863/envelope/?sentry_key=6c8382f32e304f35908e9905fc8f421d&sentry_version=7&sentry_client=sentry.javascript.react%2F7.53.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

183861d670add961b099b910c590faa2721f6d76e056fff7c3587e1a0efdf25c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
146 B 120ms
120ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: onboarding.novo.co
URL: https://onboarding.novo.co/2f7c/app.2f7c31a5.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://onboarding.novo.co/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:15 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 5EB638FBAD7B4F4687CD4B39C6F9C8F5 Ref B: FRAEDGE1114 Ref C: 2024-06-13T16:48:16Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://onboarding.novo.co
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYayEPzxiOYl8TEvgyp5Q==

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/ Frame 7CC4 0
0 38ms
16ms Document
text/html 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b637fa0340045cd0c936/index.html?templateId=5419b637fa0340045cd0c936&businessunitId=620874112319ce926973bcd8

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-94.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://onboarding.novo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 8321
cache-control: max-age=86400
content-encoding: gzip
content-length: 2114
content-type: text/html
date: Thu, 13 Jun 2024 14:29:36 GMT
etag: "bbd26c541b063878dddb6095c1f82221"
last-modified: Mon, 08 May 2023 11:42:24 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-amz-cf-id: R1HkUJC78Ay372GFW62KyHtG6GJw90iTko19I5e6dbVdWmixtGKICA==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 49304ced8aa71270339e.svg
onboarding.novo.co/assets/images/ 2 KB
840 B 330ms
330ms Image
image/svg+xml 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.novo.co/assets/images/49304ced8aa71270339e.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ae0381ce2a2c97a7c36502e6b3b5884533f745f205c4252aa152a350383bdee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/signup
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"65a-18ff1811efa"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 8933913489e15d41-FRA
expires: Thu, 13 Jun 2024 20:48:16 GMT

GET
H2 200 19c882b3436fe2dae3c2.svg
onboarding.novo.co/assets/images/ 999 B
533 B 352ms
350ms Image
image/svg+xml 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.novo.co/assets/images/19c882b3436fe2dae3c2.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

248076e01f747d112a5c08ba25bd79b123648446acb714e0047812dcea66edf0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/signup
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"3e7-18ff1811efa"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 8933913499e55d41-FRA
expires: Thu, 13 Jun 2024 20:48:16 GMT

GET
H2 200 77dbd78c2ad6258d3b35.svg
onboarding.novo.co/assets/images/ 1 KB
756 B 166ms
164ms Image
image/svg+xml 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.novo.co/assets/images/77dbd78c2ad6258d3b35.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19ac50449ea27df5109e2e02e08df5fd1c5d5e9e280a9151bd8e829aae39d929

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/signup
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"581-18ff1811efa"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 8933913499e95d41-FRA
expires: Thu, 13 Jun 2024 20:48:16 GMT

GET
H2 200 14557a5c3ebc62db23a5.svg
onboarding.novo.co/assets/images/ 719 B
453 B 334ms
332ms Image
image/svg+xml 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.novo.co/assets/images/14557a5c3ebc62db23a5.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86d269c315e417fe9e6b296d84ffd94dd7e3ddd17f59fa8fb7d58e92048f2b4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/signup
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"2cf-18ff1811efa"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 8933913499eb5d41-FRA
expires: Thu, 13 Jun 2024 20:48:16 GMT

GET
H2 200 474d6ca54baa32f8562a.png
onboarding.novo.co/assets/images/ 630 KB
633 KB 541ms
539ms Image
image/png 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.novo.co/assets/images/474d6ca54baa32f8562a.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7c4fd37fc06ef6a6e50831695051c210f65208b16dc4248bcd4cff5fab24ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/signup
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
content-length: 645143
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"9d817-18ff1811efa"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8933913499f65d41-FRA
expires: Thu, 13 Jun 2024 20:48:16 GMT

GET
H2 200 ABCGintoNormal-Medium.otf
onboarding.novo.co/assets/fonts/ 101 KB
59 KB 539ms
536ms Font
font/otf 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/fonts/ABCGintoNormal-Medium.otf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ef5e6f9e0796a2c59a429817b8870200eea025ba116210c480a40bfa858e3fb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"192a4-18ff1811ef6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 89339134ca335d41-FRA
expires: Thu, 13 Jun 2024 20:48:16 GMT

GET
H2 200 ABCGintoNormal-Regular.otf
onboarding.novo.co/assets/fonts/ 89 KB
51 KB 532ms
529ms Font
font/otf 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/fonts/ABCGintoNormal-Regular.otf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc5464ea136ca4560005121d6d6deeba85c143bc40bd4d883b4727380f5e2350

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"16280-18ff1811ef6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 89339134ca375d41-FRA
expires: Thu, 13 Jun 2024 20:48:16 GMT

GET
H2 200 ABCGintoNormal-Light.otf
onboarding.novo.co/assets/fonts/ 91 KB
53 KB 531ms
528ms Font
font/otf 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/fonts/ABCGintoNormal-Light.otf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d03d04383cd278612a3bb1d7b1ae5d3319ecc794764a923e168a69e78ccd072

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Origin: https://onboarding.novo.co
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"16ce8-18ff1811ef6"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/otf
cache-control: public, max-age=14400
cf-ray: 89339134ca395d41-FRA
expires: Thu, 13 Jun 2024 20:48:16 GMT

GET
H2 200 no_internet_icon.svg
onboarding.novo.co/assets/images/ 54 KB
12 KB 532ms
531ms Image
image/svg+xml 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.novo.co/assets/images/no_internet_icon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d68955db30e7b585d0c6b3fb46098888f269e83663dc63b0ff9f302336ef1881

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"d9da-18ff1811f02"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 8933913499f95d41-FRA
expires: Thu, 13 Jun 2024 20:48:16 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
262 B 356ms
118ms Image
image/gif 18.205.209.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3775576419&u=2761552131940048&v=6055156202585415&s=4209161072320700&b=web&tv=4.0&z=0&h=%2F&d=onboarding.novo.co&t=Novo%20%7C%20Powerfully%20Simple%20Business%20Banking&ts=1718297295574&ubv=126.0.6478.55&upv=10.0.0&sch=1200&scw=1600&st=1718297296050

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.205.209.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-209-78.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 logo_b.svg
onboarding.novo.co/assets/images/logo/ 2 KB
3 KB 346ms
345ms Image
image/svg+xml 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.novo.co/assets/images/logo/logo_b.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

309f062a9731e130e024e694eba05427bca831b3576107fe86529c50ed33cd85

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"7f9-18ff1811f0e"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 8933913499fb5d41-FRA
expires: Thu, 13 Jun 2024 20:48:16 GMT

GET
H2 200 info_blue.svg
onboarding.novo.co/assets/images/icon/ 337 B
315 B 345ms
344ms Image
image/svg+xml 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.novo.co/assets/images/icon/info_blue.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

040ceced9c5d6bc3cdfcb06c8a66117df762cb0d717bd88a748a445db89e7424

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"151-18ff1811f0a"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 8933913499fe5d41-FRA
expires: Thu, 13 Jun 2024 20:48:16 GMT

