app.novo.co Open in urlscan Pro
2606:4700::6812:12c9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://44.207.94.73/
Effective URL:
https://app.novo.co/
Submission Tags: falconsandbox
Submission: On January 26 via api (January 26th 2024, 11:51:10 pm UTC) from US — Scanned from DE

Summary HTTP 85 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 21 domains to perform 85 HTTP transactions. The main IP is 2606:4700::6812:12c9, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.novo.co.
TLS certificate: Issued by GTS CA 1P5 on December 6th 2023. Valid for: 3 months.

This is the only time app.novo.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.207.94.73 44.207.94.73	14618 (AMAZON-AES) (AMAZON-AES)
26	2606:4700::68... 2606:4700::6812:12c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
3	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	18.239.69.37 18.239.69.37	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:244... 2600:9000:2447:d000:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.239.83.10 18.239.83.10	16509 (AMAZON-02) (AMAZON-02)
3	18.154.63.14 18.154.63.14	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.114 13.225.78.114	16509 (AMAZON-02) (AMAZON-02)
4	34.66.73.214 34.66.73.214	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	34.198.52.31 34.198.52.31	14618 (AMAZON-AES) (AMAZON-AES)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:25a... 2600:9000:25a2:8400:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.225.16.159 44.225.16.159	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	108.157.5.251 108.157.5.251	16509 (AMAZON-02) (AMAZON-02)
1	54.174.13.107 54.174.13.107	14618 (AMAZON-AES) (AMAZON-AES)
85	22

1 44.207.94.73 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-94-73.compute-1.amazonaws.com

44.207.94.73	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700::6812:12c9 (United States)

ASN13335 (CLOUDFLARENET, US)

app.novo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o139498.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.69.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-37.ams58.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2447:d000:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.83.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-10.ams58.r.cloudfront.net

cdn.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.154.63.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-14.dus51.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-114.fra2.r.cloudfront.net

api.rudderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.66.73.214 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 214.73.66.34.bc.googleusercontent.com

client-api.auryc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.198.52.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-52-31.compute-1.amazonaws.com

api.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:25a2:8400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.225.16.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-16-159.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.5.251 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-5-251.dus51.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.174.13.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-13-107.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	novo.co app.novo.co	2 MB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com — Cisco Umbrella Rank: 7010 m.stripe.com — Cisco Umbrella Rank: 1188	150 KB
4	googleapis.com firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 557 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 494	1 KB
4	auryc.com client-api.auryc.com — Cisco Umbrella Rank: 8930	1 KB
4	sprig.com cdn.sprig.com — Cisco Umbrella Rank: 7514 api.sprig.com — Cisco Umbrella Rank: 4103	65 KB
4	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 849 heapanalytics.com — Cisco Umbrella Rank: 762	229 KB
3	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 12739	71 KB
3	sentry.io o139498.ingest.sentry.io	643 B
3	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2074 rs.fullstory.com — Cisco Umbrella Rank: 2075	70 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	189 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1315	16 KB
2	rudderstack.com api.rudderstack.com — Cisco Umbrella Rank: 11560	4 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1260	18 KB
1	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1024 trc.taboola.com Failed trc-events.taboola.com Failed	20 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	2 KB
0	snapchat.com Failed tr.snapchat.com Failed
0	google.com Failed www.google.com Failed
0	google.ru Failed www.google.ru Failed
0	trkn.us Failed trkn.us Failed
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
85	21

	Domain	Requested by
26	app.novo.co	app.novo.co
4	client-api.auryc.com	app.novo.co
3	q.stripe.com	app.novo.co
3	js.stripe.com	app.novo.co js.stripe.com
3	cdn.rudderlabs.com	app.novo.co cdn.rudderlabs.com
3	cdn.heapanalytics.com	app.novo.co cdn.heapanalytics.com
3	o139498.ingest.sentry.io	app.novo.co
2	www.googletagmanager.com	cdn.rudderlabs.com
2	firebaseremoteconfig.googleapis.com	app.novo.co
2	m.stripe.network	js.stripe.com m.stripe.network
2	api.sprig.com	app.novo.co
2	firebaseinstallations.googleapis.com	app.novo.co
2	api.rudderstack.com	app.novo.co
2	cdn.sprig.com	app.novo.co cdn.sprig.com
2	edge.fullstory.com	app.novo.co edge.fullstory.com
1	heapanalytics.com
1	sc-static.net	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com app.novo.co
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	m.stripe.com	m.stripe.network
1	rs.fullstory.com	edge.fullstory.com
0	trc-events.taboola.com Failed	app.novo.co
0	trc.taboola.com Failed	cdn.taboola.com
0	tr.snapchat.com Failed	sc-static.net app.novo.co
0	www.google.com Failed
0	www.google.ru Failed
0	trkn.us Failed
0	static.cloudflareinsights.com Failed	app.novo.co
85	29

This site contains links to these domains. Also see Links.

Domain
enable-javascript.com
novo.co
onboarding.novo.co

Subject Issuer	Validity	Valid
novo.co GTS CA 1P5	`2023-12-06` - `2024-03-05`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-01-10` - `2024-04-09`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-01-07` - `2024-04-06`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
*.rudderlabs.com Amazon RSA 2048 M02	`2023-06-14` - `2024-07-12`	a year	crt.sh
api.sprig.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
*.rudderstack.com Amazon RSA 2048 M03	`2023-10-24` - `2024-11-19`	a year	crt.sh
*.auryc.com R3	`2023-11-25` - `2024-02-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
istio-gateway.sprig.com Amazon RSA 2048 M01	`2023-05-23` - `2024-06-20`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://app.novo.co/
Frame ID: 8E5DC82ABD50EBF0CC461FB0067E5F66
Requests: 71 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 7DDE0F98441AA8FEF9285E1FF36A63DE
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5E020AF696F0E06BFFF8272D051DED90
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Novo Web App Login

Page URL History Show full URLs

http://44.207.94.73/ HTTP 301
https://app.novo.co/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

85
Requests

80 %
HTTPS

32 %
IPv6

21
Domains

29
Subdomains

22
IPs

2
Countries

2506 kB
Transfer

8604 kB
Size

22
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://enable-javascript.com/
Title: here

Search URL Search Domain Scan URL

URL: https://novo.co/

Search URL Search Domain Scan URL

URL: https://onboarding.novo.co/
Title: Get Started

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://44.207.94.73/ HTTP 301
https://app.novo.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.novo.co/
Redirect Chain

http://44.207.94.73/
https://app.novo.co/

10 KB
4 KB

422ms
391ms

Document
text/html

2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

786bfe2d82424aa3241d37fed93bd598451843c3f916bdecf599abbfa7045f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 84bca9616f1d4d8f-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 26 Jan 2024 23:51:03 GMT
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN DENY
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 26 Jan 2024 23:51:02 GMT
Location: https://app.novo.co/
Server: cloudflare-nginx
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 247 KB
68 KB 30ms
7ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: app.novo.co
URL: https://app.novo.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 164e219fdf64004e7213e90b3d4fd19463971870e4b51fdd6030446bd6ef5e65

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:21:43 GMT
content-encoding: br
age: 1760
x-guploader-uploadid: ABPtcPrLmk6BBawZAx4OteMfQikS2ameMc9sZ5X9Cv0GCX_rRmmgZbgiE8CWyh_yQaQ7B-HJd20
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69176
last-modified: Tue, 09 Jan 2024 14:46:09 GMT
server: UploadServer
etag: "39c79f2b05faf1b80cfb99fdd212a0e6"
vary: Accept-Encoding
x-goog-generation: 1704811569390469
x-goog-hash: crc32c=MZJ0CQ==, md5=OcefKwX68bgM+5n90hKg5g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 69176
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 27 Jan 2024 00:21:43 GMT

GET
H2 200 main.91d7ee68c7f0fb51.js Show response
app.novo.co/ 13 KB
6 KB 387ms
387ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/main.91d7ee68c7f0fb51.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cab5a14368b7cd6dd487a7b5a8f310f8b3448569354406644a58c032bf440f3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-3504"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca963e8b34d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 styles.9c446c59c0ffb8a2.js Show response
app.novo.co/ 8 KB
4 KB 390ms
390ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/styles.9c446c59c0ffb8a2.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00c16cde93f3feee736169e195e2f846803b81797eb54c8013fead8b5751a078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-1fab"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca963e8b54d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 styles.7a311db6731c5d52.css
app.novo.co/ 251 KB
41 KB 389ms
388ms Stylesheet
text/css 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/styles.7a311db6731c5d52.css

Requested by

Host: app.novo.co
URL: https://app.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b6682c0c27578565b5e6851d8b9c48f888d9b7ac4bb18d941de957f34152b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
content-encoding: gzip
etag: W/"65ae1fbe-3ecfd"
x-frame-options: SAMEORIGIN, DENY
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 84bca963e8b24d8f-FRA
x-xss-protection: 1; mode=block
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 email-decode.min.js Show response
app.novo.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
807 B 10ms
9ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Jan 2024 10:32:07 GMT
server: cloudflare
etag: W/"65b38a27-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 84bca963e8b64d8f-FRA
expires: Sun, 28 Jan 2024 23:51:03 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/o-1MZ1A5-na1/v1/ 4 KB
2 KB 113ms
113ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1MZ1A5-na1/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9e074330ccdd9b155912ea4bea675df2283c8514e33db05edd0ba4f5ae9baf3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPoFwRv8rolgTMh67mP4wtklpKJRhAtDqIPyCQf0MNcvpsOEqMpdubwYdb7D28JIcjtwGhmBqLiFPg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1224
last-modified: Fri, 25 Aug 2023 04:10:25 GMT
server: UploadServer
etag: "5bb9f84faaed01f98cb13212435d7187"
x-goog-generation: 1692936625283409
x-goog-hash: crc32c=pPS5wA==, md5=W7n4T6rtAfmMsTISQ11xhw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1224
accept-ranges: bytes
content-type: application/json
expires: Sat, 27 Jan 2024 00:06:03 GMT

