urlscan.io logo urlscan.io
SecurityTrails logo

app.yellow.ai Open in urlscan Pro
2606:4700::6812:669  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.yellow.ai/
Effective URL: https://app.yellow.ai/
Submission: On March 22 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 29 HTTP transactions. The main IP is 2606:4700::6812:669, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.yellow.ai. The Cisco Umbrella rank of the primary domain is 441215.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 20th 2022. Valid for: a year.
This is the only time app.yellow.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1901:0:b... 15169 (GOOGLE)
6 104.16.169.131 13335 (CLOUDFLAR...)
3 2404:6800:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 151.101.194.137 54113 (FASTLY)
3 162.247.241.14 23467 (NEWRELIC-...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
29 11
9    2606:4700::6812:669 (United States)

ASN13335 (CLOUDFLARENET, US)
app.yellow.ai
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
6    104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hcaptcha.com
newassets.hcaptcha.com
hcaptcha.com
3    2404:6800:4004:810::200e (Australia)

ASN15169 (GOOGLE, US)
apis.google.com
1    2606:4700::6812:d469 (United States)

ASN13335 (CLOUDFLARENET, US)
www.okta.com
3    2404:6800:4004:824::200d (Australia)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2404:6800:400a:80c::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
1    2606:4700::6812:133 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.yellowmessenger.com
Apex Domain
Subdomains		 Transfer
9 yellow.ai
app.yellow.ai — Cisco Umbrella Rank: 441215
9 MB
6 google.com
apis.google.com — Cisco Umbrella Rank: 107
accounts.google.com — Cisco Umbrella Rank: 73
132 KB
6 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 14046
newassets.hcaptcha.com — Cisco Umbrella Rank: 11013
hcaptcha.com — Cisco Umbrella Rank: 7799
242 KB
3 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 231
1 KB
1 yellowmessenger.com
cdn.yellowmessenger.com — Cisco Umbrella Rank: 92833
48 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 341
14 KB
1 gstatic.com
www.gstatic.com
35 KB
1 okta.com
www.okta.com — Cisco Umbrella Rank: 82092
32 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 3011
18 KB
29 9
Domain Requested by
9 app.yellow.ai app.yellow.ai
4 newassets.hcaptcha.com app.yellow.ai
newassets.hcaptcha.com
3 bam.nr-data.net app.yellow.ai
3 accounts.google.com apis.google.com
app.yellow.ai
www.gstatic.com
3 apis.google.com app.yellow.ai
1 cdn.yellowmessenger.com app.yellow.ai
1 js-agent.newrelic.com app.yellow.ai
1 www.gstatic.com accounts.google.com
1 hcaptcha.com newassets.hcaptcha.com
1 www.okta.com app.yellow.ai
1 js.hcaptcha.com app.yellow.ai
1 cdn.mxpnl.com app.yellow.ai
29 12

This site contains links to these domains. Also see Links.

Domain
yellowmessenger.com
Subject Issuer Validity Valid
yellow.ai
Cloudflare Inc ECC CA-3		 2022-09-20 -
2023-09-19		 a year crt.sh
*.mxpnl.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-07-11 -
2023-07-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-15 -
2023-05-15		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
www.okta.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-03-04		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh
yellowmessenger.com
Cloudflare Inc ECC CA-3		 2022-09-20 -
2023-09-19		 a year crt.sh

This page contains 4 frames:

Primary Page: https://app.yellow.ai/
Frame ID: A5E72F0340CE534A3D4A2D8264589E57
Requests: 21 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Frame ID: F3DBEC5503A983DDFCC77912BE27484A
Requests: 2 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Frame ID: 680576F72046E656BB659AFDCDDF6B36
Requests: 4 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: D465099B0B4E57F406E59379A241687E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - Yellow Messenger

Page URL History Show full URLs

  1. http://app.yellow.ai/ HTTP 307
    https://app.yellow.ai/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /tiny_?mce(?:\.min)?\.js

