dashboard.cardynale.com Open in urlscan Pro
2606:4700:3030::6815:5dd6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dashboard.cardynale.com/
Submission: On February 07 via manual (February 7th 2024, 8:36:05 pm UTC) from US — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 15 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3030::6815:5dd6, located in United States and belongs to CLOUDFLARENET, US. The main domain is dashboard.cardynale.com.
TLS certificate: Issued by GTS CA 1P5 on January 30th 2024. Valid for: 3 months.

This is the only time dashboard.cardynale.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3030::6815:5dd6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.139.116 52.222.139.116	16509 (AMAZON-02) (AMAZON-02)
1	18.172.153.7 18.172.153.7	16509 (AMAZON-02) (AMAZON-02)
1	13.227.219.28 13.227.219.28	16509 (AMAZON-02) (AMAZON-02)
3	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:23d... 2600:9000:23d4:aa00:12:31ef:1b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	2a06:98c1:312... 2a06:98c1:3120::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.194.77.36 54.194.77.36	16509 (AMAZON-02) (AMAZON-02)
2	44.193.96.101 44.193.96.101	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:205... 2600:9000:2057:b600:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.237.70.166 44.237.70.166	16509 (AMAZON-02) (AMAZON-02)
2	3.162.38.35 3.162.38.35	16509 (AMAZON-02) (AMAZON-02)
43	21

6 2606:4700:3030::6815:5dd6 (United States)

ASN13335 (CLOUDFLARENET, US)

dashboard.cardynale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tally.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rpc.screeb.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-116.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.153.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-153-7.lhr50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-28.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:23d4:aa00:12:31ef:1b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

edge.api.stigg.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.screeb.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.77.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-77-36.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.193.96.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-96-101.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4505685823324160.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firestore.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:b600:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.70.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-70-166.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.38.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-38-35.cdg52.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googleapis.com firebase.googleapis.com — Cisco Umbrella Rank: 3867 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 575 firestore.googleapis.com — Cisco Umbrella Rank: 1855	2 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1172 q.stripe.com — Cisco Umbrella Rank: 7036 m.stripe.com — Cisco Umbrella Rank: 1150	168 KB
6	cardynale.com dashboard.cardynale.com	2 MB
5	screeb.app 1 redirects t.screeb.app — Cisco Umbrella Rank: 185401 rpc.screeb.app — Cisco Umbrella Rank: 149232	86 KB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 724 heapanalytics.com — Cisco Umbrella Rank: 644	37 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2115	269 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1245	16 KB
2	sentry.io o4505685823324160.ingest.sentry.io	460 B
2	stigg.io edge.api.stigg.io	383 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 695 script.hotjar.com — Cisco Umbrella Rank: 1019	59 KB
1	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1618	3 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2173	250 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	80 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6479	161 B
1	tally.so tally.so — Cisco Umbrella Rank: 84717	11 KB
43	15

	Domain	Requested by
6	dashboard.cardynale.com	dashboard.cardynale.com
4	firestore.googleapis.com	dashboard.cardynale.com
3	q.stripe.com	dashboard.cardynale.com
3	t.screeb.app	1 redirects dashboard.cardynale.com t.screeb.app
3	js.stripe.com	dashboard.cardynale.com js.stripe.com
2	js.intercomcdn.com	widget.intercom.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	rpc.screeb.app	t.screeb.app
2	o4505685823324160.ingest.sentry.io	dashboard.cardynale.com
2	firebaseinstallations.googleapis.com	dashboard.cardynale.com
2	heapanalytics.com	dashboard.cardynale.com
2	edge.api.stigg.io	dashboard.cardynale.com
2	firebase.googleapis.com	dashboard.cardynale.com
1	m.stripe.com	m.stripe.network
1	widget.intercom.io	dashboard.cardynale.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	dashboard.cardynale.com
1	content.hotjar.io	dashboard.cardynale.com
1	script.hotjar.com	static.hotjar.com
1	cdn.heapanalytics.com	dashboard.cardynale.com
1	static.hotjar.com	dashboard.cardynale.com
1	tally.so	dashboard.cardynale.com
43	22

This site contains no links.

