gritapp.gritfinancial.org Open in urlscan Pro
2600:9000:21f3:7a00:1:a972:1c0:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
Submission: On August 03 via manual (August 3rd 2023, 8:41:57 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 57 HTTP transactions. The main IP is 2600:9000:21f3:7a00:1:a972:1c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is gritapp.gritfinancial.org.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 27th 2023. Valid for: 8 months.

This is the only time gritapp.gritfinancial.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2600:9000:21f... 2600:9000:21f3:7a00:1:a972:1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	13.226.175.46 13.226.175.46	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	104.198.8.50 104.198.8.50	15169 (GOOGLE) (GOOGLE)
1	18.164.52.40 18.164.52.40	16509 (AMAZON-02) (AMAZON-02)
1	34.250.221.67 34.250.221.67	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.25.194.17 52.25.194.17	16509 (AMAZON-02) (AMAZON-02)
2	54.244.158.153 54.244.158.153	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
57	14

34 2600:9000:21f3:7a00:1:a972:1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

gritapp.gritfinancial.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.175.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-175-46.mxp64.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.8.50 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 50.8.198.104.bc.googleusercontent.com

hnnnlzmi.usw.stape.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.52.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-40.cdg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.221.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-221-67.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.25.194.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-194-17.us-west-2.compute.amazonaws.com

sentry.tools.gritfinancial.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.244.158.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-158-153.us-west-2.compute.amazonaws.com

backend.prod.gritfinancial.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	gritfinancial.org gritapp.gritfinancial.org sentry.tools.gritfinancial.org backend.prod.gritfinancial.org	2 MB
6	gstatic.com fonts.gstatic.com	128 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	225 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	155 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 745 script.hotjar.com — Cisco Umbrella Rank: 967	59 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 5769	161 B
1	stape.io hnnnlzmi.usw.stape.io	532 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 115	261 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	2 KB
0	google.de Failed www.google.de Failed
57	11

	Domain	Requested by
34	gritapp.gritfinancial.org	gritapp.gritfinancial.org
6	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	gritapp.gritfinancial.org www.googletagmanager.com
2	backend.prod.gritfinancial.org	gritapp.gritfinancial.org
2	www.facebook.com	gritapp.gritfinancial.org
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
1	sentry.tools.gritfinancial.org	gritapp.gritfinancial.org
1	content.hotjar.io	gritapp.gritfinancial.org
1	script.hotjar.com	static.hotjar.com
1	hnnnlzmi.usw.stape.io	gritapp.gritfinancial.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	fonts.googleapis.com	gritapp.gritfinancial.org
0	www.google.de Failed	gritapp.gritfinancial.org
57	14

This site contains no links.

Subject Issuer	Validity	Valid
gritapp.gritfinancial.org Amazon RSA 2048 M01	`2023-02-27` - `2023-11-04`	8 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-13` - `2023-08-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
usw.stape.io R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
*.tools.gritfinancial.org Amazon RSA 2048 M02	`2023-07-30` - `2024-08-27`	a year	crt.sh
prod.gritfinancial.org Amazon RSA 2048 M02	`2023-06-14` - `2024-07-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
Frame ID: 7B0DAB2AA189400D7158A738AA038E56
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

All About You | Grit

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Page Statistics

57
Requests

98 %
HTTPS

54 %
IPv6

11
Domains

14
Subdomains

14
IPs

4
Countries

2672 kB
Transfer

3651 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request get-started Show response
gritapp.gritfinancial.org/employee/registration/ 2 KB
4 KB 1538ms
1239ms Document
text/html 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

edc07535057f4223bc4f7798dc46e0cc6a8adcde9462bc23b68d34c2f64a0f92

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 2158
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
content-type: text/html
date: Thu, 03 Aug 2023 20:41:48 GMT
etag: "9f18c0abba999b85192647e68268bf41"
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-amz-cf-id: DvfZS3WbENAkCVW_qiU51zSPbrSzJ0PrzEgWKD9C6VY5Qnh3jhf_GA==
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 css2
fonts.googleapis.com/ 26 KB
2 KB 139ms
51ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Livvic:wght@400;500;700&family=Roboto:wght@400;500;700&family=Source+Sans+Pro:wght@300;400;600;700&family=Work+Sans:wght@300;400;500;600;700&display=swap

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0192594d0c2374b02620db46c70c54330183fe4373a05f81c93f99efe56ded4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Aug 2023 20:41:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 20:41:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Aug 2023 20:41:47 GMT

GET
H2 200 index-0af91edd.js Show response
gritapp.gritfinancial.org/assets/ 1 MB
1 MB 698ms
697ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1768de046a24106e6873e60b6a1484aafcd433337078b223c1629640b6a0e227

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:48 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 1479185
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "06590cf631bf1e005ea954713d153412"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: 3OpN7_GN5OlQPIT0nG2MiR9Raa1PohPU0yUj2f3uh9H9lTvladrQKQ==

GET
H2 200 index-7709d885.css
gritapp.gritfinancial.org/assets/ 105 B
2 KB 623ms
622ms Stylesheet
text/css 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/index-7709d885.css

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7709d885ac5d0ecb65e09a41ebe3758e3720290ad44c19fa72a43d0f77155893

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:48 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 105
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "586b00b666d154efbc978fa4884d27f8"
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: _dVq1J4nmQZN2TnnZSP0sEGG9Y9K1QF51Djm_3VHEm3U48zL0SUzWg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
69 KB 173ms
65ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PBNMTG2&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8fd73e66fe17d437ce927a194bb41c1c714d180f05db006b824ae6f01941eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70401
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Aug 2023 20:41:49 GMT