GET
H2 200 phone_novo.png
onboarding.novo.co/assets/images/ 232 KB
232 KB 534ms
534ms Image
image/png 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onboarding.novo.co/assets/images/phone_novo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d65974ac23a2e2e9b939a14d8c1019889f0c6bf676726551f74cdade7cd7259f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-dns-prefetch-control: off
content-length: 237157
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"39e65-18ff1811f02"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 893391349a005d41-FRA
expires: Thu, 13 Jun 2024 20:48:16 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 333ms
119ms Image
image/gif 18.205.209.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3775576419&u=2761552131940048&v=1451908446938310&s=4209161072320700&b=web&tv=4.0&z=2&h=%2Fsignup&d=onboarding.novo.co&t=Novo%20%7C%20Powerfully%20Simple%20Business%20Banking&ts=1718297296117&pr=%2F&sp=z&sp=0&sp=ts&sp=1718297295574&sp=d&sp=onboarding.novo.co&sp=h&sp=%2F&sp=t&sp=Novo%20%7C%20Powerfully%20Simple%20Business%20Banking&ubv=126.0.6478.55&upv=10.0.0&sch=1200&scw=1600&st=1718297296117

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.205.209.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-205-209-78.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 16:48:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 logo_favicon.png
onboarding.novo.co/assets/images/logo/ 3 KB
0 0ms
0ms Other
image/png 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboarding.novo.co/assets/images/logo/logo_favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a243318ac8f8922fa8ac82630b0a7ea477470afd0ba7bbf82e24845f89b87488

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:15 GMT
content-security-policy: default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co *.fullstory.com api.segment.io *.segment.com api-js.mixpanel.com *.sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com *.google.com https://*.gstatic.com *.launchdarkly.com *.plaid.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com *.auryc.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.plaid.com *.fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com *.sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com *.chtbl.com optimize.google.com *.sprig.com *.userleap.com https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com *.launchdarkly.com *.sentry.io sentry.io *.socure.com dvnfo.com *.dvnfo.com *.sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com *.getrockerbox.com *.novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com *.taboola.com *.heapanalytics.com *.rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com *.trustpilot.com; style-src 'self' 'unsafe-inline' *.socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: *; font-src 'self' data: cdn.linearicons.com *.socure.com https://fonts.gstatic.com https://heapanalytics.com *.auryc.com; form-action 'self' www.facebook.com; frame-src 'self' *.plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com *.google.com *.sentry.io sentry.io https://heapanalytics.com *.sardine.ai *.trustpilot.com; frame-ancestors 'self' *.legalzoom.com; object-src 'self' mpsnare.iesnare.com
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-length: 3089
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Jun 2024 07:02:02 GMT
server: cloudflare
etag: W/"c11-18ff1811f0e"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89339131fef05d41-FRA
expires: Thu, 13 Jun 2024 20:48:15 GMT

GET
H3 200 auryc.lib.js Show response
cdn.heapanalytics.com/js/replay/libs/latest/ 696 KB
186 KB 22ms
22ms Script
application/javascript 13.32.27.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/replay/libs/latest/auryc.lib.js
Requested by: Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/replay/9930-HeapProductionV2-prod-heap/container.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.32.27.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-86.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f01d53f1694d2eaceaf9cfce39cd0ce956159524a95153379037d1b74f3e85ee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: mwt05ouoSDbehJrG9JsmBrmZXUbT9B5A
content-encoding: gzip
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
date: Thu, 13 Jun 2024 05:57:17 GMT
age: 39059
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 190110
last-modified: Wed, 03 Apr 2024 15:31:06 GMT
server: AmazonS3
etag: "e0387bc1b71a2d4e27af0418f645673e"
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: DkBD9RGdrCkuIHWO7r8PTvYWNFKV3bQoU0CphrzE34fqCYNklhIugQ==

GET
H2 200 main.MTZmOTQwMTEyMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 342 KB
98 KB 41ms
41ms Script
application/javascript 95.100.146.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C69DBF15469I4JJV9JDG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.18 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cd5efd9242be0331111acd38f5570a894598d0b18d4811f1a27631f9dac41c65

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2d0f80f6
date: Thu, 13 Jun 2024 16:48:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202406130129427C8C60C0B7391AE7FDC1
x-tt-trace-id: 00-2406130129427C8C60C0B7391AE7FDC1-38E14A5806C33DD2-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a95-100-146-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0137e83af7fec7f0562986b693ee7a9147ebd41b5e51b0b0eb03044b64ec3a50a26668fbed98efca047be5417e10436ec5170d326291cf26955539181d793a30c9c81658a26ceb3d86046809705f77428a43f7655084dc99ef7c655a1bbceceb05
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=16
content-length: 99741

GET
H2 200 record-2.0.0-alpha.6.min.js Show response
cdn.sprig.com/dependencies/ 64 KB
21 KB 9ms
8ms Script
application/javascript 13.32.27.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sprig.com/dependencies/record-2.0.0-alpha.6.min.js
Requested by: Host: cdn.sprig.com
URL: https://cdn.sprig.com/shim.js?id=_NCBHaUVs3QG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a88e2876210c1960f05cd59e66681b27ee9a1da2f33bc229f250e8301ef071f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 17:01:04 GMT
x-amz-version-id: unpW7ogcLOENtzJkxoClzv.rKxagRlP.
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 18:49:28 GMT
server: AmazonS3
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/"fb4653fc073b895d51061bc4ea71b065"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 85633
x-amz-cf-id: 8PIGUY764aN7uy-jR2fEjz3dCkKEP-oPDTJM9FgCtbTCUnMRvA_36w==

GET
H2 200 identify_ce1d8843.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 29ms
28ms Script
application/javascript 95.100.146.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.18 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 2d0f82e7
date: Thu, 13 Jun 2024 16:48:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202405211400000BDE2C76E5D8EE9EA469
x-tt-trace-id: 00-2405211400000BDE2C76E5D8EE9EA469-157E37BC5A175057-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a95-100-146-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0100d4c450589ef3b128c95195644898e3ac9f93df285dee4651f5d49be7bbf40b3f49d73279c1efd17c796dab3e0f42eb8d06cb6b69ad140b8b2cc092925ad401ddb70af56f6dac739a5917117778597089c6d7cb71bdca856e0ea2d397d745c7
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
content-length: 39572