Subject Issuer	Validity	Valid
cardynale.com GTS CA 1P5	`2024-01-30` - `2024-04-29`	3 months	crt.sh
tally.so GTS CA 1P5	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
edge.api.stigg.io Amazon RSA 2048 M03	`2023-12-17` - `2025-01-15`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
edgecert.googleapis.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-18` - `2024-03-17`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://dashboard.cardynale.com/
Frame ID: BBA9839CC405F4C21D2E8668F10C3B5C
Requests: 27 HTTP requests in this frame

Frame: https://t.screeb.app/v0.2.35/core.js
Frame ID: 3943F11D5F8503B9704E67250A160FA5
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 3F443414AC277FB0D0D88C5B29FA741E
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: C7668D1C693A147715D98346D0B8920D
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.6a377076.js
Frame ID: 726EE6E5EB26335544FF5597490FDE9A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cardynale - Dashboard

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

43
Requests

98 %
HTTPS

48 %
IPv6

15
Domains

22
Subdomains

21
IPs

3
Countries

2881 kB
Transfer

10604 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://t.screeb.app/tag.js HTTP 302
https://t.screeb.app/v0.2.35/tag.js

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dashboard.cardynale.com/ 4 KB
2 KB 220ms
121ms Document
text/html 2606:4700:3030::6815:5dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.cardynale.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5dd6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c32b4fa5e7d4e2a0dd436319600a437d640ba6df490cc065acbce67a81b4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 851e6c274fb23836-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 20:35:59 GMT
last-modified: Wed, 07 Feb 2024 14:27:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItR31ZD2S1qrMmBYjH6ITf1ttF7ek5%2FRSrRbY5XrT2FTNhAi0Iz0ASE8iyeqvEZpskw8lrz024b%2B%2BI4paNyeOPzkptY%2BF0QTpMcestH9bBzOzZjg3vNmNp1BSxQ424vGZMPdxrrUj7%2Fhkr24PGLX5W5c2YzGqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31556926
vary: x-fh-requested-host, accept-encoding
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230024-FRA
x-timer: S1707338159.283151,VS0,VE50

GET
H2 200 embed.js Show response
tally.so/widgets/ 30 KB
11 KB 196ms
37ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tally.so/widgets/embed.js
Requested by: Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 406bafc150681ae379032b81a9ed1f471b4fd16c23c98fe1b8e6f1ea57e9de3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:35:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Feb 2024 18:04:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2910
etag: W/"7767-18d7a7144a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zr0oAd6HQ0Nb2JSAYidiGTsWZtWu3suwdbaSSuqlmwiN84UPT3s692%2BxMCoWKFzUmMKwzPklpYc%2BSaG6UDrKy2HXgT99cFIggokKUHv9%2BWLkm4CPQJnFSkUIOdf%2BrwiDX4Myvu51Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, stale-while-revalidate
cf-ray: 851e6c291ace1e4f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 index-3951f96a.js Show response
dashboard.cardynale.com/assets/ 7 MB
2 MB 132ms
131ms Script
text/javascript 2606:4700:3030::6815:5dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.cardynale.com/assets/index-3951f96a.js

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5dd6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37ff4877ee628ad9258e813119833c5d4316e071c1c457cd06ab020668d4602a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://dashboard.cardynale.com/
Origin: https://dashboard.cardynale.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:35:59 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230098-FRA
last-modified: Wed, 07 Feb 2024 14:27:41 GMT
server: cloudflare
x-timer: S1707338159.431936,VS0,VE20
etag: W/"7a504202d22a1c0d906e415889d6dcf168c0394e7d42a27bfcf6e04b31291c5d"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oi6vnDrYTt6TrnxdCrx0p4zSafcBLPjjPMLMuznfC87D5UGaEbacGaq3hMyuWhexzyYJ59wbUAyBBmjMoOdU%2FN7KHKIjQoKAO%2FW1jnNgBMnMtLE6keCTnd0LkGrNqwkWneWIm8XjnF10VIsD2WpAHMSMAGvc8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 851e6c2819053836-FRA
x-cache-hits: 1