Page Statistics

29
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

12
Subdomains

11
IPs

4
Countries

9392 kB
Transfer

45280 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.yellow.ai/ HTTP 307
    https://app.yellow.ai/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.yellow.ai/
Redirect Chain
  • http://app.yellow.ai/
  • https://app.yellow.ai/
29 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52cc2f9d4e84076dd5b72cff177b344bd36dd97197721e0ac931f67540616ea0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform
access-control-allow-methods
GET, POST, OPTIONS
cache-control
public, max-age=0 no-store
cf-cache-status
DYNAMIC
cf-ray
7abe628a3864af7c-NRT
content-encoding
br
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
content-type
text/html; charset=UTF-8
date
Wed, 22 Mar 2023 12:19:47 GMT
expires
0
feature-policy
geolocation 'self'
last-modified
Mon, 13 Mar 2023 08:31:20 GMT
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://app.yellow.ai/
Non-Authoritative-Reason
HSTS
index.a4f321b4.css
app.yellow.ai/ 		990 KB
128 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.yellow.ai/index.a4f321b4.css
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e020a3c8d0a1ed95e5bce6e507382366be76d28c55cdf36c0bb1436ed7e64593
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 12:19:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 13 Mar 2023 08:31:20 GMT
server
cloudflare
etag
W/"1f2fe-186da187367"
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=14400
feature-policy
geolocation 'self'
access-control-allow-credentials
true
cf-ray
7abe628d9c3eaf7c-NRT
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform
expires
Wed, 22 Mar 2023 16:19:48 GMT
index.e41a9296.js
app.yellow.ai/ 		41 MB
8 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yellow.ai/index.e41a9296.js
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
146dd0672162db954cec70b6ae5f5ac116d92a744f30df1fe7ce83c77d2b7a41
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 12:19:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 13 Mar 2023 08:31:20 GMT
server
cloudflare
etag
W/"88b185-186da187367"
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=14400
feature-policy
geolocation 'self'
access-control-allow-credentials
true
cf-ray
7abe628dbc69af7c-NRT
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform
expires
Wed, 22 Mar 2023 16:19:48 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 12:11:32 GMT
content-encoding
gzip
age
496
x-guploader-uploadid
ADPycdsuTi6oZE9iz2O4NnNX43Jjl4e5NXDN942GVvrszhCtf4za0SUEv6-iXy-PCeXfYPXx8Kn6DsaSA7ZYaa3jvLIo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17435
last-modified
Thu, 17 Feb 2022 20:21:50 GMT
server
UploadServer
etag
"caa762087e9d75cecc34b5d6626cb7b9"
vary
Accept-Encoding
x-goog-generation
1645129310876382
x-goog-hash
crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
17435
accept-ranges
bytes
expires
Wed, 22 Mar 2023 12:21:32 GMT
tinymce.min.js
app.yellow.ai/js/tinymce/ 		386 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yellow.ai/js/tinymce/tinymce.min.js
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3824b2feecc4f4522af5c1baaf84681692b7ec71a5afae6cc63adf212df47551
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 12:19:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 13 Mar 2023 08:31:20 GMT
server
cloudflare
etag
W/"20660-186da18737b"
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=14400
feature-policy
geolocation 'self'
access-control-allow-credentials
true
cf-ray
7abe629f8d05af7c-NRT
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform
expires
Wed, 22 Mar 2023 16:19:50 GMT
session
app.yellow.ai/api/sso/ 		29 B
171 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.yellow.ai/api/sso/session?refresh=true
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8611398b0152255f895d6b946aedce3810d314e53a3e45b6f44286a90160b4
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
tracestate
2546315@nr=0-1-2546315-863899003-8cf9147033a04747----1679487590336
traceparent
00-303ddd8fe31a833db4eaabd89c14ca10-8cf9147033a04747-01
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI1NDYzMTUiLCJhcCI6Ijg2Mzg5OTAwMyIsImlkIjoiOGNmOTE0NzAzM2EwNDc0NyIsInRyIjoiMzAzZGRkOGZlMzFhODMzZGI0ZWFhYmQ4OWMxNGNhMTAiLCJ0aSI6MTY3OTQ4NzU5MDMzNn19