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
846 B 218ms
217ms Ping
text/plain 95.100.146.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.18 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 790800c5.2d0f82fe
date: Thu, 13 Jun 2024 16:48:16 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240613164816DB40CF2109EF3A2E4C29-134C0037FA446C5A-00
x-cache: TCP_MISS from a95-100-146-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 167,95.100.146.14
server-timing: cdn-cache; desc=MISS, edge; dur=148, origin; dur=32, inner; dur=24
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240613164816DB40CF2109EF3A2E4C29
x-cache-remote: TCP_MISS from a23-48-100-147.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.48.100.147
x-tt-trace-host: 01a34bad20c0e93383c0dd032906d573615a5572528733e22ccad21b506a018fe509e5f3de436751298cbb5ef5f07c0688e9110b0bc8d00c1af98a6a633424304cc0a32cad09ea8b21c1e126651082ee35096e1c564b1cd7060d49b25acdce85494eb6ff93d7834f46f7fd63fba42341a6
access-control-allow-headers: Authorization,*
expires: Thu, 13 Jun 2024 16:48:16 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
847 B 170ms
170ms Ping
text/plain 95.100.146.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.18 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 79080835.2d0f82ff
date: Thu, 13 Jun 2024 16:48:16 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240613164816179CF0025E951D76D81B-40916A8FFE0CA5ED-00
x-cache: TCP_MISS from a95-100-146-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 132,95.100.146.14
server-timing: cdn-cache; desc=MISS, edge; dur=113, origin; dur=27, inner; dur=23
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240613164816179CF0025E951D76D81B
x-cache-remote: TCP_MISS from a23-48-100-147.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.48.100.147
x-tt-trace-host: 01a34bad20c0e93383c0dd032906d573615a5572528733e22ccad21b506a018fe509e5f3de436751298cbb5ef5f07c06882694004012bb743f93b5e3dccea94252112f87d7d4e33e53ad2446a2348488b6735266e25e5e747aa9e151b36fc7e6c6b5e7f99ca255b6d24692c037f914091e
access-control-allow-headers: Authorization,*
expires: Thu, 13 Jun 2024 16:48:16 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
845 B 166ms
166ms Ping
text/plain 95.100.146.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.18 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8f76220.2d0f8300
date: Thu, 13 Jun 2024 16:48:16 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240613164816DC7284DE1F42F23003B4-25BD966B1A70BABD-00
x-cache: TCP_MISS from a95-100-146-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 123,95.100.146.14
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=23, inner; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240613164816DC7284DE1F42F23003B4
x-cache-remote: TCP_MISS from a184-28-17-149.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,184.28.17.149
x-tt-trace-host: 01a34bad20c0e93383c0dd032906d573615a5572528733e22ccad21b506a018fe5c317d09ad1728c433df2ce9539a28d784c40376bb7502492a11c0c0a650a17c333da0adda6fb45ebf69e9f4ebeff4e5b9cbaccb2bd6fb59c21dc2bfbea7c2286391df115af613fba98c6f3db5595ca74
access-control-allow-headers: Authorization,*
expires: Thu, 13 Jun 2024 16:48:16 GMT

OPTIONS
H2 200 siteconfig
client-api.auryc.com/ Frame 0
0 122ms
122ms Preflight 34.66.73.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/siteconfig?lib=web

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.73.66.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-authorized-identity,x-authorized-token
Access-Control-Request-Method: GET
Origin: https://onboarding.novo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-authorized-identity, x-authorized-token
access-control-allow-methods: OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://onboarding.novo.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Thu, 13 Jun 2024 16:48:15 GMT
expires: 0
pragma: no-cache
server: istio-envoy
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 siteconfig Show response
client-api.auryc.com/ 2 KB
1 KB 126ms
125ms XHR
application/json 34.66.73.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/siteconfig?lib=web

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/2f7c/app.2f7c31a5.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.73.66.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

d0b9019537162875a9292526827b78f6def7ac58a324ad90987592e2d587624b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
x-authorized-identity: 9930-HeapProductionV2-prod-heap
Referer: https://onboarding.novo.co/
x-authorized-token: af33509cee3db7970398b5069a6bc08a
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 16:48:15 GMT
server: istio-envoy
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://onboarding.novo.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
x-xss-protection: 1; mode=block
expires: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 49ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QR05S7NGSS&gtm=45je46c0v870818274za200&_p=1718297295920&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1017646721.1718297296&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1718297296&sct=1&seg=0&dl=https%3A%2F%2Fonboarding.novo.co%2Fsignup&dt=Novo%20%7C%20Powerfully%20Simple%20Business%20Banking&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2750
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QR05S7NGSS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 16:48:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onboarding.novo.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 66ms
28ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QR05S7NGSS&cid=1017646721.1718297296&gtm=45je46c0v870818274za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QR05S7NGSS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 16:48:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onboarding.novo.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 71ms
69ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-803601028&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKK2C8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b187152ddd7eff9eb007b04afb90aaef942415afe10feb73219e18ab0c517f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:48:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93184
x-xss-protection: 0
last-modified: Thu, 13 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 13 Jun 2024 16:48:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKK2C8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 13 Jun 2024 16:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1148
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 13 Jun 2024 18:29:08 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 10 KB
3 KB 155ms
155ms Script
application/javascript 95.100.146.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C69DBF15469I4JJV9JDG&lib=ttq
Requested by: Host: onboarding.novo.co
URL: https://onboarding.novo.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.18 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 39a91e38dceedf4121bfb1bdaa0d73683616ee708527884a0fe3ef26323e6985

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: a1c38bfd.2d0f850f
date: Thu, 13 Jun 2024 16:48:16 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240613164816749129D5433B674E626A-4646C09CECFE638C-00
x-cache: TCP_MISS from a95-100-146-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 104,95.100.146.14
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=9, inner; dur=5
content-length: 2576
pragma: no-cache
server: nginx
x-tt-logid: 20240613164816749129D5433B674E626A
x-cache-remote: TCP_MISS from a23-48-100-133.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.48.100.133
x-tt-trace-host: 01a34bad20c0e93383c0dd032906d573615a5572528733e22ccad21b506a018fe528b0b865d44936c2456b261d337d3b3304f61dd4d9a78030149b4480a0aa188fa2f07025d107319f2f7f28e983d1fdde7be3a97165e4b172698383e2b95ec706ee5d76bf37baf0dd0da1aac67e77edc5
expires: Thu, 13 Jun 2024 16:48:16 GMT

GET api.min.js
a.omappapi.com/app/js/ 0
0

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 133ms
71ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QR05S7NGSS&cid=1017646721.1718297296&gtm=45je46c0v870818274za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=646259773

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 16:48:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

conv
trkn.us/pixel/
Redirect Chain

https://trkn.us/pixel/conv?ppt=18307&g=sitewide_visits&gid=41965&ord=1782687712&gtmcb=786152644
https://trkn.us/pixel/conv?ppt=18307&g=sitewide_visits&gid=41965&ord=1782687712&gtmcb=786152644;ip=185.213.155.134;cuidchk=1

42 B
721 B

11ms
11ms

Image
image/gif

95.101.111.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv?ppt=18307&g=sitewide_visits&gid=41965&ord=1782687712&gtmcb=786152644;ip=185.213.155.134;cuidchk=1

Protocol

HTTP/1.1

Server

95.101.111.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-153.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://onboarding.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 13 Jun 2024 16:48:16 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Location: /pixel/conv?ppt=18307&g=sitewide_visits&gid=41965&ord=1782687712&gtmcb=786152644;ip=185.213.155.134;cuidchk=1
Date: Thu, 13 Jun 2024 16:48:16 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK /
arttrk.com/pixel/ 43 B
131 B 447ms
111ms Image
image/gif 52.202.100.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://arttrk.com/pixel/?ad_log=referer&action=lead&pixid=c74d2af3-cc63-4a43-ae34-ce73434443b9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.100.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-100-181.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

204

f
evt.undertone.com/
Redirect Chain

https://ads.undertone.com/f?pid=9716904&cb=CACHEBUSTER_MACRO
https://evt.undertone.com/f?pid=9716904&cb=CACHEBUSTER_MACRO

0
604 B

143ms
105ms

Image
text/plain

13.33.187.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evt.undertone.com/f?pid=9716904&cb=CACHEBUSTER_MACRO
Protocol: H2
Server: 13.33.187.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-51.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://onboarding.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 16:48:16 GMT
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
x-amz-cf-id: Dp_MZtd94n_8g56N2WbNad6pq3Pytu5EvX5BzkeId3d0RguwT_FA_Q==
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 13 Jun 2024 16:48:16 GMT
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
location: https://evt.undertone.com/f?pid=9716904&cb=CACHEBUSTER_MACRO
content-length: 0
x-amz-cf-id: xCE-N7T4r3m5LDhxEL30I7E3wyhXBF6Ts-JzCuhm4YnBGDANytIn_Q==