GET
H2 200 index-c968d44a.css
dashboard.cardynale.com/assets/ 411 KB
54 KB 127ms
126ms Stylesheet
text/css 2606:4700:3030::6815:5dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.cardynale.com/assets/index-c968d44a.css

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5dd6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c968d44a71217ae878381906fe68102cc148db950380ada9373091a5b61e73b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:35:59 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Mon, 05 Feb 2024 08:23:56 GMT
server: cloudflare
x-timer: S1707312350.079928,VS0,VE69
etag: W/"4e7150606d0d1624f7039acaba1fd4db62c7b3577847705502e09fd3cf3af6eb"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYx1LSUAA7ANtviq6Ehb3mKvPOmXkIFTzZ6Ad7x9%2BQBtq94PZMNVsp68%2FjMprtBn3NkkzvyY%2BJq4tNm1XVAVB1skblgYFzbOHQKJabutSiKSk%2FX5RKS7R9p0pRTTG6qdiebe6eANECGPQnX4LMexpgdzSqldYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 851e6c2818fe3836-FRA
x-cache-hits: 0

GET
H2 200 hotjar-3624283.js Show response
static.hotjar.com/c/ 9 KB
4 KB 145ms
67ms Script
application/javascript 52.222.139.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3624283.js?sv=6

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-116.ams50.r.cloudfront.net

Software

Resource Hash

130d2be9b6d544e808f2109f1553b2817c80b02f38242848dcc1b0d86b361887

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 20:35:59 GMT
via: 1.1 12ab600b22d5c2eb1f2192b1156c2fd0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
etag: W/d6c58f59cb396d05bb8d39aabb99bb96
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Kkus-SwqMZcm2z_30r5VgROk0-8-1Vi4TohTj0AbzcEHAFVLWiUKIw==

GET
H2 200 heap-2135187684.js Show response
cdn.heapanalytics.com/js/ 114 KB
37 KB 363ms
225ms Script
application/javascript 18.172.153.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2135187684.js

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.172.153.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-172-153-7.lhr50.r.cloudfront.net

Software

nginx / Express

Resource Hash

e291a4e152d9854cf1d360e6ec966048f9d3e97aefbccd4327bc91b5ec78cfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:35:59 GMT
content-encoding: br
via: 1.1 78e6b1fae5a212c4c9a5380a85716d3a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: LHR50-P5
x-powered-by: Express
etag: W/"1c869-5g2NPcIpvnWStvUbTqclzRAYOoE"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: BJdHnNM7KlnEBCJRH00iJnExz-RFEYvpDkFKqkHv6cdB7McQmWraJw==

GET
H2 200 modules.fd7a1c20a85f7a95e5ff.js Show response
script.hotjar.com/ 218 KB
55 KB 87ms
28ms Script
application/javascript 13.227.219.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.fd7a1c20a85f7a95e5ff.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3624283.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-28.ams54.r.cloudfront.net

Software

Resource Hash

135cc2fb726f9d5ba840faf6e0ff280e2bd7b6b28a2736bd6092c807cfbea88c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 12:16:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 461993
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55316
last-modified: Fri, 02 Feb 2024 12:16:01 GMT
etag: "253d3ab37754a78a185ec9d668fb77c9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: bHYQcE8ptU2jCAf3z3ykl689nY8eIBjIynxcUL1ZMJYBwRjLXrnyuQ==

GET
H2 200 v3 Show response
js.stripe.com/ 591 KB
165 KB 102ms
22ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-3951f96a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

82e86343056ceb21486458a1e63d5ba68979ced9ec881342facd2a8d40a90c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 20:36:00 GMT
via: 1.1 varnish
age: 6
x-cache: HIT
content-length: 168041
x-request-id: 035fbf51-c6be-4c59-a6a2-911f9f07e90f
x-served-by: cache-fra-eddf8230121-FRA
last-modified: Wed, 07 Feb 2024 20:34:55 GMT
server: Fastly
etag: "e4442d51dd4d2c72b6f5b45837b3891c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:473826510486:web:bf0d2d99c86d204f2224b7/ 296 B
400 B 45ms
45ms Fetch
application/json 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:473826510486:web:bf0d2d99c86d204f2224b7/webConfig