GET v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 0
0

GET
H2 200 2874.80218e7db7239bf5.js Show response
app.novo.co/ 1 MB
137 KB 488ms
488ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/2874.80218e7db7239bf5.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f72397857cc1bc1d74df9c057471dd4d694a23c00b443b7ea461d660613cfa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-117554"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a884d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 8222.596736712d617b14.js Show response
app.novo.co/ 59 KB
24 KB 486ms
485ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/8222.596736712d617b14.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3435e24a91ce67e83285d8b72370cf5263473697779b25de8e68323f20a6ea63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-ecea"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a894d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 4063.4ab035889cabf8ef.js Show response
app.novo.co/ 13 KB
4 KB 108ms
108ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/4063.4ab035889cabf8ef.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9373ac37ecef5df6ddae419acc668e1ee191e58b55942759123d03909089db45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-34ea"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a8b4d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 3567.0903ec5629986aa5.js Show response
app.novo.co/ 2 MB
564 KB 486ms
486ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/3567.0903ec5629986aa5.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db73c83d48060333b4761cbaedd33e36238232cd2a45c7d6311db1b055ae45b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-1ccca7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a8e4d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 6204.b5b07b60ae95a44e.js Show response
app.novo.co/ 7 KB
3 KB 393ms
393ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/6204.b5b07b60ae95a44e.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eeb68b772227e4742d1f56252e571b62087b6e29a25aa8bca35422d77b0462c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-1be0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a8f4d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 2457.490646e8e258a303.js Show response
app.novo.co/ 131 KB
42 KB 489ms
489ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/2457.490646e8e258a303.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46c1dcf79c3d9587307f0775daa002185511e1937601b0d639d75d3fa6d2f19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-20a5e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a904d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 9379.5fa83ec9ce56a38f.js Show response
app.novo.co/ 57 KB
19 KB 483ms
482ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/9379.5fa83ec9ce56a38f.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

175094084fe44d91d7e36cf57c2447278356502293246db701a601f977f97eaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-e354"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a924d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 5485.1068897dccc38bde.js Show response
app.novo.co/ 18 KB
6 KB 428ms
428ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/5485.1068897dccc38bde.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f53d1adbe1df5d485486ae2dcd7effda35e63db0595e11ffef2ca62b1eacbeee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-493d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a934d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 3267.45a3e65045be5d06.js Show response
app.novo.co/ 8 KB
3 KB 430ms
428ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/3267.45a3e65045be5d06.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c2d26266ecc58d0cfbb161d3b79decc868751a43c666ff11265cb39e98ca844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-2188"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a944d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 7915.5989275a21b4281d.js Show response
app.novo.co/ 110 KB
19 KB 513ms
512ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/7915.5989275a21b4281d.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c2d1bae8f4307d15d38ad31b3a35eeb707d349b70b5067537c815d64e580fb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-1b873"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a954d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 9950.ec33fe75d6f79b66.js Show response
app.novo.co/ 5 KB
2 KB 393ms
392ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/9950.ec33fe75d6f79b66.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dd7875c1d9343e435ffccbde78177c88dea34bef8434b351c520c532a8f0485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-14bf"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a974d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 827.2c2f59618c2c73ea.js Show response
app.novo.co/ 11 KB
4 KB 431ms
430ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/827.2c2f59618c2c73ea.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fc14e24f28c68ab440ba8575741084bb998ffa3c56e5beb4c454bf152e7bc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-2cb5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a984d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 9060.946a27a50d54a6d4.js Show response
app.novo.co/ 4 KB
1 KB 398ms
398ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/9060.946a27a50d54a6d4.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15d3942ea086ce5313e646bb349765addd75b29c956fe6828e3503182d9eb820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-eed"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a994d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 5995.d6b7786ac6701972.js Show response
app.novo.co/ 7 KB
3 KB 397ms
397ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/5995.d6b7786ac6701972.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dc2c78459b1458703a97930ca7a41b8cee8fb27b4dd0859baaeb8bc9632364b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-1a9f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a9b4d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 6380.b0f800c923d4a8e6.css
app.novo.co/ 279 KB
45 KB 520ms
520ms Stylesheet
text/css 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/6380.b0f800c923d4a8e6.css

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f76c6d65cde382ead50258215dbdfa9833ea3219813dea19e3e5fddeb83f4bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
content-encoding: gzip
etag: W/"65ae1fbe-45bfd"
x-frame-options: SAMEORIGIN, DENY
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 84bca9667a9c4d8f-FRA
x-xss-protection: 1; mode=block
expires: Sat, 27 Jan 2024 03:51:03 GMT

GET
H2 200 6380.4aa0ba8de3150c61.js Show response
app.novo.co/ 1 MB
332 KB 522ms
522ms Script
application/javascript 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/6380.4aa0ba8de3150c61.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/main.91d7ee68c7f0fb51.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f53b23b08875486670db5b87e75a11d82461b960e0f0c06aca29fb20c96f3a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.novo.co/
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: W/"65ae1fbe-1413da"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84bca9667a9e4d8f-FRA
expires: Sat, 27 Jan 2024 03:51:03 GMT

POST
H2 202 page Show response
rs.fullstory.com/rec/ 71 B
266 B 145ms
125ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

eac81d9e33471676d196674d072ca7645bd436299f04887009d224e204279e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.novo.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 26 Jan 2024 23:51:03 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://app.novo.co
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71

POST
H2 200 / Show response
o139498.ingest.sentry.io/api/1402941/envelope/ 2 B
324 B 46ms
12ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o139498.ingest.sentry.io/api/1402941/envelope/?sentry_key=0fb95a5ba42c4253a4b9c652367e814d&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1

Requested by

Host: app.novo.co
URL: https://app.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.novo.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Jan 2024 23:51:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 heap-3775576419.js Show response
cdn.heapanalytics.com/js/ 120 KB
39 KB 160ms
116ms Script
application/javascript 18.239.69.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3775576419.js

Requested by

Host: app.novo.co
URL: https://app.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.69.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-69-37.ams58.r.cloudfront.net

Software

nginx / Express

Resource Hash

87a1ddd2c0c554dcca99d4cae4577c80d4bb92bad7e4dc1c15acfe1e3a7a339d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:49:21 GMT
content-encoding: br
via: 1.1 c3d7a569db567dde78a645781f9949a2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: AMS58-P4
age: 103
x-powered-by: Express
etag: W/"1df92-5mpDDlbsC8RQPwczKDdiL3IuKn4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IDuCLqmVw16c2v3rafxQSJrUTF8FTeecf6u2PZQa033HOpn5ItU2yw==

GET
H2 200 rsa.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/legacy/ 183 KB
51 KB 86ms
23ms Script
text/javascript 2600:9000:2447:d000:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/legacy/rsa.min.js
Requested by: Host: app.novo.co
URL: https://app.novo.co/7915.5989275a21b4281d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:d000:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd4a281e65a432fc669d1d2571113a42b5c28b08670b049e10da1d7c3dac0977

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:43:56 GMT
content-encoding: gzip
via: 1.1 f75afc04e5fb2b66fe286e4f840886c6.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 11:17:37 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 429
x-amz-server-side-encryption: AES256
etag: W/"edffd49ce61f8ec73711ce1930a5e7cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ahehSKV26IqDgoNosO7NE-f-ZgUVcBZOsuun9N-Av2Xj57J5EpYsXg==

GET
H2 200 shim.js Show response
cdn.sprig.com/ 128 KB
43 KB 61ms
15ms Script
application/javascript 18.239.83.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sprig.com/shim.js?id=_NCBHaUVs3QG
Requested by: Host: app.novo.co
URL: https://app.novo.co/7915.5989275a21b4281d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-10.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61c7ca01209a08984390d3a526edbde843001a12f0086f7d17ebfbf5f0e5b6ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 21:47:30 GMT
x-amz-version-id: Ju3icUfA6hrU214m0KP0h9gO3Hni4bfA
content-encoding: br
last-modified: Fri, 19 Jan 2024 20:37:59 GMT
server: AmazonS3
via: 1.1 411234c039d8f1de63b7f2192e5e24d4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
etag: W/"353d9f92ca08e5ada5476331adc1f4ce"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 7415
cross-origin-resource-policy: cross-origin
x-amz-cf-id: WCpGL3NeUcJ6lD45PM67hLZTTo3D3ZlsuvWXrOM2osLlkmlyPalE1w==

GET
H2 200 v3 Show response
js.stripe.com/ 587 KB
145 KB 75ms
12ms Script
text/javascript 18.154.63.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: app.novo.co
URL: https://app.novo.co/3567.0903ec5629986aa5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-14.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f195179b3694d3b5cd85e3c12ea37818acf178e913fbfa386864bf18784956f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:04 GMT
content-encoding: br
via: 1.1 3d19c1786985b405e94150c01ee7e35e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 55
x-amz-cf-pop: DUS51-P4
x-cache: Hit from cloudfront
last-modified: Fri, 26 Jan 2024 21:36:01 GMT
server: Cloudfront
etag: W/"edd03aac512133daf9b4ea7263f83cb9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 0vJpkfxDoBTjgfQZtDzyEGKwFl9Grjmt_2uJwYt9EplQHoCGmoP9Og==

GET
BLOB 200
OK 0b4391cc-d4b2-45a7-8fcf-7b2a0df63f54
https://app.novo.co/ 335 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.novo.co/0b4391cc-d4b2-45a7-8fcf-7b2a0df63f54
Requested by: Host: app.novo.co
URL: https://app.novo.co/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bd094257ab7648526f346186a7f3f715152c4887747bcf4155b8f1038da6ab8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 335
Content-Type: application/javascript

GET
H2 200 ABCGintoNormal-Regular.6d714a0e0042dede20c5.otf
app.novo.co/ 89 KB
89 KB 577ms
576ms Font
application/octet-stream 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/ABCGintoNormal-Regular.6d714a0e0042dede20c5.otf

Requested by

Host: app.novo.co
URL: https://app.novo.co/styles.7a311db6731c5d52.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc5464ea136ca4560005121d6d6deeba85c143bc40bd4d883b4727380f5e2350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.novo.co/styles.7a311db6731c5d52.css
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
content-length: 90752
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: "65ae1fbe-16280"
x-frame-options: SAMEORIGIN, DENY
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84bca96e78134d8f-FRA
expires: Sat, 27 Jan 2024 03:51:05 GMT

GET
H2 200 login_bg.5934251dd5f068c519f0.svg
app.novo.co/ 134 KB
91 KB 575ms
574ms Image
image/svg+xml 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.novo.co/login_bg.5934251dd5f068c519f0.svg

Requested by

Host: app.novo.co
URL: https://app.novo.co/6380.b0f800c923d4a8e6.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4ad50649280f2c2e856df82d2445b19456e52f5a57487ccf150f4b29397973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/6380.b0f800c923d4a8e6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
content-encoding: gzip
etag: W/"65ae1fbe-2165f"
x-frame-options: SAMEORIGIN, DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84bca970695d4d8f-FRA
x-xss-protection: 1; mode=block
expires: Sat, 27 Jan 2024 03:51:05 GMT