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
847 B 189ms
188ms Ping
text/plain 95.100.146.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.18 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 30930d3.2d0f8510
date: Thu, 13 Jun 2024 16:48:16 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240613164816AD9FD56F85DB87500CB3-51A6EA7ED28A9129-00
x-cache: TCP_MISS from a95-100-146-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 137,95.100.146.14
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=38, inner; dur=33
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240613164816AD9FD56F85DB87500CB3
x-cache-remote: TCP_MISS from a184-28-17-243.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,184.28.17.243
x-tt-trace-host: 01a34bad20c0e93383c0dd032906d573615a5572528733e22ccad21b506a018fe5fe4563cb678a1cb45c5c7345ca74ccdfee78cdebf00429f20ad07efbf116a9dcd5644d4ccc76ffbbb9169a2e27de10aa18d030cbb57dc379b04e01273fd655244e0f168111f151f5178cdbb96a0f8d0a
access-control-allow-headers: Authorization,*
expires: Thu, 13 Jun 2024 16:48:16 GMT

GET acsb.js
acsbap.com/apps/app/assets/js/ 0
0

GET
H2 200 trackable.js Show response
ext.chtbl.com/ 4 KB
4 KB 78ms
8ms Script
application/javascript 2600:9000:2646:0:a:b27c:d040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ext.chtbl.com/trackable.js
Requested by: Host: onboarding.novo.co
URL: https://onboarding.novo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:0:a:b27c:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 16:41:37 GMT
via: 1.1 671c13f54b1ad36c801a07e5c548b1c8.cloudfront.net (CloudFront)
last-modified: Fri, 12 Feb 2021 20:28:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 399
etag: "4a494dbb82444463b6fd8bff0e5593d6"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4092
x-amz-cf-id: -acMzLbEWbbRHq9aKq1WRVcBYNrQTcGDRt1mC8FhKzbB0S-6h_Lmkg==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
46 B 28ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QR05S7NGSS&gtm=45je46c0v870818274za200&_p=1718297295920&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1017646721.1718297296&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1718297296&sct=1&seg=0&dl=https%3A%2F%2Fonboarding.novo.co%2Fsignup&dt=Novo%20%7C%20Powerfully%20Simple%20Business%20Banking&en=scroll&epn.percent_scrolled=90&_et=27&tfd=2841
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QR05S7NGSS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 16:48:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onboarding.novo.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 50ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=423277594767394&ev=PageView&dl=https%3A%2F%2Fonboarding.novo.co&rl=&if=false&ts=1718297296415&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718297296412.729068295608635053&pm=1&hrl=544746&ler=empty&cdl=API_unavailable&it=1718297295974&coo=false&eid=6d92261e-5c39-4936-acb0-490f6fe99fc4&cs_cc=1&cas=7368653163253367%2C7524499210939231%2C7280186098747339%2C5196261470450548%2C4986942698068420%2C5499019840114816%2C7164048053704067%2C7564805583566663%2C5117435868317407%2C5284273098251738%2C4509537322428579%2C4390939887611678%2C4229143137171594%2C3513246215467644%2C2774074732674427&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1368, tbw=2882, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Jun 2024 16:48:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1019 B 220ms
178ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=423277594767394&ev=PageView&dl=https%3A%2F%2Fonboarding.novo.co&rl=&if=false&ts=1718297296415&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4124&fbp=fb.1.1718297296412.729068295608635053&pm=1&hrl=544746&ler=empty&cdl=API_unavailable&it=1718297295974&coo=false&eid=6d92261e-5c39-4936-acb0-490f6fe99fc4&cs_cc=1&cas=7368653163253367%2C7524499210939231%2C7280186098747339%2C5196261470450548%2C4986942698068420%2C5499019840114816%2C7164048053704067%2C7564805583566663%2C5117435868317407%2C5284273098251738%2C4509537322428579%2C4390939887611678%2C4229143137171594%2C3513246215467644%2C2774074732674427&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xca924072108e6788","source_keys":["1","2"]},{"key_piece":"0x6b4e61ab308ada5c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 13 Jun 2024 16:48:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7380030691238171469", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1368, tbw=8307, tp=-1, tpl=-1, uplat=170, ullat=0
pragma: no-cache
x-fb-debug: OD4QppzmcBL1SKaxc3M6mmIqiENtNZiYPN/fV1zXd8gTLqCrH1TL5Q3EgZUyQBZ/qyQi8MvJbrd+u1qA3tM+vg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7380030691238171469"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
230 B 44ms
41ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26097601&Ver=2&mid=509afc9a-96ce-4d56-ab31-2c8c8dd44d59&sid=bb3838c029a411efb8b7513dc70f7470&vid=bb38cc0029a411efb4ef4f8d0ea16e91&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Novo%20%7C%20Powerfully%20Simple%20Business%20Banking&p=https%3A%2F%2Fonboarding.novo.co%2Fsignup&r=&lt=2046&evt=pageLoad&sv=1&rn=777686

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Jun 2024 16:48:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5913381911F64A52AF38E64445F54396 Ref B: FRAEDGE1922 Ref C: 2024-06-13T16:48:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 50ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=423277594767394&ev=page_span&dl=https%3A%2F%2Fonboarding.novo.co&rl=&if=false&ts=1718297296438&cd[value]=0&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4124&fbp=fb.1.1718297296412.729068295608635053&pm=1&hrl=05fe7f&ler=empty&cdl=API_unavailable&it=1718297295974&coo=false&eid=1005b9cd-9323-4f6a-9315-069f57499434&tm=2&cs_cc=1&cas=5196261470450548%2C4986942698068420%2C5499019840114816%2C7164048053704067%2C7564805583566663%2C5117435868317407%2C5284273098251738%2C4509537322428579%2C4390939887611678%2C4229143137171594%2C3513246215467644%2C2774074732674427&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1368, tbw=3169, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Jun 2024 16:48:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 189ms
147ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=423277594767394&ev=page_span&dl=https%3A%2F%2Fonboarding.novo.co&rl=&if=false&ts=1718297296438&cd[value]=0&sw=1600&sh=1200&v=2.9.158&r=stable&ec=1&o=4124&fbp=fb.1.1718297296412.729068295608635053&pm=1&hrl=05fe7f&ler=empty&cdl=API_unavailable&it=1718297295974&coo=false&eid=1005b9cd-9323-4f6a-9315-069f57499434&tm=2&cs_cc=1&cas=5196261470450548%2C4986942698068420%2C5499019840114816%2C7164048053704067%2C7564805583566663%2C5117435868317407%2C5284273098251738%2C4509537322428579%2C4390939887611678%2C4229143137171594%2C3513246215467644%2C2774074732674427&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x130187953c81fa8b","source_keys":["1","2"]},{"key_piece":"0x8e3f1ed752d00006","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 13 Jun 2024 16:48:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7380030691996131251", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1368, tbw=3356, tp=-1, tpl=-1, uplat=140, ullat=0
pragma: no-cache
x-fb-debug: FaaYe3pZZJ63NGG8jRjzbFf36LeckbUjgNUGCUnY3CL7v6A8IngiOB87IphVx7Yb+WTWA5HvJgKIw0fDAoyRHw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7380030691996131251"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
287 B 38ms
36ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26097601&Ver=2&mid=509afc9a-96ce-4d56-ab31-2c8c8dd44d59&sid=bb3838c029a411efb8b7513dc70f7470&vid=bb38cc0029a411efb4ef4f8d0ea16e91&vids=0&msclkid=N&el=page_span&pagetype=other&name=%2Fsignup&ea=track&en=Y&p=https%3A%2F%2Fonboarding.novo.co%2Fsignup&sw=1600&sh=1200&sc=24&evt=custom&rn=158441

