urlscan.io logo urlscan.io
SecurityTrails logo

bog.gh.staging.app.emtech.com Open in urlscan Pro
2620:1ec:29:1::40  Public Scan

Go To Rescan Add Verdict Report
URL: https://bog.gh.staging.app.emtech.com/
Submission: On June 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 1 countries across 5 domains to perform 25 HTTP transactions. The main IP is 2620:1ec:29:1::40, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is bog.gh.staging.app.emtech.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 13th 2023. Valid for: a year.
This is the only time bog.gh.staging.app.emtech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2620:1ec:29:1... 8075 (MICROSOFT...)
2 18.234.32.151 14618 (AMAZON-AES)
3 151.101.192.176 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 20.85.170.173 8075 (MICROSOFT...)
3 54.187.119.242 16509 (AMAZON-02)
2 2600:9000:251... 16509 (AMAZON-02)
1 54.191.18.177 16509 (AMAZON-02)
25 8
10    2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bog.gh.staging.app.emtech.com
2    18.234.32.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-32-151.compute-1.amazonaws.com
xzwn5910l588.statuspage.io
3    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    2606:4700::6812:19d2 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.drata.com
2    20.85.170.173 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
kong-stg-api.emtech.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    2600:9000:2514:e400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    54.191.18.177 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-18-177.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
12 emtech.com
bog.gh.staging.app.emtech.com
kong-stg-api.emtech.com
9 MB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1734
q.stripe.com — Cisco Umbrella Rank: 13672
m.stripe.com — Cisco Umbrella Rank: 1579
143 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1902
18 KB
2 drata.com
cdn.drata.com — Cisco Umbrella Rank: 768013
60 KB
2 statuspage.io
xzwn5910l588.statuspage.io
5 KB
25 5
Domain Requested by
10 bog.gh.staging.app.emtech.com bog.gh.staging.app.emtech.com
3 q.stripe.com bog.gh.staging.app.emtech.com
3 js.stripe.com bog.gh.staging.app.emtech.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 kong-stg-api.emtech.com bog.gh.staging.app.emtech.com
2 cdn.drata.com bog.gh.staging.app.emtech.com
2 xzwn5910l588.statuspage.io bog.gh.staging.app.emtech.com
xzwn5910l588.statuspage.io
1 m.stripe.com m.stripe.network
25 8

This site contains links to these domains. Also see Links.

Domain
drata.com
Subject Issuer Validity Valid
bog.gh.staging.app.emtech.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-13 -
2024-02-13		 a year crt.sh
*.statuspage.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-08 -
2023-08-22		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-05-12 -
2023-08-13		 3 months crt.sh
drata.com
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
kong-stg-api.emtech.com
R3		 2023-05-02 -
2023-07-31		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-05-25 -
2023-08-23		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-28 -
2023-07-26		 4 months crt.sh

This page contains 4 frames:

Primary Page: https://bog.gh.staging.app.emtech.com/
Frame ID: A18D254ABBD767EF4CEEEDF2EEBD0D84
Requests: 15 HTTP requests in this frame

Frame: https://xzwn5910l588.statuspage.io/embed/frame
Frame ID: BCB1E6CECBDC72B6AFB9751A1C4661E8
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 977E370E84C12276BDBFC9166E2A3956
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 2687BA1B8EAFE24297F493A62F8A5954
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