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-3951f96a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

75fd159f0cbd1747a76c445d270cc0f83e4568d89ca8a5c4b14b2e7988748c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://dashboard.cardynale.com/
x-goog-api-key: AIzaSyB3FDqaprIznuWWh0LwllLSTGeL5v3ikyM
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dashboard.cardynale.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 211
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:473826510486:web:bf0d2d99c86d204f2224b7/ Frame 0
0 104ms
38ms Preflight
text/html 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:473826510486:web:bf0d2d99c86d204f2224b7/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://dashboard.cardynale.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://dashboard.cardynale.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 07 Feb 2024 20:36:00 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 204 client-sdk-configuration.json
edge.api.stigg.io/v1/config/ Frame 0
0 188ms
44ms Preflight 2600:9000:23d4:aa00:12:31ef:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.stigg.io/v1/config/client-sdk-configuration.json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d4:aa00:12:31ef:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: source,x-api-key
Access-Control-Request-Method: GET
Origin: https://dashboard.cardynale.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
access-control-request-method: PUT, GET, OPTIONS, DELETE
date: Wed, 07 Feb 2024 20:36:00 GMT
server: CloudFront
via: 1.1 e07eaca13d23fcce8009fc507befcefa.cloudfront.net (CloudFront)
x-amz-cf-id: 4Lvjxay0UvCk6hfMwpi-tE9AvNYVhFGFSA_7sTmQmqJvHPqoo6PPGQ==
x-amz-cf-pop: LHR50-P4
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2

200

tag.js Show response
t.screeb.app/v0.2.35/
Redirect Chain

https://t.screeb.app/tag.js
https://t.screeb.app/v0.2.35/tag.js

49 KB
18 KB

41ms
39ms

Script
application/javascript

2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.screeb.app/v0.2.35/tag.js

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/dashboard

Protocol

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c673f1f936677f0f241944f882882483d0a64a88ed608152c0008e129a7e92c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
x-amz-version-id: 1706900513780799
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-request-id: tx6fb9b62d391e4d968904f-0065bd3c61
age: 5511
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tx6fb9b62d391e4d968904f-0065bd3c61
last-modified: Fri, 02 Feb 2024 19:01:53 GMT
server: cloudflare
etag: W/"49aa8d382cdbb1d17a6046154635ecc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aC5tLJQuvfYlM8Ldc3ULJ3s94UTnBRMCQ3a4g1wfFPtM3xspF5c%2BPncS2ogz62RNvq0v5HrMpqxOWcd0GHClzvTKFS%2FqMmRr%2BEBgj45ApWTNOH7Uhc6K0OHI8MjBZe%2FW%2FYo6PSGOPfAgK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 851e6c2e2fc10482-FRA

Redirect headers

date: Wed, 07 Feb 2024 20:36:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GurQ12KdVMf3LTuRBL3xujd2A5CX1pVJgjdXauCFCLitd0bEO3m5thfSIB1DNLpCuCMD6evkLIAVFHa3W4hw95EkkNmroS%2FImH75RWN%2Fygd3nVtCQ6Dv4SE5vyjGmgzTvM0FibcAyP2Y134%3D"}],"group":"cf-nel","max_age":604800}
location: /v0.2.35/tag.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 851e6c2dff540482-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 client-sdk-configuration.json Show response
edge.api.stigg.io/v1/config/ 78 B
383 B 80ms
80ms Fetch
application/json 2600:9000:23d4:aa00:12:31ef:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.stigg.io/v1/config/client-sdk-configuration.json
Requested by: Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-3951f96a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d4:aa00:12:31ef:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 05a717cf0f47e5910e756402570e97b8bc1ac2fedb67f24531f6c13cd7310a41

Request headers

Referer: https://dashboard.cardynale.com/
accept-language: de-DE,de;q=0.9
source: JS_CLIENT_SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
x-api-key: client-3387a09c-2913-4790-b3d5-35c5fcb5ef7f:c13d0fc8-c3fd-433b-b5bb-817fed565dc4