GET
H2 200 ABCGintoNormal-Bold.e0cddd2de9e7a380e5ec.otf
app.novo.co/ 101 KB
102 KB 393ms
392ms Font
application/octet-stream 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/ABCGintoNormal-Bold.e0cddd2de9e7a380e5ec.otf

Requested by

Host: app.novo.co
URL: https://app.novo.co/styles.7a311db6731c5d52.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fe0306e3dc8c3cb5b39ce18886410a07b5818f4e87dabbb060073c48188e9b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.novo.co/styles.7a311db6731c5d52.css
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-length: 103728
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: "65ae1fbe-19530"
x-frame-options: SAMEORIGIN, DENY
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84bca97079634d8f-FRA
expires: Sat, 27 Jan 2024 03:51:05 GMT

GET
H2 200 ABCGintoNormal-Medium.d796bee9cc0bfa44ac49.otf
app.novo.co/ 101 KB
101 KB 390ms
390ms Font
application/octet-stream 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.novo.co/ABCGintoNormal-Medium.d796bee9cc0bfa44ac49.otf

Requested by

Host: app.novo.co
URL: https://app.novo.co/styles.7a311db6731c5d52.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ef5e6f9e0796a2c59a429817b8870200eea025ba116210c480a40bfa858e3fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.novo.co/styles.7a311db6731c5d52.css
Origin: https://app.novo.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
content-length: 103076
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
etag: "65ae1fbe-192a4"
x-frame-options: SAMEORIGIN, DENY
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84bca97079644d8f-FRA
expires: Sat, 27 Jan 2024 03:51:05 GMT

GET
H2 200 novo_logo_blue_black_primary.c0444896f5adae4771584526aa798101.svg
app.novo.co/ 2 KB
1 KB 394ms
394ms Image
image/svg+xml 2606:4700::6812:12c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.novo.co/novo_logo_blue_black_primary.c0444896f5adae4771584526aa798101.svg

Requested by

Host: app.novo.co
URL: https://app.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:12c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8436c5a04ef785453f72761f9f7e830dec96cd00615c64fba912efed640a5fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 22 Jan 2024 07:56:46 GMT
server: cloudflare
content-encoding: gzip
etag: W/"65ae1fbe-7d9"
x-frame-options: SAMEORIGIN, DENY
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 84bca97079664d8f-FRA
x-xss-protection: 1; mode=block
expires: Sat, 27 Jan 2024 03:51:05 GMT

GET
BLOB 200
OK 4af6f34f-0daf-48b1-b1d6-36a463f6328e
https://app.novo.co/ 10 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.novo.co/4af6f34f-0daf-48b1-b1d6-36a463f6328e
Requested by: Host: app.novo.co
URL: https://app.novo.co/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 10285
Content-Type

GET
H2 200 container.js Show response
cdn.heapanalytics.com/js/replay/9930-HeapProductionV2-prod-heap/ 9 KB
5 KB 13ms
12ms Script
application/javascript 18.239.69.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/replay/9930-HeapProductionV2-prod-heap/container.js
Requested by: Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/heap-3775576419.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-37.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ce006ee43e665f7bdd6bf80a9fe0fca4a42c9e7b1556119b187fb214e648498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: rT2qA.9hIYaEfX4u8JidD91poIVoQ84y
content-encoding: gzip
via: 1.1 c3d7a569db567dde78a645781f9949a2.cloudfront.net (CloudFront)
date: Fri, 26 Jan 2024 12:39:24 GMT
x-amz-cf-pop: AMS58-P4
age: 40314
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4366
last-modified: Thu, 11 Jan 2024 13:39:56 GMT
server: AmazonS3
etag: "1743de76088b87ecdd57118dcaf36fd4"
content-type: application/javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-amz-cf-id: Ad-ep3UGnzxoNbuf9Dmvf-4vgjV2a0ckOhj5Ttnutg3zkKbpqcwReQ==

OPTIONS
H2 204 /
api.rudderstack.com/sourceConfig/ Frame 0
0 129ms
104ms Preflight 13.225.78.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rudderstack.com/sourceConfig/?p=cdn&v=3.0.0-beta.20&build=legacy&writeKey=2WNuNd9v8R28D52V90sG6izB3Bi&lockIntegrationsVersion=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-114.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://app.novo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: *
access-control-max-age: 900
alt-svc: h3=":443"; ma=86400
date: Fri, 26 Jan 2024 23:51:05 GMT
vary: Origin
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-id: gf6bg_otDrLsmWFain_Tj2dpjudaYB42oKtoZUK3NxA4Y9ZB4v-mDw==
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-request-id: c4fd89c0-bca5-11ee-b147-df7791ccd322

GET
H2 200 / Show response
api.rudderstack.com/sourceConfig/ 13 KB
4 KB 106ms
106ms XHR
application/json 13.225.78.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rudderstack.com/sourceConfig/?p=cdn&v=3.0.0-beta.20&build=legacy&writeKey=2WNuNd9v8R28D52V90sG6izB3Bi&lockIntegrationsVersion=false

Requested by

Host: app.novo.co
URL: https://app.novo.co/3567.0903ec5629986aa5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.114 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-114.fra2.r.cloudfront.net

Software

Resource Hash

6baa06cf400395d822924947424e9f8a31f737e283895455ea475f52a4bb563d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://app.novo.co/
accept-language: de-DE,de;q=0.9
Authorization: Basic MldOdU5kOXY4UjI4RDUyVjkwc0c2aXpCM0JpOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c50d8f50-bca5-11ee-b312-2191124decd2
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-amz-cf-id: K6asoIfj_zU7oyGNaFyvcHQ-3FUuN9QE3YPJWJdMvIR7aWI4YeTmqQ==

GET
H2 200 releasesettings Show response
client-api.auryc.com/ 2 B
161 B 153ms
153ms XHR
application/json 34.66.73.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/releasesettings?lib=Web

Requested by

Host: app.novo.co
URL: https://app.novo.co/3567.0903ec5629986aa5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.73.66.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

x-authorized-identity: 9930-HeapProductionV2-prod-heap
Referer: https://app.novo.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-authorized-token: af33509cee3db7970398b5069a6bc08a

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 23:51:05 GMT
server: istio-envoy
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://app.novo.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 36
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 releasesettings
client-api.auryc.com/ Frame 0
0 375ms
118ms Preflight 34.66.73.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/releasesettings?lib=Web

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.73.66.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-authorized-identity,x-authorized-token
Access-Control-Request-Method: GET
Origin: https://app.novo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-authorized-identity, x-authorized-token
access-control-allow-methods: OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://app.novo.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 26 Jan 2024 23:51:05 GMT
expires: 0
pragma: no-cache
server: istio-envoy
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/novo-apps-353e6/ 625 B
680 B 351ms
351ms Fetch
application/json 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/novo-apps-353e6/installations

Requested by

Host: app.novo.co
URL: https://app.novo.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582fd9f163fcc7a4bccef06e16f0c5f22dca9c78f5b98e7bb7fcba3633260583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://app.novo.co/
x-goog-api-key: AIzaSyC1f3et4tC5aL99QUCl3IVt2KvHoH7zEj8
accept-language: de-DE,de;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMjMgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjIzIGZpcmUtanMvIGZpcmUtanMtYWxsLWFwcC8xMC42LjAgZmlyZS1paWQvMC42LjQgZmlyZS1paWQtZXNtMjAxNy8wLjYuNCBmaXJlLXJjLzAuNC40IGZpcmUtcmMtZXNtMjAxNy8wLjQuNCIsImRhdGVzIjpbIjIwMjQtMDEtMjYiXX1dfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

date: Fri, 26 Jan 2024 23:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.novo.co
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 490
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/novo-apps-353e6/ Frame 0
0 58ms
21ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/novo-apps-353e6/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://app.novo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app.novo.co
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 26 Jan 2024 23:51:05 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H/1.1 204
No Content config
api.sprig.com/sdk/1/environments/_NCBHaUVs3QG/ Frame 0
0 392ms
111ms Preflight 34.198.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/_NCBHaUVs3QG/config
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-52-31.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: GET
Origin: https://app.novo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Fri, 26 Jan 2024 23:51:06 GMT
server: istio-envoy
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 6

GET
H/1.1 200
OK config Show response
api.sprig.com/sdk/1/environments/_NCBHaUVs3QG/ 2 KB
1 KB 146ms
146ms Fetch
application/json 34.198.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/_NCBHaUVs3QG/config
Requested by: Host: app.novo.co
URL: https://app.novo.co/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-52-31.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: c9799da5d5bf2a417b51a6e623a24715a25e3f6545a8716c258d0eb1dfabc82b

Request headers

x-ul-visitor-id: 6854a452-bd30-4b33-bc92-f0989d067381
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://app.novo.co/
x-ul-sdk-version: 2.26.2
x-ul-environment-id: _NCBHaUVs3QG
userleap-platform: web

Response headers

date: Fri, 26 Jan 2024 23:51:06 GMT
content-encoding: gzip
server: istio-envoy
etag: W/"708-Jr3pUrk2SMZ9ePetWL3N8O8rueU"
vary: Accept-Encoding
transfer-encoding: chunked
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 53
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 7DDE 200 B
1 KB 11ms
11ms Document
text/html 18.154.63.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-14.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.novo.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 722
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 26 Jan 2024 23:39:19 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Mon, 08 Jan 2024 21:41:59 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 3d19c1786985b405e94150c01ee7e35e.cloudfront.net (CloudFront)
x-amz-cf-id: 05wddtJQFKZ6BbwNQWzaBCNzvSOq5Fl9LRD-5ztwOdAx6W_TuevYHA==
x-amz-cf-pop: DUS51-P4
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 7DDE 0
717 B 570ms
184ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.novo.co
URL: https://app.novo.co/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 Jan 2024 23:51:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706313066253395
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706313066252674
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7DDE 0
718 B 569ms
183ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.novo.co
URL: https://app.novo.co/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 Jan 2024 23:51:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706313066253399
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706313066252705
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7DDE 526 B
1 KB 11ms
11ms Script
text/javascript 18.154.63.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-14.dus51.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:39:20 GMT
via: 1.1 3d19c1786985b405e94150c01ee7e35e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 722
x-amz-cf-pop: DUS51-P4
x-cache: Hit from cloudfront
content-length: 526
last-modified: Mon, 08 Jan 2024 21:41:57 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Px__Z8EWdvyAJR2mAbMcnqB-WcXD9t2LhEcbsWHB0rxJmHcGoIIwKg==