25
Requests

100 %
HTTPS

38 %
IPv6

5
Domains

8
Subdomains

8
IPs

1
Countries

9157 kB
Transfer

10196 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bog.gh.staging.app.emtech.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bog.gh.staging.app.emtech.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f14d4060642f8ae8f0949807beaf0b36ff721bdc430bd894c241d21a20990085
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store
content-encoding
br
content-md5
2Q7iXt3Q4WiWS0yhnDE3AA==
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
content-type
text/html
date
Fri, 23 Jun 2023 14:03:47 GMT
etag
"0x8DB7252BAB04169"
last-modified
Wed, 21 Jun 2023 12:26:24 GMT
permissions-policy
geolocation=(), camera=(), microphone=(), accelerometer=()
referrer-policy
strict-origin
strict-transport-security
max-age=7776000; includeSubDomains
x-azure-ref
0Q6aVZAAAAABocx2sLN+PSoG2+9JBd7SMQ0gxQUEyMDIwNjAyMDM1AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
x-azure-ref-originshield
0Q6aVZAAAAAB0ZC8rFb/sTJv9gg8isZ/bRE0yQUExMDkxMjA4MDA5AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
x-cache
TCP_MISS
x-ms-request-id
b72435cb-e01e-00a6-31db-a531f2000000
x-ms-version
2018-03-28
server.variables.js
bog.gh.staging.app.emtech.com/ 		34 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bog.gh.staging.app.emtech.com/server.variables.js
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
29e1f63fe487f9d65581236d00062ea6f1711f7a097ffbabcdfb3022ac3f13aa
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bog.gh.staging.app.emtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
strict-transport-security
max-age=7776000; includeSubDomains
date
Fri, 23 Jun 2023 14:03:48 GMT
x-azure-ref-originshield
0RKaVZAAAAAChZ4V3IMzJSJOh2LrI0TidRE0yQUExMDkxMjA4MDUzAGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-md5
FYdeGvOs5+qNdF3dLpknSQ==
x-cache
TCP_MISS
content-length
34
referrer-policy
strict-origin
last-modified
Wed, 21 Jun 2023 12:26:24 GMT
etag
"0x8DB7252BABF0C54"
x-azure-ref
0Q6aVZAAAAAAYFrYldDQDTqfbwNl7kYWqQ0gxQUEyMDIwNjAyMDM1AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-type
application/javascript
x-ms-request-id
320f0a51-d01e-006d-2adb-a590a1000000
cache-control
no-cache, no-store
x-ms-version
2018-03-28
permissions-policy
geolocation=(), camera=(), microphone=(), accelerometer=()
accept-ranges
bytes
main.4296d2b0.js
bog.gh.staging.app.emtech.com/static/js/ 		8 MB
8 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://bog.gh.staging.app.emtech.com/static/js/main.4296d2b0.js
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
daae5bd7743b571f5e2311ef58e15056525ba6b06b6f43e6bdd3513adb460fdc
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bog.gh.staging.app.emtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
strict-transport-security
max-age=7776000; includeSubDomains
date
Fri, 23 Jun 2023 14:03:48 GMT
x-azure-ref-originshield
0RKaVZAAAAABDchWw1JWbR6RAJbK0zTZeRE0yQUExMDkxMjA4MDIzAGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-md5
KjCkLt2OsBLNL+BOWlBDCg==
x-cache
TCP_MISS
content-length
8715792
referrer-policy
strict-origin
last-modified
Wed, 21 Jun 2023 12:26:25 GMT
etag
"0x8DB7252BB16E372"
x-azure-ref
0Q6aVZAAAAACW/+QRMnWATrsZFUyFIFtfQ0gxQUEyMDIwNjAyMDM1AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-type
application/javascript
x-ms-request-id
fda0adc1-c01e-0098-33db-a5b2fe000000
cache-control
no-cache, no-store
x-ms-version
2018-03-28
permissions-policy
geolocation=(), camera=(), microphone=(), accelerometer=()
accept-ranges
bytes
main.4aa159fe.css
bog.gh.staging.app.emtech.com/static/css/ 		649 KB
91 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bog.gh.staging.app.emtech.com/static/css/main.4aa159fe.css
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0861f704ee631af67d50e540648af117d37506192964582c6fc4e4b7d74c7f58
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bog.gh.staging.app.emtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
content-encoding
br
strict-transport-security
max-age=7776000; includeSubDomains
x-azure-ref-originshield
0RKaVZAAAAAAt1g2VN3RCTK6GQp/lxHDlRE0yQUExMDkxMjA4MDI3AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-md5
o4KzJd3XRpZ7IjMko1CeFg==
date
Fri, 23 Jun 2023 14:03:48 GMT
x-cache
TCP_MISS
referrer-policy
strict-origin
last-modified
Wed, 21 Jun 2023 12:26:25 GMT
etag
"0x8DB7252BAFC0C6D"
x-azure-ref
0Q6aVZAAAAADUIjY0iDhRTrv7vHWfFrzKQ0gxQUEyMDIwNjAyMDM1AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-type
text/css
x-ms-request-id