GET
H2 200 employeeRegistration.json Show response
gritapp.gritfinancial.org/locales/en/ 5 KB
7 KB 632ms
631ms Fetch
application/json 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/locales/en/employeeRegistration.json

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

758b60f4bd97adbcf8642519e1893a6603e99b39d5beaf1b2d958c67cf06dc0a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:50 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 5570
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "d40917004252a115fe54a061e7887398"
content-type: application/json
cache-control: no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: pqjDbnorDhUEvHPgzG5Jw3aR7A6m4x0eqcuohPhBIS54I6BD6t6ztQ==

GET
H2 200 meta.json Show response
gritapp.gritfinancial.org/locales/en/ 24 B
2 KB 613ms
613ms Fetch
application/json 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/locales/en/meta.json

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fd87d48568388d00c632961c1d6fbb0070e784a46eb55b115b79fb0f7fe73a4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:50 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 24
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "f2c2f99cf88cbf3d186460b8d321921c"
content-type: application/json
cache-control: no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: WYfk5kC-rPpLId6ZU6bJBehgWplw7E071lUO1_ThMf8YtI7pvpdw1w==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
88 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JBT7N0CJ0Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBNMTG2&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6bc912cdc174fd8e90abbe6541197f9101013cd18e342c6e2a75f8c3c6be159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89963
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 03 Aug 2023 20:41:49 GMT

GET
H2 200 hotjar-3148047.js Show response
static.hotjar.com/c/ 10 KB
4 KB 549ms
59ms Script
application/javascript 13.226.175.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3148047.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBNMTG2&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.175.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-175-46.mxp64.r.cloudfront.net

Software

Resource Hash

4cd699f66bd841d08c05f4d389b1325695768038b52ed7ba6e1dfbd4b1a9770c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 03 Aug 2023 20:41:49 GMT
via: 1.1 b0fb64973ef509b9c9508897337515c2.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C3
etag: W/c1ea793aa18cdd929f8b220f37e30aba
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: RGBJrudcCYE0p1h8rkWK_sH6nGLZXmY5W80MQRCovIPPUB7ZQ4tWuw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 172 KB
47 KB 492ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBNMTG2&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 03 Aug 2023 20:41:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47151
x-xss-protection: 0
pragma: public
x-fb-debug: 1gnQTZNJSPKaaEjtWFlY5SVAUJULa7OT7jh77iiVt5NKpzY/nqKCJ+1do4mbtjoK/PSa36JvS8rvzZVlHZbTzw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 182 KB
68 KB 66ms
66ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FAZSIR432&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBNMTG2&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b61285108d3b9bb24886651ddaa3322173a387cdb9b964f87141fe5cca1fbf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69446
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Aug 2023 20:41:49 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
261 B 367ms
18ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JBT7N0CJ0Z&cid=1383134764.1691095309&gtm=45je3820&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JBT7N0CJ0Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 20:41:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gritapp.gritfinancial.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 EmployeeRoute-4b5d1b82.js Show response
gritapp.gritfinancial.org/assets/ 163 KB
165 KB 729ms
726ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/EmployeeRoute-4b5d1b82.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4d412939898d36746312a213978a74397b1ec5a57496e9c8256bb9a693bbfece

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 166755
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "c0f868c6afc287fdda0b35e828ee13f7"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: C-c8_UU3QasFVCWyNgAFlEwqV1uW_SXt6D3Yiyvaq7qSmWp7B1teUw==

GET
H2 200 index-0a3f8ac0.js Show response
gritapp.gritfinancial.org/assets/ 3 KB
5 KB 646ms
642ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/index-0a3f8ac0.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

017c1b8a8f539440fc29614a52ab08bfcbe81b5cd8f304cac95276d619a5c008

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3079
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "d429c1743d20d0e8dbedf00116f7e3d3"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: 2tasFcjHjpDTrIYtOALjg5FrNr8CeVNBhIt0OpzQ0LZQOH5XsdyNTQ==

GET
H2 200 authenticateAccessToken-0571f1be.js Show response
gritapp.gritfinancial.org/assets/ 393 B
2 KB 653ms
650ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/authenticateAccessToken-0571f1be.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ac6e70296c981739efdcb43020abd8ef29e8fba686b7dc29cad49dbb09f5ab8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 393
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "2ba26dbf8fc7eb374ab615e46e77f93c"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: KeNYOa3nVD8S9XxoHL1QyWjxXtMT0mxjEqfQKMv1nXaZlzvhVieZEQ==

GET
H2 200 interopRequireDefault-01ffd8a5.js Show response
gritapp.gritfinancial.org/assets/ 184 B
2 KB 626ms
622ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/interopRequireDefault-01ffd8a5.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a944d092795301362293ea84f40316ed8105d71645086d54a4ee6a6cf9326b32

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 184
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "f899344752eada8477c62ffbfea47611"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: EjB0XQEFp-Es7y1lfF3QGZLZKqK13Dy3TOvmHhpOcRl7yXu6rSs8Hg==

GET
H2 200 createSvgIcon-91409693.js Show response
gritapp.gritfinancial.org/assets/ 2 KB
3 KB 218ms
215ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/createSvgIcon-91409693.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