Response headers

x-dynamodb-region: eu-central-1
date: Wed, 07 Feb 2024 20:36:00 GMT
via: 1.1 e07eaca13d23fcce8009fc507befcefa.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR50-P4
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-aws-region: eu-west-2
content-length: 78
x-amz-cf-id: Kyh-DwwUggn4sHCcciprt7tiiJb0SkNfQ1fsrFs17wlLiomyjsphNA==

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 215ms
76ms XHR
application/json 54.194.77.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-3951f96a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.194.77.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-77-36.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 185ca330886f520e0dabb5f002ee6445ccffda924f66486de606cb23474ba8de

Request headers

Referer: https://dashboard.cardynale.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 20:36:00 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 386ms
115ms Image
image/gif 44.193.96.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2135187684&u=4447783324534451&v=2975797264651394&s=3936960207824777&b=web&tv=4.0&z=0&h=%2Fdashboard&d=dashboard.cardynale.com&t=Cardynale%20-%20Dashboard&ts=1707338160340&st=1707338160343

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/dashboard

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.96.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-96-101.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/card-plus-prod/ 623 B
678 B 364ms
363ms Fetch
application/json 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/card-plus-prod/installations

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-3951f96a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5b2ea5a719477d34001600d2344d08b655e9ee440ba64e57746089ecbdadf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://dashboard.cardynale.com/
x-goog-api-key: AIzaSyB3FDqaprIznuWWh0LwllLSTGeL5v3ikyM
accept-language: de-DE,de;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTMgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjEzIGZpcmUtanMvIGZpcmUtanMtYWxsLWFwcC85LjIzLjAgZmlyZS1hdXRoLzAuMjMuMiBmaXJlLWF1dGgtZXNtMjAxNy8wLjIzLjIgZmlyZS1mc3QvMy4xMy4wIGZpcmUtZnN0LWVzbTIwMTcvMy4xMy4wIGZpcmUtZ2NzLzAuMTEuMiBmaXJlLWdjcy1lc20yMDE3LzAuMTEuMiBmaXJlLWlpZC8wLjYuNCBmaXJlLWlpZC1lc20yMDE3LzAuNi40IGZpcmUtYW5hbHl0aWNzLzAuMTAuMCBmaXJlLWFuYWx5dGljcy1lc20yMDE3LzAuMTAuMCIsImRhdGVzIjpbIjIwMjQtMDItMDciXX1dfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: application/json

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://dashboard.cardynale.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 488
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/card-plus-prod/ Frame 0
0 92ms
36ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/card-plus-prod/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://dashboard.cardynale.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://dashboard.cardynale.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 07 Feb 2024 20:36:00 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 / Show response
o4505685823324160.ingest.sentry.io/api/4505905912676352/envelope/ 41 B
364 B 87ms
25ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4505685823324160.ingest.sentry.io/api/4505905912676352/envelope/?sentry_key=4e0a6040059e7a5615b1edff3a8b8ca4&sentry_version=7&sentry_client=sentry.javascript.react%2F7.91.0

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-3951f96a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d89fc71d7490f6e379d45fc8be39328280813ff2770f03f08ed713ad9b72e4e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dashboard.cardynale.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 54 B
457 B 131ms
68ms Fetch
text/plain 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fcard-plus-prod%2Fdatabases%2F(default)&RID=67341&CVER=22&X-HTTP-Session-Id=gsessionid&zx=3dv18le5jrxg&t=1

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-3951f96a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8049ae68dfaf1f9a2e961810a903b5396ff4c45270367670747f18d12ef35ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://dashboard.cardynale.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-client-wire-protocol: h2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://dashboard.cardynale.com
access-control-expose-headers: x-client-wire-protocol,x-http-session-id
cache-control: private
access-control-allow-credentials: true
x-http-session-id: V0GzwhqdsgKhqN8PyqfJe2J9GK41LI9LoqjcjmYOOSE

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 345ms
117ms Image
image/gif 44.193.96.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2135187684&u=4447783324534451&v=1645178947968055&s=3936960207824777&b=web&tv=4.0&z=2&h=%2Fauth%2Flogin&d=dashboard.cardynale.com&t=Cardynale%20-%20Dashboard&ts=1707338160385&pr=%2Fdashboard&sp=z&sp=0&sp=ts&sp=1707338160340&sp=d&sp=dashboard.cardynale.com&sp=h&sp=%2Fdashboard&sp=t&sp=Cardynale%20-%20Dashboard&st=1707338160385