Response headers

date
Wed, 22 Mar 2023 12:19:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
cf-cache-status
DYNAMIC
content-length
29
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
cloudflare
etag
W/"1d-SFg1yB5C4mPMRmz91HR7SP18WdM"
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
cache-control
no-store
feature-policy
geolocation 'self'
access-control-allow-credentials
true
cf-ray
7abe629f9d13af7c-NRT
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform
expires
0
ba70d8d049368af7ac34.worker.js
app.yellow.ai/ 		238 KB
55 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.yellow.ai/ba70d8d049368af7ac34.worker.js
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64dc7becfeb6efd61287626d96db271b4a573e369a0ea79b639523278479f3c0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 12:19:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
cf-cache-status
MISS
content-encoding
br
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 13 Mar 2023 08:31:20 GMT
server
cloudflare
etag
W/"e19a-186da187367"
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=14400
feature-policy
geolocation 'self'
access-control-allow-credentials
true
cf-ray
7abe62a4a998af7c-NRT
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform
expires
Wed, 22 Mar 2023 16:19:51 GMT
session
app.yellow.ai/api/sso/ 		29 B
93 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.yellow.ai/api/sso/session?
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8611398b0152255f895d6b946aedce3810d314e53a3e45b6f44286a90160b4
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
tracestate
2546315@nr=0-1-2546315-863899003-ca3a18af0d762c2a----1679487591160
traceparent
00-4062b8d6a5f112eb1b71b8d1f9dcbd60-ca3a18af0d762c2a-01
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI1NDYzMTUiLCJhcCI6Ijg2Mzg5OTAwMyIsImlkIjoiY2EzYTE4YWYwZDc2MmMyYSIsInRyIjoiNDA2MmI4ZDZhNWYxMTJlYjFiNzFiOGQxZjlkY2JkNjAiLCJ0aSI6MTY3OTQ4NzU5MTE2MH19