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Jun 2024 16:48:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A7B9667160E4DEE8AC353922A35C929 Ref B: FRAEDGE1922 Ref C: 2024-06-13T16:48:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 37ms
8ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=423277594767394&ev=PageView&dl=https%3A%2F%2Fonboarding.novo.co&rl=&if=false&ts=1718297296468&sw=1600&sh=1200&v=2.9.158&r=stable&ec=2&o=4124&fbp=fb.1.1718297296412.729068295608635053&pm=1&hrl=544746&ler=empty&cdl=API_unavailable&it=1718297295974&coo=false&eid=8d83d2b1-4f89-4c6a-ac7c-e35bf7cd2b9e&cs_cc=1&cas=7368653163253367%2C7524499210939231%2C7280186098747339%2C5196261470450548%2C4986942698068420%2C5499019840114816%2C7164048053704067%2C7564805583566663%2C5117435868317407%2C5284273098251738%2C4509537322428579%2C4390939887611678%2C4229143137171594%2C3513246215467644%2C2774074732674427&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1368, tbw=3169, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 13 Jun 2024 16:48:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 178ms
177ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=423277594767394&ev=PageView&dl=https%3A%2F%2Fonboarding.novo.co&rl=&if=false&ts=1718297296468&sw=1600&sh=1200&v=2.9.158&r=stable&ec=2&o=4124&fbp=fb.1.1718297296412.729068295608635053&pm=1&hrl=544746&ler=empty&cdl=API_unavailable&it=1718297295974&coo=false&eid=8d83d2b1-4f89-4c6a-ac7c-e35bf7cd2b9e&cs_cc=1&cas=7368653163253367%2C7524499210939231%2C7280186098747339%2C5196261470450548%2C4986942698068420%2C5499019840114816%2C7164048053704067%2C7564805583566663%2C5117435868317407%2C5284273098251738%2C4509537322428579%2C4390939887611678%2C4229143137171594%2C3513246215467644%2C2774074732674427&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xca924072108e6788","source_keys":["1","2"]},{"key_piece":"0x6b4e61ab308ada5c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 13 Jun 2024 16:48:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7380030693102301904", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1368, tbw=7066, tp=-1, tpl=-1, uplat=169, ullat=0
pragma: no-cache
x-fb-debug: C2hN5mITCOjEI9vArb2d7GlWCPMlAOOw+KAyx+u+6S4ELpLtSYxvrgDxzJT90S5n+Kbiiv8hPi/IZOuFbJnXVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7380030693102301904"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
842 B 162ms
161ms Ping
text/plain 95.100.146.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.18 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 3b73ecf.2d0f862f
date: Thu, 13 Jun 2024 16:48:16 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240613164816311963995577FF4EC5A0-2903C3ECF79A5292-00
x-cache: TCP_MISS from a95-100-146-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 120,95.100.146.14
server-timing: cdn-cache; desc=MISS, edge; dur=106, origin; dur=24, inner; dur=21
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240613164816311963995577FF4EC5A0
x-cache-remote: TCP_MISS from a23-15-7-186.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 25,23.15.7.186
x-tt-trace-host: 01a34bad20c0e93383c0dd032906d573615a5572528733e22ccad21b506a018fe5857db9e7e24dcfddbcb118aec1777bc4b60f69cca8194f8e94af2d71115193dbf212173b8a1b73631aa9b1e4627cca50dc3eed0e11bc203d552f52440e57a94c93f989d30d71488323a65a4dd8ddaafe
access-control-allow-headers: Authorization,*
expires: Thu, 13 Jun 2024 16:48:16 GMT

OPTIONS
H2 503 track
web.chtbl.com/ Frame 0
0 197ms
98ms Preflight
text/html 2600:9000:2646:c200:0:cc59:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:c200:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://onboarding.novo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-length: 564
content-type: text/html
date: Thu, 13 Jun 2024 16:48:16 GMT
server: awselb/2.0
via: 1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
x-amz-cf-id: MxrmSm7jHrSn7uap1QdGb0b7_XXU_jPCF3r-Sq_1n0DzwKgF3z89RQ==
x-amz-cf-pop: FRA60-P5
x-cache: Error from cloudfront

POST track
web.chtbl.com/ 0
0

GET
BLOB 200
OK 36e3b9d2-727e-4cd4-9bd8-7442903b1723
https://onboarding.novo.co/ 85 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onboarding.novo.co/36e3b9d2-727e-4cd4-9bd8-7442903b1723
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 85
Content-Type: application/javascript

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 44ms
43ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=161953999&t=pageview&_s=1&dl=https%3A%2F%2Fonboarding.novo.co%2Fsignup&ul=de-de&de=UTF-8&dt=Novo%20%7C%20Powerfully%20Simple%20Business%20Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=982903564&gjid=739801662&cid=1017646721.1718297296&tid=UA-75554907-3&_gid=1031790832.1718297297&_r=1&_slc=1&gtm=45He46c0n81KLKK2C8v79705031za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=276902703

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/2f7c/app.2f7c31a5.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 16:48:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onboarding.novo.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
844 B 212ms
211ms Ping
text/plain 95.100.146.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.18 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 8518261.2d0f8996
date: Thu, 13 Jun 2024 16:48:16 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240613164816A33AD3D69270E6312D2E-39DD14969AE03EF9-00
x-cache: TCP_MISS from a95-100-146-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 120,95.100.146.14
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=26, inner; dur=21
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240613164816A33AD3D69270E6312D2E
x-cache-remote: TCP_MISS from a184-28-17-143.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 26,184.28.17.143
x-tt-trace-host: 01a34bad20c0e93383c0dd032906d573615a5572528733e22ccad21b506a018fe504fadf247e5a577e105c310418c34fdbe2a626246cabcdd6077a212194238fc41e0a275f28184171ae531f44aa148c078326055a7a34718abf90efb4eb6111c686aa05d57c7564560cf986dd938b99b1
access-control-allow-headers: Authorization,*
expires: Thu, 13 Jun 2024 16:48:16 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
152 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-75554907-3&cid=1017646721.1718297296&jid=982903564&gjid=739801662&_gid=1031790832.1718297297&npa=1&_u=YCDACEAABAAAACAAI~&z=390333955

Requested by

Host: onboarding.novo.co
URL: https://onboarding.novo.co/2f7c/app.2f7c31a5.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 13 Jun 2024 16:48:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://onboarding.novo.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 152ms
76ms Image
image/gif 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-75554907-3&cid=1017646721.1718297296&jid=982903564&npa=1&_u=YCDACEAABAAAACAAI~&z=1596614856

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 16:48:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 73ms
73ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-75554907-3&cid=1017646721.1718297296&jid=982903564&npa=1&_u=YCDACEAABAAAACAAI~&z=1596614856

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 16:48:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 43947854-92db-4a2f-a70f-25d19fda13fb
https://onboarding.novo.co/ 85 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://onboarding.novo.co/43947854-92db-4a2f-a70f-25d19fda13fb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 85
Content-Type: application/javascript