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/auth/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.193.96.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-193-96-101.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3 200 cardynale-logo-8db3fa83.png
dashboard.cardynale.com/assets/ 14 KB
15 KB 76ms
76ms Image
image/png 2606:4700:3030::6815:5dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dashboard.cardynale.com/assets/cardynale-logo-8db3fa83.png

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/auth/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5dd6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8db3fa83865d5591a9933c5a447fcef834585eec2bc2e04555c2059a89225af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
strict-transport-security: max-age=31556926
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA
last-modified: Mon, 05 Feb 2024 08:23:56 GMT
server: cloudflare
x-timer: S1707312351.606955,VS0,VE2
etag: W/"f9f40a4c56b473b6615a0351f3989f00acd3f90d47e3d8cbec72cfb6c307953a"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCrs4bPMQSgv%2ByZ4JlP9lw08nS5QeCA1SqUwGb1GM4E3TnKHn3m9epCRTDIkK3Zl9cnUa6jcUJLz%2Fk5sZy5MG7LJlWogiSmKxvcU0VIs1vG3H1RlopDesLiCLnJpCWop3t%2B3riS09JUkcCNx1dpxj7TX5TzuHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 851e6c2e9f96381a-FRA
x-cache-hits: 1

GET
H3 200 Montserrat.ttf
dashboard.cardynale.com/assets/assets/fonts/ 4 KB
2 KB 63ms
63ms Font
text/html 2606:4700:3030::6815:5dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.cardynale.com/assets/assets/fonts/Montserrat.ttf

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-c968d44a.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5dd6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c32b4fa5e7d4e2a0dd436319600a437d640ba6df490cc065acbce67a81b4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://dashboard.cardynale.com/assets/index-c968d44a.css
Origin: https://dashboard.cardynale.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA
last-modified: Wed, 07 Feb 2024 14:27:41 GMT
server: cloudflare
x-timer: S1707338160.451138,VS0,VE2
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpPhoIZp2MUGwkhGnL4R%2BNfMGuVNwxjsjSy%2F0x0GdJorF7lOAK8bOfRNU4t3vu9kh74p1XAJwqtYCzmX%2Bup1UhGzHUqp%2FaeVGJDNasI8PFPmddFUDvMTuNhTT3lU19hR7Ghn%2FCK69EmK0Rxt%2FQ4uTV3xN7RVZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 851e6c2eafbe381a-FRA
x-cache-hits: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
80 KB 89ms
39ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-3H93WQ1ZN6

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-3951f96a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbfa9c2f9e1772cf723ec0c9d0d24ad0d623578f4e5fb12d184952d02584fbc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81016
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 20:36:00 GMT

GET
H3 200 core.js Show response
t.screeb.app/v0.2.35/ Frame 3943 217 KB
65 KB 67ms
42ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.screeb.app/v0.2.35/core.js

Requested by

Host: t.screeb.app
URL: https://t.screeb.app/tag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ee28a20a4d17cd1f2766015bb7da2086eeab1e42b70f189570e75aca427a430

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer
Origin: https://dashboard.cardynale.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txg1b5c8329c40f46ec9f62-0065c392c9
age: 22247
alt-svc: h3=":443"; ma=86400
x-amz-id-2: txg1b5c8329c40f46ec9f62-0065c392c9
last-modified: Fri, 02 Feb 2024 19:01:53 GMT
server: cloudflare
etag: W/"613bf31c8aa2fe573863bd4c3383bde6"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drUHbrtz%2BcmOsXVfHfUtkbA%2BdWPCHNFgSYbgsriBtRTHzTQuSaSC%2BYdRDdPsHJIOj0Ay6bccz49TtsO6R0fW3c1fsWWfRfmm0Msx41V2UBEYdv9iLU4l%2BlEz1OUhP4TGf%2BlpkSfRd1efS7I%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding
cf-ray: 851e6c2eee3b92ab-FRA