Response headers

date
Wed, 22 Mar 2023 12:19:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
cf-cache-status
DYNAMIC
content-length
29
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
cloudflare
etag
W/"1d-SFg1yB5C4mPMRmz91HR7SP18WdM"
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
cache-control
no-store
feature-policy
geolocation 'self'
access-control-allow-credentials
true
cf-ray
7abe62a4b9acaf7c-NRT
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform
expires
0
logo_50.a4b755fc.png
app.yellow.ai/static/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.yellow.ai/static/logo_50.a4b755fc.png
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a1c4f62dd8192bd3d1fd652d16d5e464b738456353a47c87e7efd49365829cd
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 12:19:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
cf-cache-status
MISS
content-length
16779
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 13 Mar 2023 08:31:20 GMT
server
cloudflare
etag
W/"418b-186da18736f"
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400
feature-policy
geolocation 'self'
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7abe62a4b9afaf7c-NRT
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,platform
expires
Wed, 22 Mar 2023 16:19:51 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7103c446b85074c5b5bd331d3718561ac674229c79461f5088f283bb96aa13b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
api.js
js.hcaptcha.com/1/ 		284 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hcaptcha.com/1/api.js?render=explicit&onload=hcaptchaOnLoad
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 12:19:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8757f53e391a976cbd7bc9a6ff9d4f38.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
0
x-amz-cf-pop
NRT12-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Mar 2023 07:14:15 GMT
server
cloudflare
etag
W/"5de21c14bce7448f20c94eda336232ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
cf-ray
7abe62a5ddcc25fb-NRT
x-amz-cf-id
NCGonswNwsVjwv1pJJrBWU03wRF4BFhNaRVN9YH2skXU6c_OF8x6XQ==
client:platform.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client:platform.js
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ff7b673632213583165c774d55644551f4eceb51c8653f5e7832697ade162be
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Mar 2023 12:19:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21026
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"94e74ad7e8948685"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 12:19:51 GMT
Okta_Aura_Solid_Charcole_40percent-thumbnail.png
www.okta.com/sites/default/files/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.okta.com/sites/default/files/Okta_Aura_Solid_Charcole_40percent-thumbnail.png
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d469 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79e2e271956ca7971b29454e3709bff89775c3196e59f1cccd96cc189b815f9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires
Fri, 22 Mar 2024 12:19:51 GMT
date
Wed, 22 Mar 2023 12:19:51 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
x-pantheon-styx-hostname
styx-fe2-b-d6bc494c5-svc2j
x-cache
HIT, HIT
content-length
32499
x-served-by
cache-chi-kigq8000129-CHI, cache-nrt-rjtf7700068-NRT
last-modified
Tue, 09 Nov 2021 10:02:59 GMT
server
cloudflare
x-timer
S1679487591.369509,VS0,VE2
etag
"618a4753-7ef3"
vary
Accept-Encoding
content-type
image/png
x-styx-req-id
2d71116b-bca9-11ed-a90e-6225a9b0c871
cache-control
public, max-age=31622400
accept-ranges
bytes
cf-ray
7abe62a5ec75ca1f-NRT
x-cache-hits
2, 1
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/7d69057/static/ Frame F3DB 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f05242270132a89b0ce4c828959b3607c765029c84e4244d15b82b363d94f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
age
962249
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
7abe62a61e1925fb-NRT
content-encoding
br
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 22 Mar 2023 12:19:51 GMT
last-modified
Fri, 10 Mar 2023 07:14:14 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 cb835650180a67bd468624c6340b9cc6.cloudfront.net (CloudFront)
x-amz-cf-id
SRo3738pu0Akrutdo5V_tP6kIB_s7BxoNX1t_-VjcihRWvJMn_ksQg==
x-amz-cf-pop
NRT57-C4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/7d69057/static/ Frame 6805 		2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f05242270132a89b0ce4c828959b3607c765029c84e4244d15b82b363d94f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-origin
*
age
962249
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
7abe62a61e1725fb-NRT
content-encoding
br
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 22 Mar 2023 12:19:51 GMT
last-modified
Fri, 10 Mar 2023 07:14:14 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 cb835650180a67bd468624c6340b9cc6.cloudfront.net (CloudFront)
x-amz-cf-id
SRo3738pu0Akrutdo5V_tP6kIB_s7BxoNX1t_-VjcihRWvJMn_ksQg==
x-amz-cf-pop
NRT57-C4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/7d69057/ Frame 6805 		284 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/7d69057/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 12:19:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8757f53e391a976cbd7bc9a6ff9d4f38.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
962307
x-amz-cf-pop
NRT12-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Mar 2023 07:14:15 GMT
server
cloudflare
etag
W/"5de21c14bce7448f20c94eda336232ba"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
7abe62a63e3725fb-NRT
x-amz-cf-id
NCGonswNwsVjwv1pJJrBWU03wRF4BFhNaRVN9YH2skXU6c_OF8x6XQ==
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/7d69057/ Frame F3DB 		284 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/7d69057/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/7d69057/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 12:19:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8757f53e391a976cbd7bc9a6ff9d4f38.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
age
962307
x-amz-cf-pop
NRT12-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Mar 2023 07:14:15 GMT
server
cloudflare
etag
W/"5de21c14bce7448f20c94eda336232ba"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
7abe62a63e3925fb-NRT
x-amz-cf-id
NCGonswNwsVjwv1pJJrBWU03wRF4BFhNaRVN9YH2skXU6c_OF8x6XQ==
truncated
/ Frame 6805 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 6805 		554 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=7d69057&host=app.yellow.ai&sitekey=ddb8c3cb-f054-4003-b1c7-16897cfc9826&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/7d69057/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d732acd9036148048a2379a604403500d437482ec25bb61f42616e44e00714e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Mar 2023 12:19:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