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
845 B 161ms
158ms Ping
text/plain 95.100.146.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.18 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-18.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 30ceb33.2d0f8ab4
date: Thu, 13 Jun 2024 16:48:16 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24061316481687720841EFA42888C8E3-5542D1B5FF5849BF-00
x-cache: TCP_MISS from a95-100-146-14.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-parent-response-time: 121,95.100.146.14
server-timing: cdn-cache; desc=MISS, edge; dur=112, origin; dur=20, inner; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024061316481687720841EFA42888C8E3
x-cache-remote: TCP_MISS from a184-28-17-238.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 21,184.28.17.238
x-tt-trace-host: 01a34bad20c0e93383c0dd032906d573615a5572528733e22ccad21b506a018fe5914dea8ab0bc92478c0e7493bf0a34913141d25b5206e478ed0deee43d60bf451b00f5b9261896fb8e4aafc7139331db8b324afd1babe7fb53c893c27e778356094a95c91ea0445aad21f332761f3f2c
access-control-allow-headers: Authorization,*
expires: Thu, 13 Jun 2024 16:48:16 GMT

POST
H2 200 / Show response
o139498.ingest.sentry.io/api/1402863/envelope/ 41 B
96 B 53ms
52ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o139498.ingest.sentry.io/api/1402863/envelope/?sentry_key=6c8382f32e304f35908e9905fc8f421d&sentry_version=7&sentry_client=sentry.javascript.react%2F7.53.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

76b5c771514814716e085fc2e5c0e5246c634e7ea5ca68c4f90eca4922ef7909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://onboarding.novo.co/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 13 Jun 2024 16:48:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Domain: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js

Domain: acsbap.com
URL: https://acsbap.com/apps/app/assets/js/acsb.js

Domain: web.chtbl.com
URL: https://web.chtbl.com/track

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onboarding.novo.co/	1970-01-21 06:54:17	Name: x-spec-id Value: d77ce46f-7294-4d51-8baa-bd4d8a12159e
.novo.co/	1970-01-20 23:27:53	Name: ps_mode Value: trackingV1
mpsnare.iesnare.com/	1970-01-21 06:03:53	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: 1DyEEmNJtrbr/BIQFRoiEa1dFnneaWmjqHEU0FQssSw=
.linkedin.com/	1970-01-20 23:27:53	Name: li_sugr Value: 1c484816-9bcf-4174-a509-7acd4e7e32c9
.linkedin.com/	1970-01-21 06:03:53	Name: bcookie Value: "v=2&d7fbc498-f1a9-4fd4-8162-775aca58286e"
.linkedin.com/	1970-01-20 21:19:43	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3276:u=1:x=1:i=1718297294:t=1718383694:v=2:sig=AQFRGObzLK6_0U2u9eJTRk1WNoloZIwg"
.linkedin.com/	1970-01-20 22:01:29	Name: UserMatchHistory Value: AQJ_OzSI-L_t1gAAAZASf_Yl0QOLFtIWsFK3veCM1nUkpK9S7A30q5_8s-egziGqIO7cmaENqwrsEQ
.linkedin.com/	1970-01-20 22:01:29	Name: AnalyticsSyncHistory Value: AQIVFgOiCYSglgAAAZASf_YlbmWPuR5aNlOt3X2p2CskjhrwsENLWtucK98OOf9oAlX2O02qB0d4I6Q_KlWl3Q
.www.linkedin.com/	1970-01-21 06:03:53	Name: bscookie Value: "v=1&202406131648142fe3803a-46a3-4ead-8a92-53134432c2f3AQFIvc7Reuf8owdB8CCZdiUVxb7fzT6L"
.linkedin.com/	1970-01-21 01:37:29	Name: li_gc Value: MTswOzE3MTgyOTcyOTQ7MjswMjG/vD1Cyg79AKtcehENdwfjxJ0mCK/noW2vyIEm49QsVA==
.novo.co/	1970-01-21 06:03:53	Name: rl_anonymous_id Value: RS_ENC_v3_IjRhNTliNDM1LTUwNWYtNDM3My04MGY3LWQ4YWE2NThmNzgxYSI%3D
.novo.co/	1970-01-21 06:03:53	Name: rl_page_init_referrer Value: RS_ENC_v3_IiRkaXJlY3Qi
.novo.co/	1970-01-21 06:03:53	Name: rl_session Value: RS_ENC_v3_eyJpZCI6MTcxODI5NzI5NTg5NywiZXhwaXJlc0F0IjoxNzE4Mjk5MDk2MDc3LCJ0aW1lb3V0IjoxODAwMDAwLCJzZXNzaW9uU3RhcnQiOmZhbHNlLCJhdXRvVHJhY2siOnRydWV9
.tiktok.com/	1970-01-21 06:39:53	Name: _ttp Value: 2hpiD4usMtNExVglFmozgpqp1ra
.novo.co/	1970-01-21 06:46:14	Name: _hp2_id.3775576419 Value: %7B%22userId%22%3A%222761552131940048%22%2C%22pageviewId%22%3A%221451908446938310%22%2C%22sessionId%22%3A%224209161072320700%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.novo.co/	1970-01-21 06:39:53	Name: _tt_enable_cookie Value: 1
.novo.co/	1970-01-21 06:39:53	Name: _ttp Value: sg88GSNWX7u5qP0rNtWg8w1NoEF
.novo.co/	1970-01-20 23:27:53	Name: _gcl_au Value: 1.1.79786537.1718297296
.novo.co/	1970-01-20 23:27:53	Name: _fbp Value: fb.1.1718297296412.729068295608635053
.trkn.us/	1970-01-21 06:03:53	Name: barometric[cuid] Value: cuid_666b22d0-99d0-4170-9230-24d1314793c2
.novo.co/	1970-01-20 21:19:43	Name: _uetsid Value: bb3838c029a411efb8b7513dc70f7470
.novo.co/	1970-01-21 06:39:53	Name: _uetvid Value: bb38cc0029a411efb4ef4f8d0ea16e91
.novo.co/	1970-01-21 06:54:17	Name: _ga_QR05S7NGSS Value: GS1.1.1718297296.1.0.1718297296.60.0.0
.novo.co/	1970-01-20 21:18:19	Name: _hp2_ses_props.3775576419 Value: %7B%22ts%22%3A1718297295574%2C%22d%22%3A%22onboarding.novo.co%22%2C%22h%22%3A%22%2F%22%7D
onboarding.novo.co/	1970-01-21 06:03:53	Name: _wchtbl_uid Value: d421cbe8-82d6-4fbc-9b1d-d80eb2712fe7
onboarding.novo.co/	1969-12-31 23:59:59	Name: _wchtbl_sid Value: 1fd4156f-72d1-499c-bee4-62f75f1d02e2
.bing.com/	1970-01-21 06:39:53	Name: MUID Value: 1BB4CDA0AA4B679C3720D93DAB4B663B
.novo.co/	1970-01-21 06:54:17	Name: userty.core.p.eb4837 Value: __2VySWQiOiIxNzIyODI2ZDVhYTU1MmMzNjQzZTFhZjFjZGJhZGIyMSJ9eyJ1c
.novo.co/	1969-12-31 23:59:59	Name: userty.core.s.eb4837 Value: __SI6MTcxODI5OTA5NjU1Mywic2lkIjoiNzM0ZDMyOGExNTMzNjBhNzI3YzQyM2QyN2RlNmE1YTYiLCJzdCI6MTcxODI5NzI5NjU1MywicHYiOjEsInJlYWR5Ijp0cnVlLCJ3cyI6IntcIndcIjoxNjAwLFwiaFwiOjEyMDB9In0=eyJzZ
.novo.co/	1970-01-21 06:54:17	Name: _ga Value: GA1.2.1017646721.1718297296
.novo.co/	1970-01-20 21:19:43	Name: _gid Value: GA1.2.1031790832.1718297297
.novo.co/	1970-01-20 21:18:17	Name: _gat_UA-75554907-3 Value: 1
api.sardine.ai/	1970-01-21 06:03:53	Name: _immortal\|deviceToken Value: eyJhbGciOiJkaXIiLCJjdHkiOiJKV1QiLCJlbmMiOiJBMTI4R0NNIiwidHlwIjoiSldUIn0..f2XFB9jJKCZd0BUO.z0VAsjTTOBDNyhfN9XbGNB95BD-3VfNnCn9TqAEMHKc7Jjt2QRj1qjHufWMka7RFBqWcnqAnJvWGPo3r0qWl4Z1RgigMzV0v2OCm2eQR6tDo93AWNTxKaV4EE8Th21J6uv77M0hSNdrSOMnPQCEbNwP-mISZb4nIUYnrDwSd1Tbjt1aEZwZNnYeuRjwsbRtBIeHA212Fm9bzIa-2HQmwCCZms1m7mF-KaT1LjhDntc6rhwVZCJFLCE07AAWDZUKO8Ou8ISlHOpR-XroqtJf72vpCtgOGSTpIowLpVLrKTQVUGljK.bXevxSyg2wLamEAf-QROMA
.undertone.com/	1970-01-21 06:03:53	Name: UTID Value: aced853ed3d04e8e83c70d3e835ca6f5
.undertone.com/	1970-01-21 06:03:53	Name: UTID_ENC Value: a8k48jbpldjxetazv3aq96yut