GET
H3 200 Montserrat-e5b1a3fb.ttf
dashboard.cardynale.com/assets/ 385 KB
156 KB 95ms
94ms Font
font/ttf 2606:4700:3030::6815:5dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.cardynale.com/assets/Montserrat-e5b1a3fb.ttf

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-c968d44a.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::6815:5dd6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b1a3fbac6e5bf9f20860f9a254abe39240439f445568d8cd37482789e5dcac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Referer: https://dashboard.cardynale.com/assets/index-c968d44a.css
Origin: https://dashboard.cardynale.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230072-FRA
last-modified: Mon, 05 Feb 2024 08:23:56 GMT
server: cloudflare
x-timer: S1707312351.853975,VS0,VE3
etag: W/"228ee91792884f8ed7b5b380252ff6f2cf5c4cb72feb17c598d1911053d99f06"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7Hha1sT82RhYI%2FjgCPFQFaCRsOT%2BVYX38Ub7J3yKEMm0Uspz26ATry%2FVgbyMxdjgMsRUUci%2BBhWIsJLQpSagogyulRV9J6JVQrPJ3R4KzIS4aJz2XfmcP5HHE9TvdfZr9uDhUvbwTFein2yxXl%2FWkqchkhhig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 851e6c2f0856381a-FRA
x-cache-hits: 1

GET
H2 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 121 B
211 B 115ms
115ms Fetch
text/plain 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=V0GzwhqdsgKhqN8PyqfJe2J9GK41LI9LoqjcjmYOOSE&VER=8&database=projects%2Fcard-plus-prod%2Fdatabases%2F(default)&RID=rpc&SID=-5nWvnR-Mzx_VPLdkjcfUQ&AID=0&CI=1&TYPE=xmlhttp&zx=ss0x1cwlot8r&t=1

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-3951f96a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62e09686662ad0a73b4cb46dc9dcc888a3a3ea0bf6127505b7331f999ca7d72a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://dashboard.cardynale.com
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0

GET
H2 200 45f58a28-5b79-4fc1-9b2b-89361d88d7ad Show response
rpc.screeb.app/rpc/1.3.0/channel/ Frame 3943 1 KB
1 KB 163ms
104ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rpc.screeb.app/rpc/1.3.0/channel/45f58a28-5b79-4fc1-9b2b-89361d88d7ad

Requested by

Host: t.screeb.app
URL: https://t.screeb.app/v0.2.35/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b77708deca4ad1ef08662f2efb32e940fe435d791f14682497d7c0ed4a0a89f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: off
x-screeb-job: Why not considering working at Screeb?! Please contact samuel@screeb.app. See you soon!
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 07 Feb 2024 17:49:40 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: DENY
access-control-max-age: 3600
access-control-allow-methods: GET, SEARCH, HEAD, OPTIONS, POST, PUT, PATCH, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30, s-maxage=30, stale-while-revalidate=3
access-control-allow-credentials: false
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Y%2BkcWPjYQhThkESByOarEPKkNbSp7Q7axKrGTnmCKKFj4FlJcUQPJwv8UYSu5krbYjFqkeAm92qVGfIS1twAX3JHtSJlXhdGJunva9Qf%2FZUPssP5G7JP%2BjqYDBTrieHYXqtCE79DnXhXar1JA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, nofollow, noarchive, nosnippet, notranslate, noimageindex
access-control-allow-headers: Origin, Content-Type, Content-Length
cf-ray: 851e6c300fea2c00-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 81ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3H93WQ1ZN6&gtm=45je4250v9126674215za200&_p=1707338160415&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&_fid=d5m5BaFO1uvu0fMv-Lxlx6&cid=463331424.1707338161&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707338160&sct=1&seg=0&dl=https%3A%2F%2Fdashboard.cardynale.com%2Fauth%2Flogin&dt=Cardynale%20-%20Dashboard&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase&tfd=1455
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-3H93WQ1ZN6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 20:36:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.cardynale.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 channel Show response
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 202 B
182 B 76ms
75ms Fetch
text/plain 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-3951f96a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1717807b4e9bb7cf5c9c84e3faf5b0ad158789088234d8438fe23d7264b7778a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Referer, origin
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://dashboard.cardynale.com
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0