7abe62a68ea625fb-NRT
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/ 		315 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/cb=gapi.loaded_0?le=scs
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dded489ce2ac381b6077ef09a6b2bcee84d5407403544442e18d67ba7547e2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 19 Mar 2023 12:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110201
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 18 Mar 2024 12:27:51 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/ 		62 B
153 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/cb=gapi.loaded_1?le=scs
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 01:29:39 GMT
x-content-type-options
nosniff
age
211812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62
x-xss-protection
0
last-modified
Thu, 09 Mar 2023 16:31:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Mar 2024 01:29:39 GMT
iframe
accounts.google.com/o/oauth2/ Frame D465 		283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.zUi2Oiqh0cQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-VnflFHGTzk3OsaVpWbqz0Ysb2Jw/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200d , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8632ef72d250ade6193f2436aa5d4d33ed841da51c29e42d861f7cec7b056e5c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-EuvEAa1z8o0NAguw6u-4dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-EuvEAa1z8o0NAguw6u-4dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 22 Mar 2023 12:19:51 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame D465 		2 KB
912 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200d , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4521fbf434b657e96c52904f006054097f6e1a00abc46af5d0dbf182720fd61c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 12:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.EIS4dCoGOpo.es5.O/d=1/rs=AOaEmlGmOm1Y9IEgmomQwKC5jFurSMhI6A/ Frame D465 		100 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.EIS4dCoGOpo.es5.O/d=1/rs=AOaEmlGmOm1Y9IEgmomQwKC5jFurSMhI6A/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80c::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
480c017f33f2daf5abe6a4744bfa6a26a3cb55e839b536551cd7c4816b699f3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 19:01:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35328
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 18:48:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Mar 2024 19:01:49 GMT
nr-spa-1184.min.js
js-agent.newrelic.com/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1184.min.js
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Wed, 22 Mar 2023 12:19:51 GMT
x-amz-request-id
RNZ1XWDDHY1YYMQ3
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14379
x-amz-id-2
ceeOlPWNY1yqS6JGMqZgeYLKhoFCiiR42RvR3qoBT5I+ullTo0dd3nYxjQ+dz/6SlsA+YIW93Zw=
x-served-by
cache-tyo11958-TYO
last-modified
Mon, 28 Sep 2020 16:34:47 GMT
server
AmazonS3
x-timer
S1679487592.734148,VS0,VE0
etag
"6b93dbf34696df852c6d69d1652851de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
11
main.js
app.yellow.ai/widget/ 		243 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yellow.ai/widget/main.js
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7c3cf802d90208b7aa6060b7f6b29a824bcd0be1727342ec04d38a7ea52c7f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 12:19:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Wed, 22 Mar 2023 04:36:06 GMT
server
cloudflare
content-encoding
br
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=14400
cf-ray
7abe62a84d3baf7c-NRT
expires
Wed, 22 Mar 2023 16:19:52 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame D465 		49 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fapp.yellow.ai&client_id=458608820597-th1fh7pm95v01d90tnmhfrq33ofq7hr9.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.EIS4dCoGOpo.es5.O/d=1/rs=AOaEmlGmOm1Y9IEgmomQwKC5jFurSMhI6A/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::200d , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-U_iwQLd_P03CrCgMvcleVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 12:19:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-U_iwQLd_P03CrCgMvcleVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-encoding
gzip
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type
application/json; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 22 Mar 2023 12:19:51 GMT
NRJS-6b2f155493b92f78e7a
bam.nr-data.net/1/ 		49 B
621 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-6b2f155493b92f78e7a?a=863899003&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=4835&ck=1&ref=https://app.yellow.ai/user/login&be=1458&fe=4820&dc=4244&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1679487586904,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:5,%22c%22:5,%22s%22:6,%22ce%22:12,%22rq%22:12,%22rp%22:552,%22rpe%22:561,%22dl%22:554,%22di%22:4243,%22ds%22:4243,%22de%22:4244,%22dc%22:4819,%22l%22:4819,%22le%22:4820%7D,%22navigation%22:%7B%7D%7D&fp=3437&fcp=4288&jsonp=NREUM.setToken
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 22 Mar 2023 12:19:52 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
7abe62a968df268d-NRT
main.min.js
cdn.yellowmessenger.com/plugin/latest/dist/ 		212 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.yellowmessenger.com/plugin/latest/dist/main.min.js
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:133 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab1566b3fa086e9e1cfb61d6a2cd2f909368fed9b4ae4d51f2e467eac1345940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 22 Mar 2023 12:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YO6rRLuxExksWBHD0DKXZQ==
age
6952
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48573
x-ms-lease-status
unlocked
last-modified
Tue, 21 Mar 2023 10:08:09 GMT
server
cloudflare
etag
0x8DB29F42C914269
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3f7688de-401e-0078-1bdd-5b68ce000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
7abe62aaece5f5af-NRT
expires
Wed, 22 Mar 2023 12:49:52 GMT
NRJS-6b2f155493b92f78e7a
bam.nr-data.net/resources/1/ 		36 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/resources/1/NRJS-6b2f155493b92f78e7a?a=863899003&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=5374&ck=1&ref=https://app.yellow.ai/user/login&st=1679487586904
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d743f7f4ce128673808472c9b31784806ae884a76086e024545591e02a27def9