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://onboarding.novo.co/ Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
recommendation	verbose	URL: https://onboarding.novo.co/signup Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
security	error	Message: Refused to load the script 'https://a.omappapi.com/app/js/api.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	Message: Refused to load the script 'https://acsbap.com/apps/app/assets/js/acsb.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
javascript	error	URL: https://onboarding.novo.co/signup Message: Access to XMLHttpRequest at 'https://web.chtbl.com/track' from origin 'https://onboarding.novo.co' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://web.chtbl.com/track Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://onboarding.novo.co/signup Message: The resource https://onboarding.novo.co/assets/fonts/ABCGinto/ABCGintoNormal-Medium.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://onboarding.novo.co/signup Message: The resource https://onboarding.novo.co/assets/fonts/ABCGinto/ABCGintoNormal-Regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://onboarding.novo.co/signup Message: The resource https://onboarding.novo.co/assets/fonts/ABCGinto/ABCGintoNormal-Light.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://onboarding.novo.co/signup Message: The resource https://onboarding.novo.co/assets/fonts/ABCGinto/ABCGintoNormal-Bold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; worker-src blob:; connect-src 'self' https://onboardingapi.novo.co .fullstory.com api.segment.io .segment.com api-js.mixpanel.com .sentry.io www.facebook.com stats.g.doubleclick.net www.google-analytics.com bat.bing.com mpsnare.iesnare.com grsm.io ct.pinterest.com px.ads.linkedin.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com .google.com https://.gstatic.com .launchdarkly.com .plaid.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai partnerlinks.io data: blob: cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com .auryc.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' .plaid.com .fullstory.com www.googletagmanager.com snap.licdn.com cdn.mxpnl.com connect.facebook.net cdn.segment.com www.google-analytics.com www.dropbox.com assets.customer.io bat.bing.com a.quora.com www.googleadservices.com .sentry.io googleads.g.doubleclick.net mpsnare.iesnare.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/ tpc.googlesyndication.com www.google.com js.partnerstack.com static.ads-twitter.com analytics.twitter.com s.pinimg.com ct.pinterest.com analytics.tiktok.com .chtbl.com optimize.google.com .sprig.com .userleap.com https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com .launchdarkly.com .sentry.io sentry.io .socure.com dvnfo.com .dvnfo.com .sardine.ai ci-mpsnare.iovation.com https://www.googleanalytics.com https://www.googleoptimize.com https://getrockerbox.com .getrockerbox.com .novo.co cdn.taboola.com trc.taboola.com cds.taboola.com trc-events.taboola.com .taboola.com .heapanalytics.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com .trustpilot.com; style-src 'self' 'unsafe-inline' .socure.com https://fonts.googleapis.com https://optimize.google.com https://heapanalytics.com; img-src 'self' data: ; font-src 'self' data: cdn.linearicons.com .socure.com https://fonts.gstatic.com https://heapanalytics.com .auryc.com; form-action 'self' www.facebook.com; frame-src 'self' .plaid.com www.facebook.com accounts.google.com docs.google.com bid.g.doubleclick.net tpc.googlesyndication.com .google.com .sentry.io sentry.io https://heapanalytics.com .sardine.ai .trustpilot.com; frame-ancestors 'self' .legalzoom.com; object-src 'self' mpsnare.iesnare.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
acsbap.com
ads.undertone.com
analytics.tiktok.com
api.rudderstack.com
api.sardine.ai
api.sprig.com
arttrk.com
bat.bing.com
cdn.heapanalytics.com
cdn.rudderlabs.com
cdn.sprig.com
client-api.auryc.com
connect.facebook.net
edge.fullstory.com
evt.undertone.com
ext.chtbl.com
grsm.io
heapanalytics.com
js.partnerstack.com
mpsnare.iesnare.com
o139498.ingest.sentry.io
onboarding.novo.co
onboardingapi.novo.co
partnerlinks.io
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
rs.fullstory.com
snap.licdn.com
static.cloudflareinsights.com
stats.g.doubleclick.net
trkn.us
web.chtbl.com
widget.trustpilot.com
www.dropbox.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
a.omappapi.com
acsbap.com
static.cloudflareinsights.com
web.chtbl.com
13.107.42.14
13.225.78.113
13.32.27.12
13.32.27.86
13.33.187.51
142.250.184.196
18.205.209.78
18.244.18.51
18.66.102.115
184.72.105.205
2001:4860:4802:34::36
216.58.206.35
2600:1901:0:6ccc::
2600:9000:2646:0:a:b27c:d040:93a1
2600:9000:2646:c200:0:cc59:3900:93a1
2600:9000:275d:de00:16:a497:9700:93a1
2606:4700::6812:12c9
2606:4700::6812:1f85
2606:4700::6812:7da
2606:4700::6812:ad4
2620:100:6022:18::a27d:4212
2620:1ec:21::14
2620:1ec:c11::237
2a00:1450:4001:828::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c0b::9c
2a02:26f0:3100::1735:283b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.226.55.125
34.120.195.249
34.66.73.214
35.186.194.58
35.201.112.186
52.202.100.181
52.222.236.71
52.222.236.94
54.195.39.4
95.100.146.18
95.101.111.153
00228b96da058a559d153010cf7b0de8b077d95eaf0ab297efd8a7d3ae91d294
02b2ea02c7620134bd0e2fee193bc59fc1c7a242c2da7a3097ad613292e7f56d
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
030afe0e702e26624aed13bc0679d617b4060c6bc82eb2a4a3daeee2ded73a6a