66fc58f8e5fb9dc88356265cb04ee817eed8b7f416c679dc29c6db08a8692254

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:50 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 1583
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "3b729a81bdcce7b5049f66a2287d34e4"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: pjadX3HKig-FfDx2W7baMR2IAUP2P-FSxY92XE3v2xsMdoAvG6Xppw==

GET
H2 200 useControlled-46266c43.js Show response
gritapp.gritfinancial.org/assets/ 227 B
2 KB 640ms
637ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/useControlled-46266c43.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9825b2b0adedbce2821003273e1f94d194590b440c756ab0b10532e8b067e573

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 227
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "84b87c66daeafcb772a2d33edc366aea"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: 2lP9UBPxzQQrvY9RcoFBe_AApaSTPdoqro9QnO1jN8Js-RZyGsam3w==

GET
H2 200 TextField-f82b1d71.js Show response
gritapp.gritfinancial.org/assets/ 2 KB
3 KB 631ms
628ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/TextField-f82b1d71.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dd9c2c1f7b06f129137c82b7abce9b0b108e288e53af4ed7a4676b3e61619340

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 1616
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "c04d2bfaf2ec25bb1398957753bea415"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: F1BWGDxnHvrtILu_p6cM5-DnbFLDzYjtSRpg3eNHs-sxSqVPLNugpA==

GET
H2 200 TextField-4160074a.js Show response
gritapp.gritfinancial.org/assets/ 95 KB
97 KB 665ms
662ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/TextField-4160074a.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

69bc8df6df5bfc18d041cbb635985ffd44e3144e6f72958055c084861aa8b3af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 97618
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "d1f6a337cccfcc6f5e3406b2ee3b44b9"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: lIgZKXyjTkpXqE0WNBbFb4p-Ti5ex9vRWgfL5vkLbUr8OlK5pskuLw==

GET
H2 200 Modal-a3e8472c.js Show response
gritapp.gritfinancial.org/assets/ 14 KB
16 KB 680ms
677ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/Modal-a3e8472c.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bbfdfea856d506dca387a3d554397edf0bdb1893cc39ca7a835d81f90c7d7da8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 14802
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "0eba6390fefd56cd34c8e36993c5d023"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: LzkbJObwko96SE-9GPDZgIdxXMWtNNEqL4eEUI6bx7MISJvesbFXAw==

GET
H2 200 Chip-5366bf90.js Show response
gritapp.gritfinancial.org/assets/ 11 KB
13 KB 637ms
634ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/Chip-5366bf90.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f1934e433cebec85d7f2fe4f6f44350b43224707dbe09288d4c36f866d05f50e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 11352
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:03 GMT
server: AmazonS3
etag: "3bf65d0af5ef782b9a3b648a1a954e86"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: UJe-kWvXpo7NWQuXcKDyR8y6UVeiPoRTP0UjoRRoaAN6yAKirCxBUg==

GET
H2 200 TitleSubtitle-12dc3868.js Show response
gritapp.gritfinancial.org/assets/ 15 KB
16 KB 623ms
621ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/TitleSubtitle-12dc3868.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

168aa3caffc45d918997d13e53674d8ec17563ae7312045550efaee1100eefb7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 14995
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "3bf72521820dac9b23f17e740d97e368"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: fvPHNUR8fArzo8cnCJkrp0s6jhLBgeg7icy70AA77PiP4-3IbQwLLA==

GET
H2 200 ExternalLink-29f536b7.js Show response
gritapp.gritfinancial.org/assets/ 12 KB
14 KB 638ms
635ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/ExternalLink-29f536b7.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d804cf6e24c1e7c90082d37c34d658bebdaccee161d996381e605e6cf4bf6402

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 12413
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "38ee2f0d07b8354eea94038f8df6bec2"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: bBX9fw_HXFKAS8qR1DXf_c66OLCkXYVBbPoJa_hVC5jpRoH2BVZD6A==

GET
H2 200 themeV3-03687753.js Show response
gritapp.gritfinancial.org/assets/ 5 KB
7 KB 672ms
669ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/themeV3-03687753.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1cb289339f16752f1f94efd10f611c7234136050b5d8ec4f32100b03e34bc0f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 5245
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "b555abc57f4a277257146ec26b7a6a86"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: Y29EqyGRVjP5Or5wkXHMePGTaUbYxuLduBIjmVbHOJPeRTArexsWhg==

GET
H2 200 Box-3ffab739.js Show response
gritapp.gritfinancial.org/assets/ 629 B
2 KB 660ms
658ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/Box-3ffab739.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

86793d1b2cf45b47591e4525895d2019fd054efa66f397c0c6c2ce5a16a97cdd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 629
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:03 GMT
server: AmazonS3
etag: "bec9470cb56ce1892123284ead1f0ce3"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: qqTiXv46NSjXMoWikCOhQPbYwJkPhhKytapmw0Unw1ykW3qh6Bc_XQ==

GET
H2 200 Container-bd70aed7.js Show response
gritapp.gritfinancial.org/assets/ 2 KB
4 KB 630ms
628ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/Container-bd70aed7.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5066fd17d1f21b5cf0ed31c3e2197f99fcd530fd32f2bdd8c26998b179263987

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 2058
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:03 GMT
server: AmazonS3
etag: "a6a7f1ce13f9c964f88e16873248d151"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: yYqkUdCwbBRLnPUEezGpjaRSf3ixl1kAOgsprcOb5LFShQil8GD0mQ==