GET
H2 200 GoogleTagManager.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/legacy/js-integrations/ 6 KB
3 KB 418ms
417ms Script
text/javascript 2600:9000:2447:d000:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/legacy/js-integrations/GoogleTagManager.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/legacy/rsa.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:d000:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80bd7b20f15dc6413930798722e85f86c4aaabd66055f73332ed91f44a24acf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:07 GMT
content-encoding: gzip
via: 1.1 f75afc04e5fb2b66fe286e4f840886c6.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 11:17:40 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
x-amz-server-side-encryption: AES256
etag: W/"3df714cfb453e9290fe1693035c4266d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZSQ5hJA3vl23vQKyQWb2Wxk5gj4ST5S8VjSecU-HWCcNFHWNbIilQA==

GET
H2 200 GA4.min.js Show response
cdn.rudderlabs.com/beta/3.0.0-beta/legacy/js-integrations/ 52 KB
17 KB 416ms
416ms Script
text/javascript 2600:9000:2447:d000:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/legacy/js-integrations/GA4.min.js
Requested by: Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/legacy/rsa.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2447:d000:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4da3e531d0b32534b824d2f0bb0126c123eab92664983ff77f1454e9205ab75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:07 GMT
content-encoding: gzip
via: 1.1 f75afc04e5fb2b66fe286e4f840886c6.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 11:17:40 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
x-amz-server-side-encryption: AES256
etag: W/"dda5364f9e63e102eb546f062a0d6534"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: zkl7hukB4-7U5DLB953sT65Eg0bA_v0A_9uB1TG7aV778nuccTLzEg==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 5E02 930 B
2 KB 58ms
13ms Document
text/html 2600:9000:25a2:8400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25a2:8400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 183
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 26 Jan 2024 23:48:02 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 49039a44484a184312d8f608c205b640.cloudfront.net (CloudFront)
x-amz-cf-id: XgCj3Qf1P0C5VI1IinrsBtT7qhHNQDjsbbo_UyweWfIhSKjrrfvi6A==
x-amz-cf-pop: ZRH55-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 5E02 0
491 B 477ms
187ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.novo.co
URL: https://app.novo.co/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 26 Jan 2024 23:51:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706313066253633
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1706313066252751
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 5E02 87 KB
14 KB 15ms
15ms Script
text/javascript 2600:9000:25a2:8400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:25a2:8400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:47:29 GMT
content-encoding: br
via: 1.1 49039a44484a184312d8f608c205b640.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 240
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: ZRH55-P1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: C2uyz5EI1p8G0SSZ3n3jWUqDWYhhOgr7FU2rWlINDUyKudv1nmSKtg==

POST
H2 200 6 Show response
m.stripe.com/ Frame 5E02 156 B
670 B 550ms
183ms XHR
application/json 44.225.16.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.225.16.159 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-225-16-159.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9ab90e055d99f9d71528038e93dbc6ea2479737f5a0b813d7ddb79f45fb9fc4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 26 Jan 2024 23:51:06 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706313066378050
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1706313066377464
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 200 firebase:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/novo-apps-353e6/namespaces/ 1 KB
530 B 213ms
213ms Fetch
application/json 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/novo-apps-353e6/namespaces/firebase:fetch?key=AIzaSyC1f3et4tC5aL99QUCl3IVt2KvHoH7zEj8

Requested by

Host: app.novo.co
URL: https://app.novo.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

143ad65f82fda038da19b1214bb0cb60411ec642e1036ef79c12e5cd12052df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Content-Encoding: gzip
Referer: https://app.novo.co/
If-None-Match: *
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 26 Jan 2024 23:51:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-novo-apps-353e6-firebase-fetch--201722862
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.novo.co
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 506
x-xss-protection: 0

OPTIONS
H2 200 firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/novo-apps-353e6/namespaces/ Frame 0
0 29ms
14ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/novo-apps-353e6/namespaces/firebase:fetch?key=AIzaSyC1f3et4tC5aL99QUCl3IVt2KvHoH7zEj8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,if-none-match
Access-Control-Request-Method: POST
Origin: https://app.novo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-encoding,content-type,if-none-match
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app.novo.co
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 26 Jan 2024 23:51:06 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 auryc.lib.js Show response
cdn.heapanalytics.com/js/replay/libs/latest/ 695 KB
186 KB 13ms
13ms Script
application/javascript 18.239.69.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/replay/libs/latest/auryc.lib.js
Requested by: Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/replay/9930-HeapProductionV2-prod-heap/container.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.239.69.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-37.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b104e242e4b08e9fce2257dd5a4058cd724a4eaccf1f6948f533978f4596caa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 3xT__n1Of3jdUG8BrQAjsFjINlVilZjL
content-encoding: gzip
via: 1.1 78e03c1b28d33ab75a53563ffdf54ba6.cloudfront.net (CloudFront)
date: Fri, 26 Jan 2024 12:03:30 GMT
age: 42456
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 189792
last-modified: Tue, 12 Dec 2023 20:14:10 GMT
server: AmazonS3
etag: "08107d4bf0deecbe08dbfbfdf7afda33"
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: vUJxLJG8JvxqctknjB9kXIUiyQcT1o8d8y4Y2qdOeuHQQPsaVp3oEA==

OPTIONS
H2 200 siteconfig
client-api.auryc.com/ Frame 0
0 117ms
117ms Preflight 34.66.73.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/siteconfig?lib=web

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.73.66.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-authorized-identity,x-authorized-token
Access-Control-Request-Method: GET
Origin: https://app.novo.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-authorized-identity, x-authorized-token
access-control-allow-methods: OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://app.novo.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Fri, 26 Jan 2024 23:51:05 GMT
expires: 0
pragma: no-cache
server: istio-envoy
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 siteconfig Show response
client-api.auryc.com/ 2 KB
1 KB 118ms
118ms XHR
application/json 34.66.73.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/siteconfig?lib=web

Requested by

Host: app.novo.co
URL: https://app.novo.co/3567.0903ec5629986aa5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.73.66.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

d0b9019537162875a9292526827b78f6def7ac58a324ad90987592e2d587624b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

x-authorized-identity: 9930-HeapProductionV2-prod-heap
Referer: https://app.novo.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-authorized-token: af33509cee3db7970398b5069a6bc08a
Content-Type: application/json

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 23:51:05 GMT
server: istio-envoy
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://app.novo.co
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 290 KB
97 KB 47ms
27ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KLKK2C8

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/legacy/js-integrations/GoogleTagManager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cca1da4752ce728f764e7229587d4f464efe5ea69b671941a3994bd90a7c2607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99375
x-xss-protection: 0
last-modified: Fri, 26 Jan 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Jan 2024 23:51:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
91 KB 51ms
35ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QR05S7NGSS

Requested by

Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/beta/3.0.0-beta/legacy/js-integrations/GA4.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c407032ebde3fcde054909b380f5338fb349c6907920fb55b94e21937e773a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93363
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jan 2024 23:51:06 GMT

GET
H2 200 record-2.0.0-alpha.6.min.js Show response
cdn.sprig.com/dependencies/ 64 KB
21 KB 13ms
13ms Script
application/javascript 18.239.83.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sprig.com/dependencies/record-2.0.0-alpha.6.min.js
Requested by: Host: cdn.sprig.com
URL: https://cdn.sprig.com/shim.js?id=_NCBHaUVs3QG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-10.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a88e2876210c1960f05cd59e66681b27ee9a1da2f33bc229f250e8301ef071f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 21:45:04 GMT
x-amz-version-id: unpW7ogcLOENtzJkxoClzv.rKxagRlP.
content-encoding: gzip
last-modified: Thu, 27 Apr 2023 18:49:28 GMT
server: AmazonS3
via: 1.1 411234c039d8f1de63b7f2192e5e24d4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P5
etag: W/"fb4653fc073b895d51061bc4ea71b065"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 7563
x-amz-cf-id: AWEeC8jGx8fUldvHsacTOe8TUVPUVhk_T6E-OaI4qUXfpYyNn4HNgw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/803601028/ 3 KB
2 KB 63ms
42ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/803601028/?random=1706313066327&cv=11&fst=1706313066327&bg=ffffff&guid=ON&async=1&gtm=45He41o0v79705031&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.novo.co%2F&hn=www.googleadservices.com&frm=0&tiba=Novo%20Web%20App%20Login&pscdl=noapi&auid=801941214.1706313066&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKK2C8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1462700071034c8a1c716902a21c710811eeea875dde8e769941ce1bca82967e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 23:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1238
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKK2C8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Jan 2024 23:30:44 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1222
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 27 Jan 2024 01:30:44 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1566412/ 66 KB
20 KB 224ms
203ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1566412/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKK2C8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c48a4f1a74c072d81293c7091bd20cb2c731db03eda5b303f7a078c8ca6a24b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: xxSNbVi9GvRzb6ioF0tkB4oekCFijJsE
content-encoding: gzip
via: 1.1 varnish
date: Fri, 26 Jan 2024 23:51:06 GMT
x-amz-request-id: 198AHZY9K43GTHA0
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 20415
x-amz-id-2: ayBujKXi8PnS76mOZIiVdH7MGn5bLC0OjZYd6shm2RYSGJv7p/dUHI5EFGkLfjRy1XbRBBnPBiU=
x-served-by: cache-fra-etou8220063-FRA
last-modified: Sun, 21 Jan 2024 11:17:16 GMT
server: AmazonS3
x-timer: S1706313066.355944,VS0,VE197
etag: "f8863dd5d3d3bb79484c5b529dc9c705"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 13
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 57ms
29ms Script
application/javascript 108.157.5.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKK2C8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.251 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-251.dus51.r.cloudfront.net
Software: CloudFront /
Resource Hash: e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:06 GMT
content-encoding: gzip
via: 1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17883
x-amz-cf-id: y_jPD0F2KV87FwSM9GCE9PoEZuzdXLn7SXKvaY_mO5zKrDHGK2cnNA==

GET conv
trkn.us/pixel/ 0
0

GET ga-audiences
www.google.ru/ads/ 0
0

GET
BLOB 200
OK 51ffe5ee-9724-4792-98eb-517b77651320
https://app.novo.co/ 85 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.novo.co/51ffe5ee-9724-4792-98eb-517b77651320
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 85
Content-Type: application/javascript