30b551ec-201e-0086-1bdb-a5a0c1000000
cache-control
no-cache, no-store
x-ms-version
2018-03-28
permissions-policy
geolocation=(), camera=(), microphone=(), accelerometer=()
accept-ranges
bytes
script.js
xzwn5910l588.statuspage.io/embed/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xzwn5910l588.statuspage.io/embed/script.js
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.234.32.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-32-151.compute-1.amazonaws.com
Software
/
Resource Hash
a765602cbe786425c56fb4332286fe0e407e040b8423094c38c4746cdc249401
Security Headers
Name Value
Strict-Transport-Security max-age=259200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bog.gh.staging.app.emtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=259200
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Jun 2023 14:03:48 GMT
x-permitted-cross-domain-policies
none
age
463
x-statuspage-skip-logging
true
x-cache
HIT
x-statuspage-version
f786c8b0107acff4faf167a86b8333c90e6ef703
x-xss-protection
1; mode=block
x-request-id
45a6630c-f511-491b-92b7-c6bdc2a1c2ed
x-runtime
0.050378
referrer-policy
strict-origin-when-cross-origin
etag
W/"gz[a765602cbe786425c56fb4332286fe0e]"
x-download-options
noopen
vary
Accept,Accept-Encoding,Fastly-SSL
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
accept-ranges
bytes
x-pollinator-metadata-service
status-page-web-pages
frame
xzwn5910l588.statuspage.io/embed/ Frame BCB1 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xzwn5910l588.statuspage.io/embed/frame
Requested by
Host: xzwn5910l588.statuspage.io
URL: https://xzwn5910l588.statuspage.io/embed/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.234.32.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-32-151.compute-1.amazonaws.com
Software
/
Resource Hash
c29bfc5ad267991843045dada93098e4b09bbe201ce596c6641be80cd65753f9
Security Headers
Name Value
Strict-Transport-Security max-age=259200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bog.gh.staging.app.emtech.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 23 Jun 2023 14:03:48 GMT
etag
W/"gz[c29bfc5ad267991843045dada93098e4]"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=259200
vary
Accept,Accept-Encoding,Fastly-SSL
x-cache
MISS
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-pollinator-metadata-service
status-page-web-pages
x-request-id
efcf1dbe-203a-4e84-b7a9-f98a02e33ff3
x-runtime
0.152334
x-statuspage-skip-logging
true
x-statuspage-version
f786c8b0107acff4faf167a86b8333c90e6ef703
x-xss-protection
1; mode=block
v3
js.stripe.com/ 		500 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/static/js/main.4296d2b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d76c955783d4a3f7b03001faeb5cd1dad450dbac9d099e931cd1cc45404f9b7f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bog.gh.staging.app.emtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 23 Jun 2023 14:03:50 GMT
via
1.1 varnish
age
33
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
141377
x-request-id
a54074eb-a683-4924-87f7-9d25546e9b29
x-served-by
cache-chi-kigq8000118-CHI
last-modified
Thu, 22 Jun 2023 20:31:29 GMT
server
Fastly
etag
"5792876553b5caf6bcfb6f5c8bd4829a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
fspAuthLogo.f45dc8593cfd6188b10e52bf6eba4744.svg
bog.gh.staging.app.emtech.com/static/media/ 		60 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bog.gh.staging.app.emtech.com/static/media/fspAuthLogo.f45dc8593cfd6188b10e52bf6eba4744.svg
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a1bd3ff568166dc952778efa965fcc8387dda5931e0ec139bb2ccc117a41440c
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bog.gh.staging.app.emtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
content-encoding
br
strict-transport-security
max-age=7776000; includeSubDomains
x-azure-ref-originshield
0RqaVZAAAAADqfX+rLCtDTKQgEHbodWBERE0yQUExMDkxMjA3MDM5AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-md5
eAIvMGCVo3O+TxmF0nI49w==
date
Fri, 23 Jun 2023 14:03:51 GMT
x-cache
TCP_MISS
referrer-policy
strict-origin
last-modified
Wed, 21 Jun 2023 12:26:25 GMT
etag
"0x8DB7252BB369BCC"
x-azure-ref
0RqaVZAAAAABVcMvo052cQq/rcEsgI4FdQ0gxQUEyMDIwNjAyMDM1AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-type
image/svg+xml
x-ms-request-id
f155c8d5-001e-00b8-80db-a523cd000000
cache-control
no-cache, no-store
x-ms-version
2018-03-28
permissions-policy
geolocation=(), camera=(), microphone=(), accelerometer=()
accept-ranges
bytes
show-blue-password.19a27531813fd33e479ee47f64872b6c.svg