GET
H2 200 Divider-ddf0ee77.js Show response
gritapp.gritfinancial.org/assets/ 4 KB
5 KB 660ms
658ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/Divider-ddf0ee77.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aec5e7592f3722aee78fa27ed21d7859a0749c5ef3fecadce04efd1b205e4b5a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3727
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "fc246f0bd1ba521c48d3239dbb2b7ac5"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: btBxYzSq89KTt8TKsYPjRdOCBAJ6ZqsvOjpFbafRTbANefOSGyTrsg==

GET
H2 200 employersActions-271bdca8.js Show response
gritapp.gritfinancial.org/assets/ 133 B
2 KB 620ms
618ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/employersActions-271bdca8.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

97ea29bc896fe3e90be8b13f3d9922493959e8068a2c98d2b7bfed26a8880334

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 133
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "d753b16412a015c5ddd286136a215914"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: qAuJKOGRndZ-lobqcJe-zT9atIYdSpgU_kq1jrgxc7dJX2908LTHtQ==

GET
H2 200 lodash-78ffcf55.js Show response
gritapp.gritfinancial.org/assets/ 70 KB
72 KB 680ms
679ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/lodash-78ffcf55.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cf985600b3cd07d31b665745d8848d36cbe7e8254abc0448f46bee2f84ada77f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 72022
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "ea886270d5d5b2c4ca47fadafef1e4fb"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: ol5eXgoewIwvkYPuspTx0E5gKPjwcGSZTj8n4mOBAMjIBC9u76mmSw==

GET
H2 200 Card-bf62164b.js Show response
gritapp.gritfinancial.org/assets/ 588 B
2 KB 703ms
702ms Script
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/Card-bf62164b.js

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

59e999a9a5b296c958fbb061643e041b3c862f60052f9d7c094448720f49d069

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 588
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:03 GMT
server: AmazonS3
etag: "cd086213a66da3b74b9c43e02746a564"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: jIrj_lSqNRCpcsTwHef3-Gga6pCbawAK1fPlecLUVl0cEbgkoQOrtg==

GET
H2 200 EmployeeRoute-dc48f6f6.css
gritapp.gritfinancial.org/assets/ 45 KB
47 KB 624ms
623ms Stylesheet
text/css 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/EmployeeRoute-dc48f6f6.css

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dc48f6f6468af8bd85f2b18b2d0c8d467877712f335bef4428028d2c4927b063

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 46364
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "25729b4065488e4d9ea1c4ee6a3bf663"
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: Q5BjKbCiBFdTNn9c-SsTAVjEjnkmL-7Jullp4pqllXK0oGLAAZbmnQ==

GET
H2 200 collect Show response
hnnnlzmi.usw.stape.io/g/ 65 B
532 B 951ms
639ms XHR
text/plain 104.198.8.50
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://hnnnlzmi.usw.stape.io/g/collect?v=2&tid=G-FAZSIR432&gtm=45je3820&_p=1651335899&cid=1383134764.1691095309&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.etld=google.de&sst.gcsub=region1&_s=1&sid=1691095309&sct=1&seg=0&dl=https%3A%2F%2Fgritapp.gritfinancial.org%2Femployee%2Fregistration%2Fget-started%3Fcategory%3Djjb&dt=Grit&en=page_view&_fv=1&_ss=1&ep.event_name=page_view&ep.event_id=1691095309139.239278.1&richsstsse

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.198.8.50 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

50.8.198.104.bc.googleusercontent.com

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:50 GMT
x-content-type-options: nosniff
content-type: text/plain
access-control-allow-origin: https://gritapp.gritfinancial.org
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-accel-buffering: no

GET
H2 200 637770184693059 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 138ms
138ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/637770184693059?v=2.9.121&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

05a2a35541f8dfd11cf032b54df4f35b5fb4ae01186f3b8054302d30d4291a26

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 03 Aug 2023 20:41:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: jsh04E9uIL8t1b2NnXH3GGlZShOaYsIRlpW4va6nDI6kH37fc3cvRY9V+h+sa6mQiRV64lzehfgI9Mcqgv8fGA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.92ff9978854791af68a7.js Show response
script.hotjar.com/ 223 KB
55 KB 72ms
19ms Script
application/javascript 18.164.52.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.92ff9978854791af68a7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3148047.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-52-40.cdg50.r.cloudfront.net

Software

Resource Hash

f827ec383239317deb9387ea204a9a0089594aaa0a763922e3d85222010531e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 15:14:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e62fdd28aecc715b248568cb8338e8a2.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
age: 19662
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55640
last-modified: Thu, 03 Aug 2023 15:13:59 GMT
etag: "9e14d47807cbae60a1fa1410419e20a1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: KSvAwkXDjQB948pHg0XPODEQ1t5to-qZ7SrbXMjeZwy_D9BW4pb5RQ==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 149ms
29ms XHR
application/json 34.250.221.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.250.221.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-221-67.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ff3dabfe607c34074a730f25857721b718126bbb8b03f9d7e824af85fad8fc9a

Request headers

Referer: https://gritapp.gritfinancial.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 03 Aug 2023 20:41:49 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 24ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=637770184693059&ev=PageView&dl=https%3A%2F%2Fgritapp.gritfinancial.org%2Femployee%2Fregistration%2Fget-started%3Fcategory%3Djjb&rl=&if=false&ts=1691095309862&cd[event_name]=PageView&sw=1600&sh=1200&v=2.9.121&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1691095309860.1326824391&cs_est=true&it=1691095309669&coo=false&eid=1691095309139.239278.1&tm=1&exp=a1&rqm=GET