POST collect
www.google-analytics.com/j/ 0
0

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 284ms
94ms Image
image/gif 54.174.13.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3775576419&u=757186073808163&v=3145964856696685&s=2027971572468787&b=web&tv=4.0&z=0&h=%2F&d=app.novo.co&t=Novo%20Web%20App%20Login&ts=1706313065529&sch=1200&scw=1600&st=1706313066403

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.174.13.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-174-13-107.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 23:51:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET /
www.google.com/pagead/1p-user-list/803601028/ 0
0

GET /
www.google.ru/pagead/1p-user-list/803601028/ 0
0

GET 3bd63713-4f73-4d72-8f70-0294b95a49dc.js
tr.snapchat.com/config/co/ 0
0

GET p
tr.snapchat.com/ 0
0

GET 3bd63713-4f73-4d72-8f70-0294b95a49dc.json
tr.snapchat.com/config/co/ 0
0

GET
BLOB 200
OK 4f87acad-7293-48f3-8c2b-7834d7f9359c
https://app.novo.co/ 85 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.novo.co/4f87acad-7293-48f3-8c2b-7834d7f9359c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 85
Content-Type: application/javascript

GET json
trc.taboola.com/1566412/trc/3/ 0
0

GET 3bd63713-4f73-4d72-8f70-0294b95a49dc.json
tr.snapchat.com/config/co/ 0
0

POST
H2 200 / Show response
o139498.ingest.sentry.io/api/1402941/envelope/ 41 B
99 B 20ms
20ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o139498.ingest.sentry.io/api/1402941/envelope/?sentry_key=0fb95a5ba42c4253a4b9c652367e814d&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

fcfa21b89fc51cb8ef084221bac1c7461d0099c6e7d8f521e9e5db5836c28929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.novo.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 26 Jan 2024 23:51:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET unip
trc-events.taboola.com/1566412/log/3/ 0
0

POST
H3 429 / Show response
o139498.ingest.sentry.io/api/1402941/envelope/ 198 B
220 B 19ms
8ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o139498.ingest.sentry.io/api/1402941/envelope/?sentry_key=0fb95a5ba42c4253a4b9c652367e814d&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.novo.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 23:51:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-sentry-rate-limits: 60:replay:organization:replay_usage_exceeded
retry-after: 60

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Domain: trkn.us
URL: https://trkn.us/pixel/conv?ppt=18307&g=sitewide_visits&gid=41965&ord=563308767&gtmcb=2081322468

Domain: www.google.ru
URL: https://www.google.ru/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QR05S7NGSS&cid=113409207.1706313066&gtm=45je41o0v870818274z879705031&aip=1&dma=0&gcd=11l1l1l1l1&z=1388627280

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j101&a=589932103&t=pageview&_s=1&dl=https%3A%2F%2Fapp.novo.co%2F&ul=en-us&de=UTF-8&dt=Novo%20Web%20App%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=77494494&gjid=443889275&cid=113409207.1706313066&tid=UA-75554907-3&_gid=1088476529.1706313066&_r=1&_slc=1&gtm=45He41o0n81KLKK2C8v79705031&gcd=11l1l1l1l1&dma=0&z=1880710814

Domain: www.google.com
URL: https://www.google.com/pagead/1p-user-list/803601028/?random=1706313066327&cv=11&fst=1706310000000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v79705031&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.novo.co%2F&frm=0&tiba=Novo%20Web%20App%20Login&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_x2vwgIrR5jiNVUWNC7W1y0Pfb39S_w&random=2884370119&rmt_tld=0&ipr=y

Domain: www.google.ru
URL: https://www.google.ru/pagead/1p-user-list/803601028/?random=1706313066327&cv=11&fst=1706310000000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v79705031&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.novo.co%2F&frm=0&tiba=Novo%20Web%20App%20Login&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_x2vwgIrR5jiNVUWNC7W1y0Pfb39S_w&random=2884370119&rmt_tld=1&ipr=y

Domain: tr.snapchat.com
URL: https://tr.snapchat.com/config/co/3bd63713-4f73-4d72-8f70-0294b95a49dc.js?v=3.8.0-2401042024

Domain: tr.snapchat.com
URL: https://tr.snapchat.com/p?pid=3bd63713-4f73-4d72-8f70-0294b95a49dc&ev=PAGE_VIEW&intg=gtm&pids=3bd63713-4f73-4d72-8f70-0294b95a49dc&u_c1=35ca30ce-6303-4058-83f2-32be15802d7b&u_sclid=7b1df3cd-a15d-414f-97aa-d69f1a62944a&u_scsid=e87ee4dd-443a-4b74-8919-2b342e2b3553&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=1020&m_fcps=2624&m_pi=1013&m_pl=3293&m_pv=2&m_rd=3998&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fapp.novo.co%2F&trackId=0ffdd3d6-a562-4018-967c-9a428865f372&ts=1706313066412&v=3.8.0-2401042024

Domain: tr.snapchat.com
URL: https://tr.snapchat.com/config/co/3bd63713-4f73-4d72-8f70-0294b95a49dc.json?v=3.8.0-2401042024

Domain: trc.taboola.com
URL: https://trc.taboola.com/1566412/trc/3/json?tim=1706313066567&data=%7B%22id%22%3A244%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1706313066562%2C%22cv%22%3A%2220240118-41-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp.novo.co%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnovo-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1706313066566%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp.novo.co%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i

Domain: tr.snapchat.com
URL: https://tr.snapchat.com/config/co/3bd63713-4f73-4d72-8f70-0294b95a49dc.json?v=3.8.0-2401042024

Domain: tr.snapchat.com
URL: https://tr.snapchat.com/config/co/3bd63713-4f73-4d72-8f70-0294b95a49dc.json?v=3.8.0-2401042024

Domain: trc-events.taboola.com
URL: https://trc-events.taboola.com/1566412/log/3/unip?en=pre_d_eng_tb&tos=2004&scd=0&ssd=1&est=1706313066565&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1706313068117&mrir=itrkr&vi=1706313066562&ref=null&cv=20240118-41-RELEASE&item-url=https%3A%2F%2Fapp.novo.co%2F

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 17:59:59	Name: X-AB Value: dc4e3509882e40c68a170453af779220
.novo.co/	1970-01-20 18:41:45	Name: novo_app_device_uuid Value: 7aaac0c7-bc1e-4467-841d-35733c5617c7
.novo.co/	1970-01-21 03:34:33	Name: __cuid Value: a1c57c314b6f4f2092008902ab66f8c4
.novo.co/	1970-01-21 03:26:30	Name: _hp2_id.3775576419 Value: %7B%22userId%22%3A%22757186073808163%22%2C%22pageviewId%22%3A%223145964856696685%22%2C%22sessionId%22%3A%222027971572468787%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.novo.co/	1970-01-21 02:44:09	Name: rl_anonymous_id Value: RS_ENC_v3_IjRiYWUxNWE3LWZjZjctNDY1ZC04OTUzLWE2NzRiZDUzZDcwMSI%3D
.novo.co/	1970-01-21 02:44:09	Name: rl_page_init_referrer Value: RS_ENC_v3_IiRkaXJlY3Qi
.novo.co/	1970-01-21 02:44:09	Name: rl_session Value: RS_ENC_v3_eyJpZCI6MTcwNjMxMzA2NTc3NiwiZXhwaXJlc0F0IjoxNzA2MzE0ODY1NzgwLCJ0aW1lb3V0IjoxODAwMDAwLCJzZXNzaW9uU3RhcnQiOnRydWUsImF1dG9UcmFjayI6dHJ1ZX0%3D
.novo.co/	1970-01-20 20:08:09	Name: _gcl_au Value: 1.1.801941214.1706313066
.novo.co/	1970-01-21 03:34:33	Name: _ga_QR05S7NGSS Value: GS1.1.1706313066.1.1.1706313066.60.0.0
.novo.co/	1970-01-21 03:34:33	Name: userty.core.p.eb4837 Value: __2VySWQiOiIxNjVjNzhlMWM0MTUxOGE1ZDhmNmQyNjNiOGQyYjRkMSJ9eyJ1c
.novo.co/	1969-12-31 23:59:59	Name: userty.core.s.eb4837 Value: __SI6MTcwNjMxNDg2NjM4MSwic2lkIjoiNzI4ZjZiOWNhODBmZWUzZjcwMjFkYTdlMGYwNzE3MjgiLCJzdCI6MTcwNjMxMzA2NjM4MSwicHYiOjEsInJlYWR5Ijp0cnVlLCJ3cyI6IntcIndcIjoxNjAwLFwiaFwiOjEyMDB9In0=eyJzZ
.doubleclick.net/	1970-01-20 17:58:33	Name: test_cookie Value: CheckForPermission
.novo.co/	1970-01-21 03:34:33	Name: _ga Value: GA1.2.113409207.1706313066
.novo.co/	1970-01-20 17:59:59	Name: _gid Value: GA1.2.1088476529.1706313066
.novo.co/	1970-01-20 17:58:33	Name: _gat_UA-75554907-3 Value: 1
.novo.co/	1970-01-21 03:28:19	Name: _scid Value: 35ca30ce-6303-4058-83f2-32be15802d7b
.novo.co/	1970-01-21 03:28:19	Name: _scid_r Value: 35ca30ce-6303-4058-83f2-32be15802d7b
m.stripe.com/	1970-01-21 03:34:33	Name: m Value: a661d1d2-89ef-4e09-b5e9-f5f91d5a9ec4d2e0d7
.app.novo.co/	1970-01-21 02:44:09	Name: __stripe_mid Value: f1b18d55-702c-40c3-9a95-38e521d1198663b7f0
.app.novo.co/	1970-01-20 17:58:34	Name: __stripe_sid Value: bb937bdc-a37f-4d49-ba8e-4014453bf15ba29814
.novo.co/	1970-01-21 03:28:19	Name: _sc_cspv Value: https%3A%2F%2Ftr.snapchat.com%2Fconfig%2Fco%2F3bd63713-4f73-4d72-8f70-0294b95a49dc.json%3Fv%3D3.8.0-2401042024
.novo.co/	1970-01-20 17:58:34	Name: _hp2_ses_props.3775576419 Value: %7B%22ts%22%3A1706313065529%2C%22d%22%3A%22app.novo.co%22%2C%22h%22%3A%22%2F%22%7D