bog.gh.staging.app.emtech.com/static/media/ 		1 KB
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bog.gh.staging.app.emtech.com/static/media/show-blue-password.19a27531813fd33e479ee47f64872b6c.svg
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
53a05b12f29c4ae04afb204ad5d3d2d6559f4eb9303139140dd9bf8f9f5ec132
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bog.gh.staging.app.emtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
content-encoding
br
strict-transport-security
max-age=7776000; includeSubDomains
x-azure-ref-originshield
0RqaVZAAAAAC/MKxFhaEUS6sUjoR8/HTRRE0yQUExMDkxMjA3MDMzAGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-md5
oE90NPdSqiHj1k0qFEl7CQ==
date
Fri, 23 Jun 2023 14:03:51 GMT
x-cache
TCP_MISS
referrer-policy
strict-origin
last-modified
Wed, 21 Jun 2023 12:26:27 GMT
etag
"0x8DB7252BC5CC84F"
x-azure-ref
0RqaVZAAAAABNFRfflch4Qbif14v7BF/GQ0gxQUEyMDIwNjAyMDM1AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-type
image/svg+xml
x-ms-request-id
af4c4447-e01e-005a-04db-a560be000000
cache-control
no-cache, no-store
x-ms-version
2018-03-28
permissions-policy
geolocation=(), camera=(), microphone=(), accelerometer=()
accept-ranges
bytes
iso27001-light.png
cdn.drata.com/badge/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.drata.com/badge/iso27001-light.png
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae63a9c213b3e19977932593f0d2163c31830213b85f755ff351b48d086af7b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bog.gh.staging.app.emtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 14:03:50 GMT
x-amz-version-id
a7WoIsFPSA.swh46CwSRNHbqU0tEphAP
via
1.1 8780431c9da5d53b39c3ac8bc25b743a.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
ORD52-C1
age
44108
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30744
last-modified
Fri, 03 Dec 2021 06:03:35 GMT
server
cloudflare
etag
"d479a95e552179dcd47eba2b0eec011b"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
7dbd46db2c7986da-ORD
x-amz-cf-id
j8XfHCvV-lghPdTWqA_ZX1qaNSXcztjkRMQ-pkQ054ZpwIph3fUl_Q==
soc2-light.png
cdn.drata.com/badge/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.drata.com/badge/soc2-light.png
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45fbb2ad4140f3e695d4423c49387c1f26e978da2a9d9205aefba11c600b97a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bog.gh.staging.app.emtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 14:03:50 GMT
x-amz-version-id
zWPrTjUKpdU2.cZrdTdTjAoCv45iM3yX
via
1.1 8780431c9da5d53b39c3ac8bc25b743a.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
ORD52-C1
age
5102
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29278
last-modified
Tue, 03 Aug 2021 04:11:02 GMT
server
cloudflare
etag
"7134ba7f6162d6d369738cfb5a34aa9b"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
cf-ray
7dbd46db2c7b86da-ORD
x-amz-cf-id
HB77QYBGa3BBlfSTpMR6O-QeegLwuabigNSz6ceQSXiwx5zubKEb2Q==
regulator-portals
kong-stg-api.emtech.com/approval/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kong-stg-api.emtech.com/approval/v1/regulator-portals
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.85.170.173 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-direct-portal-regulator,x-portal
Access-Control-Request-Method
POST
Origin
https://bog.gh.staging.app.emtech.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers
content-type, x-direct-portal-regulator, x-portal
access-control-allow-methods
GET,POST,PUT,DELETE,PATCH,OPTIONS
access-control-allow-origin
https://bog.gh.staging.app.emtech.com
access-control-max-age
1800
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
script-src 'self'
date
Fri, 23 Jun 2023 14:03:51 GMT
expires
0
permissions-policy
geolocation=(), camera=(), microphone=(), accelerometer=()
pragma
no-cache
referrer-policy
no-referrer
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
kong/3.1.1
x-content-type-options
nosniff
x-frame-options
DENY
x-kong-proxy-latency
0
x-kong-upstream-latency
3
x-xss-protection
1; mode=block
linotype_-_avenirltstd-medium-webfont.e93340b47c1f10195ac8.woff2
bog.gh.staging.app.emtech.com/static/media/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bog.gh.staging.app.emtech.com/static/media/linotype_-_avenirltstd-medium-webfont.e93340b47c1f10195ac8.woff2
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/static/css/main.4aa159fe.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5d5d91b2054947802c443d009b9712b0fea084f3f41f50234d1a78ec1d07c146
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