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Aug 2023 20:41:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 / Show response
sentry.tools.gritfinancial.org/api/2/envelope/ 41 B
240 B 755ms
358ms Fetch
application/json 52.25.194.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.tools.gritfinancial.org/api/2/envelope/?sentry_key=4761e8a4b47c4530812d8c1ea4ad38eb&sentry_version=7
Requested by: Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.25.194.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-25-194-17.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 4bc81d388806d2480e7adfb93c7f99c1d1da581571acc6082a5fa165687b7e35

Request headers

Referer: https://gritapp.gritfinancial.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://gritapp.gritfinancial.org
date: Thu, 03 Aug 2023 20:41:50 GMT
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
server: nginx
content-length: 41
vary: Origin
content-type: application/json

GET
H2 200 v3.employeeRegistration.json Show response
gritapp.gritfinancial.org/locales/en/ 4 KB
6 KB 647ms
647ms Fetch
application/json 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/locales/en/v3.employeeRegistration.json

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

52e5392f9b231b556c52450e42749a868cfba9236e0a8590295843f5c6ce2c8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:52 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 4226
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "8792760fa5301545f90c6b4b2e715d59"
content-type: application/json
cache-control: no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: UjpgO4bF4-KxHGsyQr89pHXX2bLXhl4Tw1AOW5Oi3d-dkvtB_qV7ew==

GET
H2 200 common.json Show response
gritapp.gritfinancial.org/locales/en/ 275 B
2 KB 663ms
662ms Fetch
application/json 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/locales/en/common.json

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e4c3267e1907857a1f98db3573ce5eb145202a66d5238370a920ee02d0a52e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:52 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 275
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "2765d5ff5c43578e64e794d972444d63"
content-type: application/json
cache-control: no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: YPbRvLdoVDqIyBpfHNvXja-hl2Nfkzi0okDT6Pgj8uj9qWhKcXzz9Q==

GET
H2 200 search-worker-58dda993.js
gritapp.gritfinancial.org/assets/ 20 KB
22 KB 178ms
178ms Other
text/javascript 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/assets/search-worker-58dda993.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6b0bcc76b1f27a0840c594746704052a5fa8caf2297b8d2c5f008d9d50229b55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:51 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 20512
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "5d0cb8c7ab1b9c38ac34bf09b4cd7654"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: SIJzS7xWsn9KDaOcvQnLMZbZnGEEkmTFRyfKIzAXgWyazcXSBoKjBQ==

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=637770184693059&ev=Microdata&dl=https%3A%2F%2Fgritapp.gritfinancial.org%2Femployee%2Fregistration%2Fget-started%3Fcategory%3Djjb&rl=&if=false&ts=1691095311366&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Grit%22%2C%22meta%3Adescription%22%3A%22Grit%20Financial%20App%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.121&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1691095309860.1326824391&it=1691095309669&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 03 Aug 2023 20:41:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 204 companies
backend.prod.gritfinancial.org/api/ 0
0 747ms
186ms Preflight 54.244.158.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://backend.prod.gritfinancial.org/api/companies?category=jjb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.244.158.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-158-153.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://gritapp.gritfinancial.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match
access-control-allow-methods: GET
access-control-allow-origin: https://gritapp.gritfinancial.org
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Thu, 03 Aug 2023 20:41:52 GMT

GET
H2 200 companies Show response
backend.prod.gritfinancial.org/api/ 170 B
393 B 207ms
207ms XHR
application/json 54.244.158.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://backend.prod.gritfinancial.org/api/companies?category=jjb
Requested by: Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.244.158.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-244-158-153.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ffdc003f66816dea6862559c313be3b0b676b54d45e125ffa9a4867671620e44

Request headers

Accept: application/json, text/plain, */*
Referer: https://gritapp.gritfinancial.org/
accept-language: de-DE,de;q=0.9
Authorization: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:52 GMT
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gritapp.gritfinancial.org
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
accept-ranges: bytes
content-length: 170

GET
H2 200 v3.common.json Show response
gritapp.gritfinancial.org/locales/en/ 2 KB
3 KB 630ms
629ms Fetch
application/json 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/locales/en/v3.common.json

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8a153b6c202baf5d1674294356a1b4688fcbc5ac8d6f7b1cb31fe72d3d19afb7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:52 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 1724
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "067d5dc9dc5b5e6c4f432be3db6ed6ee"
content-type: application/json
cache-control: no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: QSwyzrDFU111a9Nxprsr2vkq3_FKWpGwPqK3ZGGY5LmoCqnj6Szcrg==

GET
H2 200 employeeAuth.json Show response
gritapp.gritfinancial.org/locales/en/ 5 KB
7 KB 202ms
201ms Fetch
application/json 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gritapp.gritfinancial.org/locales/en/employeeAuth.json

Requested by

Host: gritapp.gritfinancial.org
URL: https://gritapp.gritfinancial.org/assets/index-0af91edd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

55970cccbfed31953fb83eed2d3077654be3e8074e636796b5698c3d147b695e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:52 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 5416
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "da3c27122a0960b718d63293795b81f8"
content-type: application/json
cache-control: no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: n6BdJSUS4l8cHV2TC3v4zvG8JuLab3A8yXA4hxyneuomSYHf5xSc9g==