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 22 Mar 2023 12:19:52 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://app.yellow.ai
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7abe62abbb6a268d-NRT
Content-Length
36
NRJS-6b2f155493b92f78e7a
bam.nr-data.net/events/1/ 		24 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-6b2f155493b92f78e7a?a=863899003&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=5379&ck=1&ref=https://app.yellow.ai/user/login
Requested by
Host: app.yellow.ai
URL: https://app.yellow.ai/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
text/plain

Response headers

Date
Wed, 22 Mar 2023 12:19:52 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://app.yellow.ai
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7abe62abcac21ec0-NRT
Content-Length
24

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| mixpanel object| NREUM object| newrelic function| __nr_require function| webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad object| __SENTRY__ function| _ function| YellowMessenger object| tinymce object| tinyMCE function| hcaptchaOnLoad object| Raven object| hcaptcha object| grecaptcha object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis boolean| notificationClosed function| ymCloseNotification function| ymHideNotification function| ymShowNotification object| YellowMessengerPlugin

6 Cookies

Domain/Path Name / Value
app.yellow.ai/ Name: _csrf
Value: qqvNr5NP-vm71zFPqGzPQGN_e5OY24p_8Da4
.yellow.ai/ Name: mp_f3e9502217a0898772562aafff40d69e_mixpanel
Value: %7B%22distinct_id%22%3A%20%221870942d813760-0da273ec5aa9bc-1430337c-1d4c00-1870942d814783%22%2C%22%24device_id%22%3A%20%221870942d813760-0da273ec5aa9bc-1430337c-1d4c00-1870942d814783%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.okta.com/ Name: __cf_bm
Value: YLs0F0bAuY4SHJ4aHbGmma6_xe3q_cUBQw_G2h2bS84-1679487591-0-AfDuncRtgIhSFycGS8zkK7xcLKbYPHVJAoGi7k0C/OyxpcRCaXLqNINvclPxIJ/s8U08WXvPibecd4LX/SVgUy0=
.app.yellow.ai/ Name: G_ENABLED_IDPS
Value: google
.google.com/ Name: NID
Value: 511=E_Qs6lgdYaeIqA3CgYflcefHlygVCz6Q29DHKs5XmV2TRflo4J4ixLiJwSzIMX7NaU5jzKL7AcXUSasQFSCdjXo1c1i6rTF3CNVQwrpmNce2HN5EisyzlMRwI4ba2daxU87gaBluWCxi-bWRDAImNeaYFCl7wNCDVvYYoc2r7Es
.nr-data.net/ Name: JSESSIONID
Value: 24dfde2c7e37ae3d

4 Console Messages

Source Level URL
Text
security warning URL: https://app.yellow.ai/(Line 21)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()
worker info URL: https://app.yellow.ai/ba70d8d049368af7ac34.worker.js(Line 801)
Message:
==== Worker initialized ====

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
app.yellow.ai
bam.nr-data.net
cdn.mxpnl.com
cdn.yellowmessenger.com
hcaptcha.com
js-agent.newrelic.com
js.hcaptcha.com
newassets.hcaptcha.com
www.gstatic.com
www.okta.com
104.16.169.131
151.101.194.137
162.247.241.14
2404:6800:4004:810::200e
2404:6800:4004:824::200d
2404:6800:400a:80c::2003
2600:1901:0:bc29::
2606:4700::6812:133
2606:4700::6812:669
2606:4700::6812:d469
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
146dd0672162db954cec70b6ae5f5ac116d92a744f30df1fe7ce83c77d2b7a41
1a8611398b0152255f895d6b946aedce3810d314e53a3e45b6f44286a90160b4
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
3824b2feecc4f4522af5c1baaf84681692b7ec71a5afae6cc63adf212df47551
3a1c4f62dd8192bd3d1fd652d16d5e464b738456353a47c87e7efd49365829cd
3ff7b673632213583165c774d55644551f4eceb51c8653f5e7832697ade162be
4521fbf434b657e96c52904f006054097f6e1a00abc46af5d0dbf182720fd61c
480c017f33f2daf5abe6a4744bfa6a26a3cb55e839b536551cd7c4816b699f3c
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
52cc2f9d4e84076dd5b72cff177b344bd36dd97197721e0ac931f67540616ea0
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
64dc7becfeb6efd61287626d96db271b4a573e369a0ea79b639523278479f3c0
6ac927bf968f13f78b024de0f986ca3a18d95852aee8423f748d252fca5c5c96
7dded489ce2ac381b6077ef09a6b2bcee84d5407403544442e18d67ba7547e2e
8632ef72d250ade6193f2436aa5d4d33ed841da51c29e42d861f7cec7b056e5c
9f05242270132a89b0ce4c828959b3607c765029c84e4244d15b82b363d94f49
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
ab1566b3fa086e9e1cfb61d6a2cd2f909368fed9b4ae4d51f2e467eac1345940
b79e2e271956ca7971b29454e3709bff89775c3196e59f1cccd96cc189b815f9
b7c3cf802d90208b7aa6060b7f6b29a824bcd0be1727342ec04d38a7ea52c7f2
d7103c446b85074c5b5bd331d3718561ac674229c79461f5088f283bb96aa13b
d732acd9036148048a2379a604403500d437482ec25bb61f42616e44e00714e9
d743f7f4ce128673808472c9b31784806ae884a76086e024545591e02a27def9
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
e020a3c8d0a1ed95e5bce6e507382366be76d28c55cdf36c0bb1436ed7e64593
fa567ea63c532d43e2f5e3e3962ff8b5fa0366f3c62ee0585fa6fe4be4c70f60