Referer
https://bog.gh.staging.app.emtech.com/
Origin
https://bog.gh.staging.app.emtech.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
strict-transport-security
max-age=7776000; includeSubDomains
date
Fri, 23 Jun 2023 14:03:50 GMT
x-azure-ref-originshield
0RqaVZAAAAAAo2D9KbhlaSpSJcicenmU1RE0yQUExMDkxMjA4MDM1AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-md5
Zxy88N7+Tn7+I7fauZi41A==
x-cache
TCP_MISS
content-length
19628
referrer-policy
strict-origin
last-modified
Wed, 21 Jun 2023 12:26:26 GMT
etag
"0x8DB7252BBAD6817"
x-azure-ref
0RqaVZAAAAAAhS6AhkCkwSoMzV37nhLoFQ0gxQUEyMDIwNjAyMDM1AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-type
font/woff2
x-ms-request-id
a955ce36-401e-00d4-6fdb-a595f6000000
cache-control
no-cache, no-store
x-ms-version
2018-03-28
permissions-policy
geolocation=(), camera=(), microphone=(), accelerometer=()
accept-ranges
bytes
linotype_-_avenirltstd-book-webfont.c40dc22027866a410323.woff2
bog.gh.staging.app.emtech.com/static/media/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bog.gh.staging.app.emtech.com/static/media/linotype_-_avenirltstd-book-webfont.c40dc22027866a410323.woff2
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/static/css/main.4aa159fe.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f6662ec52e87930094973d2e1bec0dda680654c0dc0349d41c794bf7ea3afc18
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