GET
H2 200 jjb-header-3-aee8570c.png
gritapp.gritfinancial.org/assets/ 76 KB
78 KB 680ms
680ms Image
image/png 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gritapp.gritfinancial.org/assets/jjb-header-3-aee8570c.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

aee8570c469d69a41400a53a8734edee0902b7bda2e42d88ea7a1624ff547882

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:52 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 77577
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "316f2d4252b87e8efd27bbf4161151a0"
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: 76i3oVQrgBZQ5A4TL92W9nmxhkW_pE1syJr37TkapAhTvSBNstBOxw==

GET
H2 200 SOC_2_Compliance.png
gritapp.gritfinancial.org/ 19 KB
21 KB 622ms
621ms Image
image/png 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gritapp.gritfinancial.org/SOC_2_Compliance.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5f85b6f9a98181f9e03c5635116baba33e83fdf416e83f106e58d9fa30c013eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:53 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 19905
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:03 GMT
server: AmazonS3
etag: "b03e504f69711d608256b7e63fc0a888"
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: RJZwF7GlAn30188k0B-krPOtXg6CN3xhwbMWwzRHECDHX9k7AWvOcg==

GET
H2 200 gritLogoV3.png
gritapp.gritfinancial.org/ 5 KB
6 KB 630ms
630ms Image
image/png 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gritapp.gritfinancial.org/gritLogoV3.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9fce699bde8a4320263f68c7fff6a1ff1f501f33b781462378de53bb33b47142

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:53 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 4782
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:04 GMT
server: AmazonS3
etag: "0422daf5fc27dd1a767412f7d8fdb076"
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: R7QcBskZiteQ1grwDR-aUZqKwTEVJQHFIOkqneitcGB3A1xcLU0KSQ==

GET
H2 200 VisaLogo.png
gritapp.gritfinancial.org/ 11 KB
13 KB 646ms
646ms Image
image/png 2600:9000:21f3:7a00:1:a972:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gritapp.gritfinancial.org/VisaLogo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:7a00:1:a972:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

92c8f3f9a447c0ea10190417e1bd05556ca32f13ad70e06aff4ee4750af1df48

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 20:41:53 GMT
via: 1.1 eb1a8c1b1275e33a016e623478052110.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://*.citadelid.com/ https://*.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://*.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://*.backend.prod.gritfinancial.org/ https://*.citadelid.com/ https://*.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://*.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://*.hotjar.com/ wss://*.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://*.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://*.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 11473
x-xss-protection: 1
last-modified: Thu, 03 Aug 2023 17:08:03 GMT
server: AmazonS3
etag: "84eb77e915d540dcdbf8f8a77afa0c2d"
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: UTYbHf9AFrtL3Xme-IPdrEZ5LwEQKYi1sdotWO9Qg8WbFCjrH90yXg==

GET
DATA 200
OK truncated
/ 22 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4adc290ce6633839d17ed792daaaceb7d927fea11868158a635ff31d01ce3b60

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ 47 KB
47 KB 166ms
86ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Livvic:wght@400;500;700&family=Roboto:wght@400;500;700&family=Source+Sans+Pro:wght@300;400;600;700&family=Work+Sans:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 11:44:39 GMT
x-content-type-options: nosniff
age: 205033
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47728
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jul 2024 11:44:39 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 115ms
35ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 03:41:01 GMT
x-content-type-options: nosniff
age: 579651
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 03:41:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 123ms
44ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 578100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 04:06:52 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 208ms
129ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 23:04:46 GMT
x-content-type-options: nosniff
age: 509826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 23:04:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 154ms
75ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 497203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 02:35:09 GMT

GET
H2 200 rnCp-x1S2hzjrlfXaOM7.woff2
fonts.gstatic.com/s/livvic/v14/ 21 KB
21 KB 190ms
118ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/livvic/v14/rnCp-x1S2hzjrlfXaOM7.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1268d621a5f89f66f4de9f0d413404b87a9d14f4dd4f5b37d6b7e64ac14c8f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gritapp.gritfinancial.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 17:55:52 GMT
x-content-type-options: nosniff
age: 528360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21212
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:45:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 17:55:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JBT7N0CJ0Z&cid=1383134764.1691095309&gtm=45je3820&aip=1&z=1042890268

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gritfinancial.org/	1970-01-20 23:20:55	Name: _ga Value: GA1.1.1383134764.1691095309
.gritfinancial.org/	1970-01-20 23:20:55	Name: _ga_JBT7N0CJ0Z Value: GS1.1.1691095309.1.0.1691095309.60.0.0
.gritfinancial.org/	1970-01-20 23:20:55	Name: _ga_FAZSIR432 Value: GS1.1.1691095309.1.0.1691095309.0.0.0
.gritfinancial.org/	1970-01-20 22:30:31	Name: _hjSessionUser_3148047 Value: eyJpZCI6IjdmY2VlMTUxLTNhMmYtNTc2My1iZWFjLTUyM2UzNWQ3M2QxNCIsImNyZWF0ZWQiOjE2OTEwOTUzMDk4MDYsImV4aXN0aW5nIjpmYWxzZX0=
.gritfinancial.org/	1970-01-20 13:44:57	Name: _hjFirstSeen Value: 1
.gritfinancial.org/	1970-01-20 13:44:55	Name: _hjIncludedInSessionSample_3148047 Value: 1
.gritfinancial.org/	1970-01-20 13:44:57	Name: _hjSession_3148047 Value: eyJpZCI6IjFkNjI1MWJmLTc1MDAtNGM2Ni1iNDVhLTI5MzI5ZmJmNmFkNCIsImNyZWF0ZWQiOjE2OTEwOTUzMDk4MTYsImluU2FtcGxlIjp0cnVlfQ==
.gritfinancial.org/	1970-01-20 13:44:57	Name: _hjAbsoluteSessionInProgress Value: 0
.gritfinancial.org/	1970-01-20 15:54:31	Name: _fbp Value: fb.1.1691095309860.1326824391