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://app.novo.co/ Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317' because it violates the following Content Security Policy directive: "script-src 'self' sentry.io .sentry.io cdn.segment.com maps.googleapis.com static.zdassets.com static.hotjar.com script.hotjar.com cdn.plaid.com .customer.io apis.google.com www.dropbox.com cdn.mxpnl.com .stripe.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .socure.com dvnfo.com .dvnfo.com accounts.google.com .heapanalytics.com .fullstory.com .checkhq.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com https://static.cloudflareinsights.com/beacon.min.js https://www.googletagmanager.com https://.squarecdn.com https://js.squareup.com 'sha256-3bBT7+InTROqeH9mUfq8Y+l5L7RuKaWWflKPS4NlfTQ=' 'sha256-NJsuVOHgABGOO8hgSXkj6fhNxF4hEs09JFLsTXv6E54=' 'sha256-lDOLTHqD3QLdh4pPB40ZSo4vs6d175xzNVTFRqq1oIQ=' 'sha256-UNxD7l4vM+xn+B+iR/rKnsEUwRR2s5eJPAkremuu++Y=' 'nonce-wW0r1FMLWbsJqbjdiHGrPw==' 'nonce-MsHcOfEX7iTtCXqM5Tc9FA=='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
violation	error	URL: https://app.novo.co/3567.0903ec5629986aa5.js(Line 1) Message: Document policy violation: js-profiling is not allowed in this document.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKK2C8(Line 618) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' sentry.io .sentry.io cdn.segment.com maps.googleapis.com static.zdassets.com static.hotjar.com script.hotjar.com cdn.plaid.com .customer.io apis.google.com www.dropbox.com cdn.mxpnl.com .stripe.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .socure.com dvnfo.com .dvnfo.com accounts.google.com .heapanalytics.com .fullstory.com .checkhq.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com https://static.cloudflareinsights.com/beacon.min.js https://www.googletagmanager.com https://.squarecdn.com https://js.squareup.com 'sha256-3bBT7+InTROqeH9mUfq8Y+l5L7RuKaWWflKPS4NlfTQ=' 'sha256-NJsuVOHgABGOO8hgSXkj6fhNxF4hEs09JFLsTXv6E54=' 'sha256-lDOLTHqD3QLdh4pPB40ZSo4vs6d175xzNVTFRqq1oIQ=' 'sha256-UNxD7l4vM+xn+B+iR/rKnsEUwRR2s5eJPAkremuu++Y=' 'nonce-wW0r1FMLWbsJqbjdiHGrPw==' 'nonce-MsHcOfEX7iTtCXqM5Tc9FA=='". Either the 'unsafe-inline' keyword, a hash ('sha256-d0N8jQuCH6cKOadZeH+LhpNFz09a/WupjJmwuNX/Il4='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKK2C8(Line 618) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' sentry.io .sentry.io cdn.segment.com maps.googleapis.com static.zdassets.com static.hotjar.com script.hotjar.com cdn.plaid.com .customer.io apis.google.com www.dropbox.com cdn.mxpnl.com .stripe.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .socure.com dvnfo.com .dvnfo.com accounts.google.com .heapanalytics.com .fullstory.com .checkhq.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com https://static.cloudflareinsights.com/beacon.min.js https://www.googletagmanager.com https://.squarecdn.com https://js.squareup.com 'sha256-3bBT7+InTROqeH9mUfq8Y+l5L7RuKaWWflKPS4NlfTQ=' 'sha256-NJsuVOHgABGOO8hgSXkj6fhNxF4hEs09JFLsTXv6E54=' 'sha256-lDOLTHqD3QLdh4pPB40ZSo4vs6d175xzNVTFRqq1oIQ=' 'sha256-UNxD7l4vM+xn+B+iR/rKnsEUwRR2s5eJPAkremuu++Y=' 'nonce-wW0r1FMLWbsJqbjdiHGrPw==' 'nonce-MsHcOfEX7iTtCXqM5Tc9FA=='". Either the 'unsafe-inline' keyword, a hash ('sha256-QcSEy5DaAwx3lowsAxep7S+Er9qv9KPjrhj4nio/JLA='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKK2C8(Line 618) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' sentry.io .sentry.io cdn.segment.com maps.googleapis.com static.zdassets.com static.hotjar.com script.hotjar.com cdn.plaid.com .customer.io apis.google.com www.dropbox.com cdn.mxpnl.com .stripe.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .socure.com dvnfo.com .dvnfo.com accounts.google.com .heapanalytics.com .fullstory.com .checkhq.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com https://static.cloudflareinsights.com/beacon.min.js https://www.googletagmanager.com https://.squarecdn.com https://js.squareup.com 'sha256-3bBT7+InTROqeH9mUfq8Y+l5L7RuKaWWflKPS4NlfTQ=' 'sha256-NJsuVOHgABGOO8hgSXkj6fhNxF4hEs09JFLsTXv6E54=' 'sha256-lDOLTHqD3QLdh4pPB40ZSo4vs6d175xzNVTFRqq1oIQ=' 'sha256-UNxD7l4vM+xn+B+iR/rKnsEUwRR2s5eJPAkremuu++Y=' 'nonce-wW0r1FMLWbsJqbjdiHGrPw==' 'nonce-MsHcOfEX7iTtCXqM5Tc9FA=='". Either the 'unsafe-inline' keyword, a hash ('sha256-rZBEQIlQrsTpw52XQ4SRsBbzBq8P+faxo90fbwKknAc='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKK2C8(Line 618) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' sentry.io .sentry.io cdn.segment.com maps.googleapis.com static.zdassets.com static.hotjar.com script.hotjar.com cdn.plaid.com .customer.io apis.google.com www.dropbox.com cdn.mxpnl.com .stripe.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .socure.com dvnfo.com .dvnfo.com accounts.google.com .heapanalytics.com .fullstory.com .checkhq.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com https://static.cloudflareinsights.com/beacon.min.js https://www.googletagmanager.com https://.squarecdn.com https://js.squareup.com 'sha256-3bBT7+InTROqeH9mUfq8Y+l5L7RuKaWWflKPS4NlfTQ=' 'sha256-NJsuVOHgABGOO8hgSXkj6fhNxF4hEs09JFLsTXv6E54=' 'sha256-lDOLTHqD3QLdh4pPB40ZSo4vs6d175xzNVTFRqq1oIQ=' 'sha256-UNxD7l4vM+xn+B+iR/rKnsEUwRR2s5eJPAkremuu++Y=' 'nonce-wW0r1FMLWbsJqbjdiHGrPw==' 'nonce-MsHcOfEX7iTtCXqM5Tc9FA=='". Either the 'unsafe-inline' keyword, a hash ('sha256-ey8snmKlclAdQdLY+JapBaHMYYezjI0qGEL4QQMc8Tc='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://app.novo.co/ Message: Refused to load the image 'https://trkn.us/pixel/conv?ppt=18307&g=sitewide_visits&gid=41965&ord=563308767&gtmcb=2081322468' because it violates the following Content Security Policy directive: "img-src 'self' data: t.castle.io maps.gstatic.com .s3.amazonaws.com s3.amazonaws.com .customer.io https://v2assets.zopim.io https://static.zdassets.com .squarecdn.com .squareupsandbox.com .paypal.com .zendesk.com *.smooch.io heapanalytics.com rs.fullstory.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-QR05S7NGSS(Line 194) Message: Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-QR05S7NGSS&gtm=45je41o0v870818274z879705031&_p=1706313066202&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=113409207.1706313066&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1706313066&sct=1&seg=0&dl=https%3A%2F%2Fapp.novo.co%2F&dt=Novo%20Web%20App%20Login&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3937' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.novo.co .privacy.com .hotjar.com:* vc.hotjar.io:* wss://.hotjar.com api.segment.io .segment.com sentry.io .sentry.io .plaid.com .zdassets.com .customer.io api-js.mixpanel.com https://novo.zendesk.com wss://novo.zendesk.com https://.zopim.com wss://.zopim.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .smooch.io wss://pod-20.zendesk.com .socure.com dvnfo.com .dvnfo.com .lithic.com https://heapanalytics.com .fullstory.com .googleapis.com .rudderstack.com cdn.rudderlabs.com firebaseinstallations.googleapis.com firebaseremoteconfig.googleapis.com .auryc.com gryiv4on38.execute-api.us-east-1.amazonaws.com https://pci-connect.squareup.com".
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-QR05S7NGSS(Line 194) Message: Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QR05S7NGSS&cid=113409207.1706313066&gtm=45je41o0v870818274z879705031&aip=1&dma=0&gcd=11l1l1l1l1' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.novo.co .privacy.com .hotjar.com:* vc.hotjar.io:* wss://.hotjar.com api.segment.io .segment.com sentry.io .sentry.io .plaid.com .zdassets.com .customer.io api-js.mixpanel.com https://novo.zendesk.com wss://novo.zendesk.com https://.zopim.com wss://.zopim.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .smooch.io wss://pod-20.zendesk.com .socure.com dvnfo.com .dvnfo.com .lithic.com https://heapanalytics.com .fullstory.com .googleapis.com .rudderstack.com cdn.rudderlabs.com firebaseinstallations.googleapis.com firebaseremoteconfig.googleapis.com .auryc.com gryiv4on38.execute-api.us-east-1.amazonaws.com https://pci-connect.squareup.com".
security	error	URL: https://app.novo.co/ Message: Refused to load the image 'https://www.google.ru/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QR05S7NGSS&cid=113409207.1706313066&gtm=45je41o0v870818274z879705031&aip=1&dma=0&gcd=11l1l1l1l1&z=1388627280' because it violates the following Content Security Policy directive: "img-src 'self' data: t.castle.io maps.gstatic.com .s3.amazonaws.com s3.amazonaws.com .customer.io https://v2assets.zopim.io https://static.zdassets.com .squarecdn.com .squareupsandbox.com .paypal.com .zendesk.com *.smooch.io heapanalytics.com rs.fullstory.com".