Referer
https://bog.gh.staging.app.emtech.com/
Origin
https://bog.gh.staging.app.emtech.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
strict-transport-security
max-age=7776000; includeSubDomains
date
Fri, 23 Jun 2023 14:03:50 GMT
x-azure-ref-originshield
0RqaVZAAAAAAvyBenPfd1SYynrMHjB/gVRE0yQUExMDkxMjA4MDUzAGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-md5
rUGH7Axey+9qDiV7b8T81w==
x-cache
TCP_MISS
content-length
18504
referrer-policy
strict-origin
last-modified
Wed, 21 Jun 2023 12:26:27 GMT
etag
"0x8DB7252BC800293"
x-azure-ref
0RqaVZAAAAAD/5tovGv7ZQ54T8ODHz6TRQ0gxQUEyMDIwNjAyMDM1AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-type
font/woff2
x-ms-request-id
a1fdcbcf-101e-0035-46db-a5ab83000000
cache-control
no-cache, no-store
x-ms-version
2018-03-28
permissions-policy
geolocation=(), camera=(), microphone=(), accelerometer=()
accept-ranges
bytes
regulator-portals
kong-stg-api.emtech.com/approval/v1/ 		598 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kong-stg-api.emtech.com/approval/v1/regulator-portals
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/static/js/main.4296d2b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.85.170.173 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e9dee70caaf07eae154e9a282febd5037a26a63fd05cce75734cd716d6084c2
Security Headers
Name Value
Content-Security-Policy script-src 'self'
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://bog.gh.staging.app.emtech.com/
x-direct-portal-regulator
null
accept-language
en-US,en;q=0.9
x-portal
IC
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Fri, 23 Jun 2023 14:03:50 GMT
x-content-type-options
nosniff
content-security-policy
script-src 'self'
via
kong/3.1.1
x-kong-proxy-latency
1
x-kong-upstream-latency
29
content-disposition
attachment; filename=api.json
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://bog.gh.staging.app.emtech.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
geolocation=(), camera=(), microphone=(), accelerometer=()
expires
0
signIn-graphic-2.4ae49580e71887dff54d.png
bog.gh.staging.app.emtech.com/static/media/ 		249 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bog.gh.staging.app.emtech.com/static/media/signIn-graphic-2.4ae49580e71887dff54d.png
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
019db3b6a51833ecf16af3dba23d83ebe54761b559f13c81c09d7cef4c03c590
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bog.gh.staging.app.emtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
strict-transport-security
max-age=7776000; includeSubDomains
date
Fri, 23 Jun 2023 14:03:51 GMT
x-azure-ref-originshield
0RqaVZAAAAACE4Ay/NrCfR5C/vXFFUUqPRE0yQUExMDkxMjA4MDE3AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-md5
VbosorjLntyBVQcL5Bf15Q==
x-cache
TCP_MISS
content-length
255459
referrer-policy
strict-origin
last-modified
Wed, 21 Jun 2023 12:26:27 GMT
etag
"0x8DB7252BC05183A"
x-azure-ref
0RqaVZAAAAAAXYBBJmN6ET6RdBp2hcKCiQ0gxQUEyMDIwNjAyMDM1AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-type
image/png
x-ms-request-id
cdde048a-901e-00b9-5cdb-a508cf000000
cache-control
no-cache, no-store
x-ms-version
2018-03-28
permissions-policy
geolocation=(), camera=(), microphone=(), accelerometer=()
accept-ranges
bytes
bog-emtech-logo.5d87294b1ac16dc513e128bcb913d42d.svg
bog.gh.staging.app.emtech.com/static/media/ 		25 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bog.gh.staging.app.emtech.com/static/media/bog-emtech-logo.5d87294b1ac16dc513e128bcb913d42d.svg
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e5c328d927cfc41f6d73c65cb6121c5adc9c05d98e1835f2d7cef7fa64658513
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bog.gh.staging.app.emtech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
content-encoding
br
strict-transport-security
max-age=7776000; includeSubDomains
x-azure-ref-originshield
0R6aVZAAAAADkjc7CfOBcS7XmP+0T2/DGRE0yQUExMDkxMjA4MDI1AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-md5
lX87YsMPYJfP1xUvtQ/R1A==
date
Fri, 23 Jun 2023 14:03:51 GMT
x-cache
TCP_MISS
referrer-policy
strict-origin
last-modified
Wed, 21 Jun 2023 12:26:26 GMT
etag
"0x8DB7252BBA3F3A2"
x-azure-ref
0R6aVZAAAAADNFQYaMBiJTZi0mnGGD6gLQ0gxQUEyMDIwNjAyMDM1AGY1YjFlNjkzLTA2NjItNGZkMS1iZTk3LTMwNjU1YTM2NzYwNw==
content-type
image/svg+xml
x-ms-request-id
cdde07b1-901e-00b9-35db-a508cf000000
cache-control
no-cache, no-store
x-ms-version
2018-03-28
permissions-policy
geolocation=(), camera=(), microphone=(), accelerometer=()
accept-ranges
bytes
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 977E 		200 B
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://bog.gh.staging.app.emtech.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
19159147
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 23 Jun 2023 14:03:51 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
56036
x-content-type-options
nosniff
x-request-id
0f2cf214-9b60-41ec-b8c9-4ddaa68c0c4c
x-served-by
cache-chi-kigq8000118-CHI
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 977E 		631 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 23 Jun 2023 14:03:51 GMT
via
1.1 varnish
age
14709336
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
332
x-request-id
8f981c3b-4df9-4964-94b0-56e34bb7f6cd
x-served-by
cache-chi-klot8100164-CHI
last-modified
Wed, 21 Dec 2022 18:20:44 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
76568
csp-report
q.stripe.com/ Frame 977E 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 23 Jun 2023 14:03:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1687529031979851
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1687529031978957
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 977E 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 23 Jun 2023 14:03:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1687529031986357
x-envoy-upstream-service-time
13
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
5
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1687529031979006
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 2687 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:e400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
190
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 23 Jun 2023 14:00:42 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 6379820fbac3eca5570c58b520f7931e.cloudfront.net (CloudFront)
x-amz-cf-id
v0idw3yLSy2LHFr_FpHA-KAwZ-KQpX3KpRTgY7OcYaVH0fmUOywIgg==
x-amz-cf-pop
JFK50-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 2687 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: bog.gh.staging.app.emtech.com
URL: https://bog.gh.staging.app.emtech.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 23 Jun 2023 14:03:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1687529032038013
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1687529032037601
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.42.js
m.stripe.network/ Frame 2687 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:e400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Jun 2023 14:00:41 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 6379820fbac3eca5570c58b520f7931e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
191
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
kUTjhDu0GMUZi8gAyTTcsa_nvsC3gWn6vc6OoojkmLtoIX8g2BOsKg==
6
m.stripe.com/ Frame 2687 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.191.18.177 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-191-18-177.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4f28517e9f86facb4ba5c9788909d9f29dae29e00446a59351319c8cbca23ecb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Fri, 23 Jun 2023 14:03:52 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1687529032685539
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1687529032684875
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend string| SERVER_DATA function| statusEmbedTest object| webpackChunkemtech object| regeneratorRuntime function| _ function| HashArray function| saveAs number| __mobxInstanceCount object| __mobxGlobals object| Prism boolean| _pdfjsCompatibilityChecked function| setImmediate function| clearImmediate object| webpackChunkStripeJSouter function| noop function| Stripe