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBNMTG2&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 422) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'". Either the 'unsafe-inline' keyword, a hash ('sha256-gYoMC+NxGZekMTocJ9YDvp8lfXaVo4Ewl2DBY2csqf8='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBNMTG2&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 422) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'". Either the 'unsafe-inline' keyword, a hash ('sha256-BZ2phfwizJvkANJgHYSmX+zKqh0fyvm2lWfVjKmdPkw='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBNMTG2&gtm_auth=&gtm_preview=&gtm_cookies_win=x(Line 422) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://*.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'". Either the 'unsafe-inline' keyword, a hash ('sha256-ZC4Ihfl+1sv3E25DQh090ITQKwffxiocyA9C1vaePKU='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-JBT7N0CJ0Z&l=dataLayer&cx=c(Line 172) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-JBT7N0CJ0Z&gtm=45je3820&_p=1651335899&_gaz=1&cid=1383134764.1691095309&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691095309&sct=1&seg=0&dl=https%3A%2F%2Fgritapp.gritfinancial.org%2Femployee%2Fregistration%2Fget-started%3Fcategory%3Djjb&dt=Grit&en=page_view&_fv=1&_nsi=1&_ss=1' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-JBT7N0CJ0Z&l=dataLayer&cx=c(Line 172) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-JBT7N0CJ0Z&gtm=45je3820&_p=1651335899&cid=1383134764.1691095309&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1691095309&sct=1&seg=0&dl=https%3A%2F%2Fgritapp.gritfinancial.org%2Femployee%2Fregistration%2Fget-started%3Fcategory%3Djjb&dt=Grit&en=RegForm&_c=1&_et=5' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com".
security	error	URL: https://gritapp.gritfinancial.org/employee/registration/get-started?category=jjb Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JBT7N0CJ0Z&cid=1383134764.1691095309&gtm=45je3820&aip=1&z=1042890268' because it violates the following Content Security Policy directive: "img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-JBT7N0CJ0Z&l=dataLayer&cx=c(Line 172) Message: Refused to connect to 'https://region1.analytics.google.com/g/collect?v=2&tid=G-JBT7N0CJ0Z&gtm=45je3820&_p=1651335899&cid=1383134764.1691095309&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1691095309&sct=1&seg=0&dl=https%3A%2F%2Fgritapp.gritfinancial.org%2Femployee%2Fregistration%2Fget-started%3Fcategory%3Djjb&dt=Grit&en=scroll&epn.percent_scrolled=90&_et=2' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://*.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://res.cloudinary.com/; img-src 'self' https://www.facebook.com/ https://res.cloudinary.com/ https://www.google.co.in data:; script-src 'self' blob: https://cdn.plaid.com/ https://.citadelid.com/ https://.mapbox.com/ https://plugin.argyle.io/ https://www.googletagmanager.com/ https://www.google-analytics.com/ https://.hotjar.com/ https://connect.facebook.net/ https://api.sardine.ai/ 'sha256-YSSIbZr2Bfmu0IBPsVhnG6tdUQVx63TUPe+vrXZL16g=' 'nonce-gritfinancial'; style-src 'self' https://fonts.googleapis.com/ 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com/ https://res.cloudinary.com/ https://.hotjar.com/ data: ; connect-src 'self' https://api.countrystatecity.in/ https://sentry.tools.gritfinancial.org/ https://backend.prod.gritfinancial.org/ https://cognito-idp.us-west-2.amazonaws.com/ https://cognito-identity.us-west-2.amazonaws.com/ https://places.geo.us-west-2.amazonaws.com/ https://.backend.prod.gritfinancial.org/ https://.citadelid.com/ https://.mapbox.com/ https://prod.truv.com/ https://get.geojs.io/ https://.argyle.com/ https://api.segment.io/ https://www.google-analytics.com/ https://.hotjar.com/ wss://.hotjar.com https://.hotjar.io/ https://hnnnlzmi.usw.stape.io/ https://analytics.google.com/ https://stats.g.doubleclick.net https://device.payfone.com; frame-src 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/ https://.hotjar.com/ https://api.sardine.ai/ https://widgets.moneydesktop.com/; frame-ancestors 'self' https://app.csvbox.io/ https://withpersona.com/ https://cdn.plaid.com/ https://.citadelid.com/ https://cdn.truv.com/ https://sso.tabapay.com/; form-action 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