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLKK2C8(Line 618) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' sentry.io .sentry.io cdn.segment.com maps.googleapis.com static.zdassets.com static.hotjar.com script.hotjar.com cdn.plaid.com .customer.io apis.google.com www.dropbox.com cdn.mxpnl.com .stripe.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .socure.com dvnfo.com .dvnfo.com accounts.google.com .heapanalytics.com .fullstory.com .checkhq.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com https://static.cloudflareinsights.com/beacon.min.js https://www.googletagmanager.com https://.squarecdn.com https://js.squareup.com 'sha256-3bBT7+InTROqeH9mUfq8Y+l5L7RuKaWWflKPS4NlfTQ=' 'sha256-NJsuVOHgABGOO8hgSXkj6fhNxF4hEs09JFLsTXv6E54=' 'sha256-lDOLTHqD3QLdh4pPB40ZSo4vs6d175xzNVTFRqq1oIQ=' 'sha256-UNxD7l4vM+xn+B+iR/rKnsEUwRR2s5eJPAkremuu++Y=' 'nonce-wW0r1FMLWbsJqbjdiHGrPw==' 'nonce-MsHcOfEX7iTtCXqM5Tc9FA=='". Either the 'unsafe-inline' keyword, a hash ('sha256-ZfgPYduOS9tFLS6dvhr78lVXaxuDADLzupRFePwUEPw='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-QR05S7NGSS(Line 194) Message: Refused to connect to 'https://analytics.google.com/g/collect?v=2&tid=G-QR05S7NGSS&gtm=45je41o0v870818274&_p=1706313066202&gcd=11l1l1l1l1&dma=0&cid=113409207.1706313066&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAC&_s=2&sid=1706313066&sct=1&seg=1&dl=https%3A%2F%2Fapp.novo.co%2F&dt=Novo%20Web%20App%20Login&en=page_view&_ee=1&_et=2&tfd=3959' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.novo.co .privacy.com .hotjar.com:* vc.hotjar.io:* wss://.hotjar.com api.segment.io .segment.com sentry.io .sentry.io .plaid.com .zdassets.com .customer.io api-js.mixpanel.com https://novo.zendesk.com wss://novo.zendesk.com https://.zopim.com wss://.zopim.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .smooch.io wss://pod-20.zendesk.com .socure.com dvnfo.com .dvnfo.com .lithic.com https://heapanalytics.com .fullstory.com .googleapis.com .rudderstack.com cdn.rudderlabs.com firebaseinstallations.googleapis.com firebaseremoteconfig.googleapis.com .auryc.com gryiv4on38.execute-api.us-east-1.amazonaws.com https://pci-connect.squareup.com".
security	error	URL: https://app.novo.co/3567.0903ec5629986aa5.js(Line 1) Message: Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j101&a=589932103&t=pageview&_s=1&dl=https%3A%2F%2Fapp.novo.co%2F&ul=en-us&de=UTF-8&dt=Novo%20Web%20App%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=77494494&gjid=443889275&cid=113409207.1706313066&tid=UA-75554907-3&_gid=1088476529.1706313066&_r=1&_slc=1&gtm=45He41o0n81KLKK2C8v79705031&gcd=11l1l1l1l1&dma=0&z=1880710814' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.novo.co .privacy.com .hotjar.com:* vc.hotjar.io:* wss://.hotjar.com api.segment.io .segment.com sentry.io .sentry.io .plaid.com .zdassets.com .customer.io api-js.mixpanel.com https://novo.zendesk.com wss://novo.zendesk.com https://.zopim.com wss://.zopim.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .smooch.io wss://pod-20.zendesk.com .socure.com dvnfo.com .dvnfo.com .lithic.com https://heapanalytics.com .fullstory.com .googleapis.com .rudderstack.com cdn.rudderlabs.com firebaseinstallations.googleapis.com firebaseremoteconfig.googleapis.com .auryc.com gryiv4on38.execute-api.us-east-1.amazonaws.com https://pci-connect.squareup.com".
security	error	URL: https://app.novo.co/ Message: Refused to load the image 'https://www.google.com/pagead/1p-user-list/803601028/?random=1706313066327&cv=11&fst=1706310000000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v79705031&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.novo.co%2F&frm=0&tiba=Novo%20Web%20App%20Login&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_x2vwgIrR5jiNVUWNC7W1y0Pfb39S_w&random=2884370119&rmt_tld=0&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' data: t.castle.io maps.gstatic.com .s3.amazonaws.com s3.amazonaws.com .customer.io https://v2assets.zopim.io https://static.zdassets.com .squarecdn.com .squareupsandbox.com .paypal.com .zendesk.com *.smooch.io heapanalytics.com rs.fullstory.com".
security	error	URL: https://app.novo.co/ Message: Refused to load the image 'https://www.google.ru/pagead/1p-user-list/803601028/?random=1706313066327&cv=11&fst=1706310000000&bg=ffffff&guid=ON&async=1&gtm=45He41o0v79705031&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.novo.co%2F&frm=0&tiba=Novo%20Web%20App%20Login&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_x2vwgIrR5jiNVUWNC7W1y0Pfb39S_w&random=2884370119&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src 'self' data: t.castle.io maps.gstatic.com .s3.amazonaws.com s3.amazonaws.com .customer.io https://v2assets.zopim.io https://static.zdassets.com .squarecdn.com .squareupsandbox.com .paypal.com .zendesk.com *.smooch.io heapanalytics.com rs.fullstory.com".
security	error	URL: https://sc-static.net/scevent.min.js(Line 1) Message: Refused to load the script 'https://tr.snapchat.com/config/co/3bd63713-4f73-4d72-8f70-0294b95a49dc.js?v=3.8.0-2401042024' because it violates the following Content Security Policy directive: "script-src 'self' sentry.io .sentry.io cdn.segment.com maps.googleapis.com static.zdassets.com static.hotjar.com script.hotjar.com cdn.plaid.com .customer.io apis.google.com www.dropbox.com cdn.mxpnl.com .stripe.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .socure.com dvnfo.com .dvnfo.com accounts.google.com .heapanalytics.com .fullstory.com .checkhq.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com https://static.cloudflareinsights.com/beacon.min.js https://www.googletagmanager.com https://.squarecdn.com https://js.squareup.com 'sha256-3bBT7+InTROqeH9mUfq8Y+l5L7RuKaWWflKPS4NlfTQ=' 'sha256-NJsuVOHgABGOO8hgSXkj6fhNxF4hEs09JFLsTXv6E54=' 'sha256-lDOLTHqD3QLdh4pPB40ZSo4vs6d175xzNVTFRqq1oIQ=' 'sha256-UNxD7l4vM+xn+B+iR/rKnsEUwRR2s5eJPAkremuu++Y=' 'nonce-wW0r1FMLWbsJqbjdiHGrPw==' 'nonce-MsHcOfEX7iTtCXqM5Tc9FA=='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://app.novo.co/ Message: Refused to load the image 'https://tr.snapchat.com/p?pid=3bd63713-4f73-4d72-8f70-0294b95a49dc&ev=PAGE_VIEW&intg=gtm&pids=3bd63713-4f73-4d72-8f70-0294b95a49dc&u_c1=35ca30ce-6303-4058-83f2-32be15802d7b&u_sclid=7b1df3cd-a15d-414f-97aa-d69f1a62944a&u_scsid=e87ee4dd-443a-4b74-8919-2b342e2b3553&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=1020&m_fcps=2624&m_pi=1013&m_pl=3293&m_pv=2&m_rd=3998&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fapp.novo.co%2F&trackId=0ffdd3d6-a562-4018-967c-9a428865f372&ts=1706313066412&v=3.8.0-2401042024' because it violates the following Content Security Policy directive: "img-src 'self' data: t.castle.io maps.gstatic.com .s3.amazonaws.com s3.amazonaws.com .customer.io https://v2assets.zopim.io https://static.zdassets.com .squarecdn.com .squareupsandbox.com .paypal.com .zendesk.com *.smooch.io heapanalytics.com rs.fullstory.com".
security	error	URL: https://app.novo.co/3567.0903ec5629986aa5.js(Line 1) Message: Refused to connect to 'https://tr.snapchat.com/config/co/3bd63713-4f73-4d72-8f70-0294b95a49dc.json?v=3.8.0-2401042024' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.novo.co .privacy.com .hotjar.com:* vc.hotjar.io:* wss://.hotjar.com api.segment.io .segment.com sentry.io .sentry.io .plaid.com .zdassets.com .customer.io api-js.mixpanel.com https://novo.zendesk.com wss://novo.zendesk.com https://.zopim.com wss://.zopim.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .smooch.io wss://pod-20.zendesk.com .socure.com dvnfo.com .dvnfo.com .lithic.com https://heapanalytics.com .fullstory.com .googleapis.com .rudderstack.com cdn.rudderlabs.com firebaseinstallations.googleapis.com firebaseremoteconfig.googleapis.com .auryc.com gryiv4on38.execute-api.us-east-1.amazonaws.com https://pci-connect.squareup.com".
security	error	URL: https://sc-static.net/ Message: Refused to frame 'https://tr.snapchat.com/' because it violates the following Content Security Policy directive: "frame-src 'self' .privacy.com cdn.plaid.com vars.hotjar.com https://docs.google.com https://accounts.google.com/ https://js.stripe.com/ .squarecdn.com .squareupsandbox.com .paypal.com .lithic.com .s3.amazonaws.com *.checkhq.com https://connect.squareup.com".