5 Cookies

Domain/Path Name / Value
.drata.com/ Name: __cf_bm
Value: vPLaX69YvgBsZ.JgOXV5agaiUXEjFhCz_UpqMWT2DFo-1687529030-0-Ac7uAHfYoAUUzJ/OLtfuKcVkqJoo6YmQ5BDvEDlhHJJ5XLt0gtD42+V05Y20XbI5U348YwI6E9bGL2SaXI3qMSM=
.drata.com/ Name: _cfuvid
Value: mg.q7VdqlC1zQdpok7TJ.PYAm5706.InY4wb1hwfAKM-1687529030978-0-604800000
m.stripe.com/ Name: m
Value: 870cf320-88ff-4644-9006-b33fc9e2bfecb37b25
.bog.gh.staging.app.emtech.com/ Name: __stripe_mid
Value: 8a6eccc8-9767-4e43-b3ad-95bce2bb5bd4131647
.bog.gh.staging.app.emtech.com/ Name: __stripe_sid
Value: 228f9125-ccaf-4fc3-997a-aba59eca4001c94106

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://cdnjs.cloudflare.com https://js.stripe.com https://amp.azure.net/ https://maps.googleapis.com https://xzwn5910l588.statuspage.io/embed/script.js; connect-src 'self' https://kong-stg-api.emtech.com https://amp.azure.net/ https://digitalassets.staging.emtech.com https://api.stripe.com https://maps.googleapis.com https://*.blob.core.windows.net/ https://*.streaming.media.azure.net https://commonassets.blob.core.windows.net/; frame-src https://js.stripe.com https://amp.azure.net/ https://hooks.stripe.com https://xzwn5910l588.statuspage.io/;
Strict-Transport-Security max-age=7776000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bog.gh.staging.app.emtech.com
cdn.drata.com
js.stripe.com
kong-stg-api.emtech.com
m.stripe.com
m.stripe.network
q.stripe.com
xzwn5910l588.statuspage.io
151.101.192.176
18.234.32.151
20.85.170.173
2600:9000:2514:e400:19:7d10:bd80:93a1
2606:4700::6812:19d2
2620:1ec:29:1::40
54.187.119.242
54.191.18.177
019db3b6a51833ecf16af3dba23d83ebe54761b559f13c81c09d7cef4c03c590
0861f704ee631af67d50e540648af117d37506192964582c6fc4e4b7d74c7f58
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
29e1f63fe487f9d65581236d00062ea6f1711f7a097ffbabcdfb3022ac3f13aa
45fbb2ad4140f3e695d4423c49387c1f26e978da2a9d9205aefba11c600b97a7
4f28517e9f86facb4ba5c9788909d9f29dae29e00446a59351319c8cbca23ecb
53a05b12f29c4ae04afb204ad5d3d2d6559f4eb9303139140dd9bf8f9f5ec132
5d5d91b2054947802c443d009b9712b0fea084f3f41f50234d1a78ec1d07c146
5e9dee70caaf07eae154e9a282febd5037a26a63fd05cce75734cd716d6084c2
a1bd3ff568166dc952778efa965fcc8387dda5931e0ec139bb2ccc117a41440c
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a765602cbe786425c56fb4332286fe0e407e040b8423094c38c4746cdc249401
ae63a9c213b3e19977932593f0d2163c31830213b85f755ff351b48d086af7b9
c29bfc5ad267991843045dada93098e4b09bbe201ce596c6641be80cd65753f9
d76c955783d4a3f7b03001faeb5cd1dad450dbac9d099e931cd1cc45404f9b7f
daae5bd7743b571f5e2311ef58e15056525ba6b06b6f43e6bdd3513adb460fdc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c328d927cfc41f6d73c65cb6121c5adc9c05d98e1835f2d7cef7fa64658513
f14d4060642f8ae8f0949807beaf0b36ff721bdc430bd894c241d21a20990085
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f6662ec52e87930094973d2e1bec0dda680654c0dc0349d41c794bf7ea3afc18