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
040ceced9c5d6bc3cdfcb06c8a66117df762cb0d717bd88a748a445db89e7424
0447a16b013d19042b42be1a4eaadf522f4dac16ef6867ed8664ec53a80b1500
05d5f6cd93dc84ca58c6865068d2c47c3ef5d1b006b10c2fd5247e738df66d4e
06a96844277207b6d681e9eea92c6d74fbb49b39b27613ae3fd962b30174d7a7
0ce006ee43e665f7bdd6bf80a9fe0fca4a42c9e7b1556119b187fb214e648498
0ef5e6f9e0796a2c59a429817b8870200eea025ba116210c480a40bfa858e3fb
183861d670add961b099b910c590faa2721f6d76e056fff7c3587e1a0efdf25c
19ac50449ea27df5109e2e02e08df5fd1c5d5e9e280a9151bd8e829aae39d929
1b11a84074a6ad0ba77822a70afe2f407beb06321cbac879dc46f516440259d3
1cfa1dc569b8da7ca3f840f6d7dc126a4776ab788cee51629b97303271daeb62
248076e01f747d112a5c08ba25bd79b123648446acb714e0047812dcea66edf0
24b82226387a0da4a49f019ee3f5fca0e5601de51fe9af4b6ef5e15039c1137e
255766f6f3ca2832371e26bb1dd1feb722b94d493e509d37171d143dfe9e01ea
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308
2ae0381ce2a2c97a7c36502e6b3b5884533f745f205c4252aa152a350383bdee
309f062a9731e130e024e694eba05427bca831b3576107fe86529c50ed33cd85
31a2541bb0190eef1cade5d12bc770a206724018dcb1a6513ecf05b3ee3d8ada
371a29625aa377a58ec683b56e7a09fa4285714795bb807d687f5c336cf9c6e4
39a91e38dceedf4121bfb1bdaa0d73683616ee708527884a0fe3ef26323e6985
3ab613dc645fdb11a78c05b119b3650709c78eb165cffdce8d01f6ec10cd73b0
3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d
3b88eda62cd0778ae4de2057728af07b10a6274138462cbc3adab0fd0fbb456c
3d9dae571d29319e5284206c040d4e39446f9ad2ee9a4612f51ee237f476a71c
3e84c006dd828a89cd98cf1e359b3d9d1473c149a6b8f8c7c478531b36e39c54
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4489ecf23d5c491799639acb0e5013e4dbf987915f0ef1263136fa203a19a9f8
483a0fdd84a14558248daf506766d7472d88476a01ad89c59968febf3877668d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52043a07c593d11bb6fc3294a971ca12f3616dc1a11fb8592369dcb838a17ad3
52e62ba826346a5ec586a3f87fe694cfebcbb43ff4af24b0af7c2e4406a0dc92
57c5d862562497ff869a79e82e2413c14ae5dad8b6ad357e456e83f173937385
5b494e448795d0b41df7bfb96134ea58dd77dd2283a439b7c4704b89fcc929d3
61d6750540056c2d0a8af84697d5f16fc4ac4da63853475ee0a3e4f9a02fbcfa
63c4a9ba59d59da24aae96e52b1bbf8af0f5cc48c9413a26ba5e295f2fb759a2
6565468cb46835c6ca264f154954bb00a93f571db539c6f20c5d5154a91b18f2
673f8d5cc405522bad27485f2cac8e269159f3b617ab55184271a1c9d85d52f5
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
76b5c771514814716e085fc2e5c0e5246c634e7ea5ca68c4f90eca4922ef7909
7d03d04383cd278612a3bb1d7b1ae5d3319ecc794764a923e168a69e78ccd072
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86d269c315e417fe9e6b296d84ffd94dd7e3ddd17f59fa8fb7d58e92048f2b4c
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8a88e2876210c1960f05cd59e66681b27ee9a1da2f33bc229f250e8301ef071f
8d7c4fd37fc06ef6a6e50831695051c210f65208b16dc4248bcd4cff5fab24ab
8e700ab64d246beabf083e5d0a7de3bd5d05246b392c1eaf42c9a6afd5afc58b
907ff9a58f01ce9587c2546a8ac922f7508c4d91c5b41759c8273ec6eb5c7466
91a6e291cec25c988d8940b87940c149a1d2535340c0f2659ed9466127dec43f
9d4ec7954754384de21f760ae02a3061d213ac89d85c6a87ec404ba43edb08d5
9d4f9c787288db5ba08ab9b43d25656cdcc887b1a0c128dc7e87cada5ab355ae
9e074330ccdd9b155912ea4bea675df2283c8514e33db05edd0ba4f5ae9baf3a
a243318ac8f8922fa8ac82630b0a7ea477470afd0ba7bbf82e24845f89b87488
a44a7b662faf9ddcc98bdcbf254d50c51c7a1be8336ddfb069a9cd4f8ed7aace
a79c747ccdc97b4bb6899be824d29fe45f7c573a4b684e48fb7466592877e682
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae662bc47f598b1deec34ecd7a9432c766c4db2f2ae8a951fa76336b6c001f85
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b187152ddd7eff9eb007b04afb90aaef942415afe10feb73219e18ab0c517f40
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c4d0e562864e1bef3f96a3e58324c638c2a5aafdd2041411c51422ce4175ccb8
c5240c4c2d0698ef54c04ab88c1e48a1d33c27b1ac1dc418f4ffbbda240a5f26
c742aeaffd37182433995e88a1c32f6f90b434d77d883d7eb202f25568a05dd1
cc5464ea136ca4560005121d6d6deeba85c143bc40bd4d883b4727380f5e2350
cd1120e498b007002075783856ef73950269fbc18af1fd7e2a215b9e99ae8c70
cd5efd9242be0331111acd38f5570a894598d0b18d4811f1a27631f9dac41c65
d0b9019537162875a9292526827b78f6def7ac58a324ad90987592e2d587624b
d206f999709698a938ea4e948c199086ab626a1274af358edb2be73c0ac03aee
d3648cf49f52d16b4037316fe919646b733499a8a8986eefe39ce7672e638d6e
d65974ac23a2e2e9b939a14d8c1019889f0c6bf676726551f74cdade7cd7259f
d68955db30e7b585d0c6b3fb46098888f269e83663dc63b0ff9f302336ef1881
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df503b068a293b5645d738cfbc37e8361d7fe714faede08aef6576ed31bf3d23
dfd5a932873d1985acc42d57f51c2bbd77901d6264f19b3b1b04ab38572f1668
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea7270ed0fbe71c16e9efbbd24111e417d263e9e93e7a49ae71a2f07c9dc1996
eac81d9e33471676d196674d072ca7645bd436299f04887009d224e204279e0c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa933c4ba5eb170097c369997b92097d12e611c2b1822d0f2152d77743d0e58
f01d53f1694d2eaceaf9cfce39cd0ce956159524a95153379037d1b74f3e85ee

onboarding.novo.co Open in urlscan Pro 2606:4700::6812:12c9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

127 Requests

93 %HTTPS

45 %IPv6

33 Domains

42 Subdomains

40 IPs

5 Countries

3463 kBTransfer

9556 kBSize

35 Cookies

4 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

onboarding.novo.co Open in urlscan Pro
2606:4700::6812:12c9 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

93 %
HTTPS

45 %
IPv6

33
Domains

42
Subdomains

40
IPs

5
Countries

3463 kB
Transfer

9556 kB
Size

35
Cookies

127 HTTP transactions
0 data transactions