security	error	URL: https://cdn.taboola.com/libtrc/unip/1566412/tfa.js(Line 2) Message: Refused to load the script 'https://trc.taboola.com/1566412/trc/3/json?tim=1706313066567&data=%7B%22id%22%3A244%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1706313066562%2C%22cv%22%3A%2220240118-41-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp.novo.co%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dnovo-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1706313066566%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fapp.novo.co%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i' because it violates the following Content Security Policy directive: "script-src 'self' sentry.io .sentry.io cdn.segment.com maps.googleapis.com static.zdassets.com static.hotjar.com script.hotjar.com cdn.plaid.com .customer.io apis.google.com www.dropbox.com cdn.mxpnl.com .stripe.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .socure.com dvnfo.com .dvnfo.com accounts.google.com .heapanalytics.com .fullstory.com .checkhq.com .rudderstack.com cdn.rudderlabs.com https://cdn.heapanalytics.com https://heapanalytics.com https://static.cloudflareinsights.com/beacon.min.js https://www.googletagmanager.com https://.squarecdn.com https://js.squareup.com 'sha256-3bBT7+InTROqeH9mUfq8Y+l5L7RuKaWWflKPS4NlfTQ=' 'sha256-NJsuVOHgABGOO8hgSXkj6fhNxF4hEs09JFLsTXv6E54=' 'sha256-lDOLTHqD3QLdh4pPB40ZSo4vs6d175xzNVTFRqq1oIQ=' 'sha256-UNxD7l4vM+xn+B+iR/rKnsEUwRR2s5eJPAkremuu++Y=' 'nonce-wW0r1FMLWbsJqbjdiHGrPw==' 'nonce-MsHcOfEX7iTtCXqM5Tc9FA=='". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://app.novo.co/3567.0903ec5629986aa5.js(Line 1) Message: Refused to connect to 'https://tr.snapchat.com/config/co/3bd63713-4f73-4d72-8f70-0294b95a49dc.json?v=3.8.0-2401042024' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.novo.co .privacy.com .hotjar.com:* vc.hotjar.io:* wss://.hotjar.com api.segment.io .segment.com sentry.io .sentry.io .plaid.com .zdassets.com .customer.io api-js.mixpanel.com https://novo.zendesk.com wss://novo.zendesk.com https://.zopim.com wss://.zopim.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .smooch.io wss://pod-20.zendesk.com .socure.com dvnfo.com .dvnfo.com .lithic.com https://heapanalytics.com .fullstory.com .googleapis.com .rudderstack.com cdn.rudderlabs.com firebaseinstallations.googleapis.com firebaseremoteconfig.googleapis.com .auryc.com gryiv4on38.execute-api.us-east-1.amazonaws.com https://pci-connect.squareup.com".
security	error	URL: https://app.novo.co/3567.0903ec5629986aa5.js(Line 1) Message: Refused to connect to 'https://tr.snapchat.com/config/co/3bd63713-4f73-4d72-8f70-0294b95a49dc.json?v=3.8.0-2401042024' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.novo.co .privacy.com .hotjar.com:* vc.hotjar.io:* wss://.hotjar.com api.segment.io .segment.com sentry.io .sentry.io .plaid.com .zdassets.com .customer.io api-js.mixpanel.com https://novo.zendesk.com wss://novo.zendesk.com https://.zopim.com wss://.zopim.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .smooch.io wss://pod-20.zendesk.com .socure.com dvnfo.com .dvnfo.com .lithic.com https://heapanalytics.com .fullstory.com .googleapis.com .rudderstack.com cdn.rudderlabs.com firebaseinstallations.googleapis.com firebaseremoteconfig.googleapis.com .auryc.com gryiv4on38.execute-api.us-east-1.amazonaws.com https://pci-connect.squareup.com".
security	error	URL: https://app.novo.co/3567.0903ec5629986aa5.js(Line 1) Message: Refused to connect to 'https://trc-events.taboola.com/1566412/log/3/unip?en=pre_d_eng_tb&tos=2004&scd=0&ssd=1&est=1706313066565&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1706313068117&mrir=itrkr&vi=1706313066562&ref=null&cv=20240118-41-RELEASE&item-url=https%3A%2F%2Fapp.novo.co%2F' because it violates the following Content Security Policy directive: "connect-src 'self' https://api.novo.co .privacy.com .hotjar.com:* vc.hotjar.io:* wss://.hotjar.com api.segment.io .segment.com sentry.io .sentry.io .plaid.com .zdassets.com .customer.io api-js.mixpanel.com https://novo.zendesk.com wss://novo.zendesk.com https://.zopim.com wss://.zopim.com .squarecdn.com .squareupsandbox.com .paypal.com .sprig.com .userleap.com .zendesk.com .smooch.io wss://pod-20.zendesk.com .socure.com dvnfo.com .dvnfo.com .lithic.com https://heapanalytics.com .fullstory.com .googleapis.com .rudderstack.com cdn.rudderlabs.com firebaseinstallations.googleapis.com firebaseremoteconfig.googleapis.com .auryc.com gryiv4on38.execute-api.us-east-1.amazonaws.com https://pci-connect.squareup.com".
network	error	URL: https://o139498.ingest.sentry.io/api/1402941/envelope/?sentry_key=0fb95a5ba42c4253a4b9c652367e814d&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1 Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rudderstack.com
api.sprig.com
app.novo.co
cdn.heapanalytics.com
cdn.rudderlabs.com
cdn.sprig.com
cdn.taboola.com
client-api.auryc.com
edge.fullstory.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
googleads.g.doubleclick.net
heapanalytics.com
js.stripe.com
m.stripe.com
m.stripe.network
o139498.ingest.sentry.io
q.stripe.com
rs.fullstory.com
sc-static.net
static.cloudflareinsights.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
trkn.us
www.google-analytics.com
www.google.com
www.google.ru
www.googletagmanager.com
static.cloudflareinsights.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
trkn.us
www.google-analytics.com
www.google.com
www.google.ru
108.157.5.251
13.225.78.114
151.101.65.44
18.154.63.14
18.239.69.37
18.239.83.10
2600:9000:2447:d000:16:a497:9700:93a1
2600:9000:25a2:8400:19:7d10:bd80:93a1
2606:4700::6812:12c9
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200a
34.120.195.249
34.198.52.31
34.66.73.214
35.186.194.58
35.201.112.186
44.207.94.73
44.225.16.159
54.174.13.107
54.186.23.98
00c16cde93f3feee736169e195e2f846803b81797eb54c8013fead8b5751a078
0c2d1bae8f4307d15d38ad31b3a35eeb707d349b70b5067537c815d64e580fb4
0c2d26266ecc58d0cfbb161d3b79decc868751a43c666ff11265cb39e98ca844
0ce006ee43e665f7bdd6bf80a9fe0fca4a42c9e7b1556119b187fb214e648498
0ef5e6f9e0796a2c59a429817b8870200eea025ba116210c480a40bfa858e3fb
143ad65f82fda038da19b1214bb0cb60411ec642e1036ef79c12e5cd12052df3
1462700071034c8a1c716902a21c710811eeea875dde8e769941ce1bca82967e
15d3942ea086ce5313e646bb349765addd75b29c956fe6828e3503182d9eb820
164e219fdf64004e7213e90b3d4fd19463971870e4b51fdd6030446bd6ef5e65
175094084fe44d91d7e36cf57c2447278356502293246db701a601f977f97eaa
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b
3435e24a91ce67e83285d8b72370cf5263473697779b25de8e68323f20a6ea63
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d
3b6682c0c27578565b5e6851d8b9c48f888d9b7ac4bb18d941de957f34152b48
3f53b23b08875486670db5b87e75a11d82461b960e0f0c06aca29fb20c96f3a5
3f76c6d65cde382ead50258215dbdfa9833ea3219813dea19e3e5fddeb83f4bf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46c1dcf79c3d9587307f0775daa002185511e1937601b0d639d75d3fa6d2f19a
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f72397857cc1bc1d74df9c057471dd4d694a23c00b443b7ea461d660613cfa2
582fd9f163fcc7a4bccef06e16f0c5f22dca9c78f5b98e7bb7fcba3633260583
5a4ad50649280f2c2e856df82d2445b19456e52f5a57487ccf150f4b29397973
5bd094257ab7648526f346186a7f3f715152c4887747bcf4155b8f1038da6ab8
5dc2c78459b1458703a97930ca7a41b8cee8fb27b4dd0859baaeb8bc9632364b
61c7ca01209a08984390d3a526edbde843001a12f0086f7d17ebfbf5f0e5b6ae
6baa06cf400395d822924947424e9f8a31f737e283895455ea475f52a4bb563d
6c48a4f1a74c072d81293c7091bd20cb2c731db03eda5b303f7a078c8ca6a24b
6dd7875c1d9343e435ffccbde78177c88dea34bef8434b351c520c532a8f0485
6fc14e24f28c68ab440ba8575741084bb998ffa3c56e5beb4c454bf152e7bc9f
6fe0306e3dc8c3cb5b39ce18886410a07b5818f4e87dabbb060073c48188e9b1
786bfe2d82424aa3241d37fed93bd598451843c3f916bdecf599abbfa7045f8d
7eeb68b772227e4742d1f56252e571b62087b6e29a25aa8bca35422d77b0462c
80bd7b20f15dc6413930798722e85f86c4aaabd66055f73332ed91f44a24acf3
87a1ddd2c0c554dcca99d4cae4577c80d4bb92bad7e4dc1c15acfe1e3a7a339d
8a88e2876210c1960f05cd59e66681b27ee9a1da2f33bc229f250e8301ef071f
9373ac37ecef5df6ddae419acc668e1ee191e58b55942759123d03909089db45
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9ab90e055d99f9d71528038e93dbc6ea2479737f5a0b813d7ddb79f45fb9fc4e
9e074330ccdd9b155912ea4bea675df2283c8514e33db05edd0ba4f5ae9baf3a
b104e242e4b08e9fce2257dd5a4058cd724a4eaccf1f6948f533978f4596caa7
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c407032ebde3fcde054909b380f5338fb349c6907920fb55b94e21937e773a87
c4da3e531d0b32534b824d2f0bb0126c123eab92664983ff77f1454e9205ab75
c8436c5a04ef785453f72761f9f7e830dec96cd00615c64fba912efed640a5fd
c9799da5d5bf2a417b51a6e623a24715a25e3f6545a8716c258d0eb1dfabc82b
cab5a14368b7cd6dd487a7b5a8f310f8b3448569354406644a58c032bf440f3d
cc5464ea136ca4560005121d6d6deeba85c143bc40bd4d883b4727380f5e2350
cca1da4752ce728f764e7229587d4f464efe5ea69b671941a3994bd90a7c2607
cd4a281e65a432fc669d1d2571113a42b5c28b08670b049e10da1d7c3dac0977
d0b9019537162875a9292526827b78f6def7ac58a324ad90987592e2d587624b
db73c83d48060333b4761cbaedd33e36238232cd2a45c7d6311db1b055ae45b5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f
eac81d9e33471676d196674d072ca7645bd436299f04887009d224e204279e0c
f195179b3694d3b5cd85e3c12ea37818acf178e913fbfa386864bf18784956f5
f53d1adbe1df5d485486ae2dcd7effda35e63db0595e11ffef2ca62b1eacbeee
fcfa21b89fc51cb8ef084221bac1c7461d0099c6e7d8f521e9e5db5836c28929

app.novo.co Open in urlscan Pro 2606:4700::6812:12c9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

85 Requests

80 %HTTPS

32 %IPv6

21 Domains

29 Subdomains

22 IPs

2 Countries

2506 kBTransfer

8604 kBSize

22 Cookies

3 Outgoing links

Page URL History

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.novo.co Open in urlscan Pro
2606:4700::6812:12c9 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

80 %
HTTPS

32 %
IPv6

21
Domains

29
Subdomains

22
IPs

2
Countries

2506 kB
Transfer

8604 kB
Size

22
Cookies

85 HTTP transactions
0 data transactions