backend.prod.gritfinancial.org
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
fonts.gstatic.com
gritapp.gritfinancial.org
hnnnlzmi.usw.stape.io
script.hotjar.com
sentry.tools.gritfinancial.org
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google.de
www.googletagmanager.com
www.google.de
104.198.8.50
13.226.175.46
18.164.52.40
2600:9000:21f3:7a00:1:a972:1c0:93a1
2a00:1450:4001:808::2008
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2003
2a00:1450:400c:c0c::9a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.250.221.67
52.25.194.17
54.244.158.153
017c1b8a8f539440fc29614a52ab08bfcbe81b5cd8f304cac95276d619a5c008
0192594d0c2374b02620db46c70c54330183fe4373a05f81c93f99efe56ded4a
05a2a35541f8dfd11cf032b54df4f35b5fb4ae01186f3b8054302d30d4291a26
0e4c3267e1907857a1f98db3573ce5eb145202a66d5238370a920ee02d0a52e6
1268d621a5f89f66f4de9f0d413404b87a9d14f4dd4f5b37d6b7e64ac14c8f7b
168aa3caffc45d918997d13e53674d8ec17563ae7312045550efaee1100eefb7
1768de046a24106e6873e60b6a1484aafcd433337078b223c1629640b6a0e227
1cb289339f16752f1f94efd10f611c7234136050b5d8ec4f32100b03e34bc0f1
3ac6e70296c981739efdcb43020abd8ef29e8fba686b7dc29cad49dbb09f5ab8
4adc290ce6633839d17ed792daaaceb7d927fea11868158a635ff31d01ce3b60
4bc81d388806d2480e7adfb93c7f99c1d1da581571acc6082a5fa165687b7e35
4cd699f66bd841d08c05f4d389b1325695768038b52ed7ba6e1dfbd4b1a9770c
4d412939898d36746312a213978a74397b1ec5a57496e9c8256bb9a693bbfece
5066fd17d1f21b5cf0ed31c3e2197f99fcd530fd32f2bdd8c26998b179263987
52e5392f9b231b556c52450e42749a868cfba9236e0a8590295843f5c6ce2c8b
55970cccbfed31953fb83eed2d3077654be3e8074e636796b5698c3d147b695e
59e999a9a5b296c958fbb061643e041b3c862f60052f9d7c094448720f49d069
5f85b6f9a98181f9e03c5635116baba33e83fdf416e83f106e58d9fa30c013eb
66fc58f8e5fb9dc88356265cb04ee817eed8b7f416c679dc29c6db08a8692254
69bc8df6df5bfc18d041cbb635985ffd44e3144e6f72958055c084861aa8b3af
6b0bcc76b1f27a0840c594746704052a5fa8caf2297b8d2c5f008d9d50229b55
758b60f4bd97adbcf8642519e1893a6603e99b39d5beaf1b2d958c67cf06dc0a
7709d885ac5d0ecb65e09a41ebe3758e3720290ad44c19fa72a43d0f77155893
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
86793d1b2cf45b47591e4525895d2019fd054efa66f397c0c6c2ce5a16a97cdd
8a153b6c202baf5d1674294356a1b4688fcbc5ac8d6f7b1cb31fe72d3d19afb7
92c8f3f9a447c0ea10190417e1bd05556ca32f13ad70e06aff4ee4750af1df48
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
97ea29bc896fe3e90be8b13f3d9922493959e8068a2c98d2b7bfed26a8880334
9825b2b0adedbce2821003273e1f94d194590b440c756ab0b10532e8b067e573
9b61285108d3b9bb24886651ddaa3322173a387cdb9b964f87141fe5cca1fbf8
9b78354357bc04de9fa52562968bad64ef1311b665cc6ea927d2ec08bcc82cd8
9fce699bde8a4320263f68c7fff6a1ff1f501f33b781462378de53bb33b47142
a6bc912cdc174fd8e90abbe6541197f9101013cd18e342c6e2a75f8c3c6be159
a944d092795301362293ea84f40316ed8105d71645086d54a4ee6a6cf9326b32
aec5e7592f3722aee78fa27ed21d7859a0749c5ef3fecadce04efd1b205e4b5a
aee8570c469d69a41400a53a8734edee0902b7bda2e42d88ea7a1624ff547882
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bbfdfea856d506dca387a3d554397edf0bdb1893cc39ca7a835d81f90c7d7da8
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cf985600b3cd07d31b665745d8848d36cbe7e8254abc0448f46bee2f84ada77f
d804cf6e24c1e7c90082d37c34d658bebdaccee161d996381e605e6cf4bf6402
dc48f6f6468af8bd85f2b18b2d0c8d467877712f335bef4428028d2c4927b063
dd9c2c1f7b06f129137c82b7abce9b0b108e288e53af4ed7a4676b3e61619340
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e8fd73e66fe17d437ce927a194bb41c1c714d180f05db006b824ae6f01941eba
edc07535057f4223bc4f7798dc46e0cc6a8adcde9462bc23b68d34c2f64a0f92
f1934e433cebec85d7f2fe4f6f44350b43224707dbe09288d4c36f866d05f50e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f827ec383239317deb9387ea204a9a0089594aaa0a763922e3d85222010531e2
fd87d48568388d00c632961c1d6fbb0070e784a46eb55b115b79fb0f7fe73a4d
ff3dabfe607c34074a730f25857721b718126bbb8b03f9d7e824af85fad8fc9a
ffdc003f66816dea6862559c313be3b0b676b54d45e125ffa9a4867671620e44

gritapp.gritfinancial.org Open in urlscan Pro 2600:9000:21f3:7a00:1:a972:1c0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

54 %IPv6

11 Domains

14 Subdomains

14 IPs

4 Countries

2672 kBTransfer

3651 kBSize

9 Cookies

0 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gritapp.gritfinancial.org Open in urlscan Pro
2600:9000:21f3:7a00:1:a972:1c0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

54 %
IPv6

11
Domains

14
Subdomains

14
IPs

4
Countries

2672 kB
Transfer

3651 kB
Size

9
Cookies

57 HTTP transactions
1 data transactions