GET
H3 200 channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 17 B
0 30ms
29ms Fetch
text/plain 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-3951f96a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://dashboard.cardynale.com
cache-control: private, max-age=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0

GET
H2 200 u6iqbjrb Show response
widget.intercom.io/widget/ 7 KB
3 KB 468ms
408ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/u6iqbjrb
Requested by: Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-21.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce577aab9b0fb6200882c17971a1350dcb4afd9ddaf2c1bf29de1b27d444135e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.cardynale.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: ubJgWf3waI5euULqaR.X1rpNsRZHeqwB
content-encoding: gzip
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
date: Wed, 07 Feb 2024 20:32:05 GMT
x-amz-cf-pop: FRA56-C2
age: 257
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2705
last-modified: Wed, 07 Feb 2024 16:27:41 GMT
server: AmazonS3
etag: "955bfbadfbcf55b7ed95048aad56ce7e"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: ci6EaenW9F8lJPF5Nxj3DGQA_nznJi9MFgDqPsuv9DrV9K_h3iP-hQ==

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 3F44 200 B
816 B 22ms
22ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.cardynale.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 761881
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 20:36:00 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 280040
x-content-type-options: nosniff
x-request-id: 0fe05aea-a7a1-4c4a-9d3c-f9b554b2143f
x-served-by: cache-fra-eddf8230121-FRA

GET
H2 200 respondent Show response
rpc.screeb.app/rpc/1.3.0/channel/45f58a28-5b79-4fc1-9b2b-89361d88d7ad/ Frame 3943 95 B
388 B 187ms
186ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rpc.screeb.app/rpc/1.3.0/channel/45f58a28-5b79-4fc1-9b2b-89361d88d7ad/respondent?identity=

Requested by

Host: t.screeb.app
URL: https://t.screeb.app/v0.2.35/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

060dee0d18583c9c07f9740fbab00e66632c9c4b859ca51cd4246b35c6b70c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:36:00 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: off
x-screeb-job: Why not considering working at Screeb?! Please contact samuel@screeb.app. See you soon!
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-download-options: noopen
access-control-max-age: 3600
access-control-allow-methods: GET, SEARCH, HEAD, OPTIONS, POST, PUT, PATCH, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ms%2BMClhqAFS1h5aips15R%2BzKTFwykEW0K273uwfLQ3YBb6zPnLIU0XLx5zkCvhvk%2FIEuz3pbMNopDOEd0a6yyEuPR5S%2F6dYDuhb7IplmSB%2BNprfQzQhOQguWRsbKOJhqdF2kWrxwHOeEo%2FUkLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, max-age=0
access-control-allow-credentials: false
x-frame-options: DENY
x-robots-tag: noindex, nofollow, noarchive, nosnippet, notranslate, noimageindex
access-control-allow-headers: Origin, Content-Type, Content-Length
vary: Accept-Encoding
cf-ray: 851e6c30b9102c00-FRA

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3F44 526 B
450 B 23ms
23ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 20:36:00 GMT
via: 1.1 varnish
age: 749790
x-cache: HIT
content-length: 315
x-request-id: 60d6a2f4-2776-4ac3-b32b-d2920ebd3dad
x-served-by: cache-fra-eddf8230121-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 267266

POST
H2 200 csp-report
q.stripe.com/ Frame 3F44 0
717 B 609ms
195ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Feb 2024 20:36:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707338161275292
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707338161275094
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3F44 0
717 B 607ms
193ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Feb 2024 20:36:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707338161275292
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1707338161275111
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame C766 930 B
2 KB 93ms
23ms Document
text/html 2600:9000:2057:b600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:b600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 240
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 20:33:29 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-id: pTRicGqn-T9H8W9pugn2AZzC90_A754J794tyFIG37B2Jxp3Y0QSpA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame C766 0
491 B 491ms
198ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Feb 2024 20:36:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707338161275521
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1707338161275181
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame C766 87 KB
14 KB 25ms
25ms Script
text/javascript 2600:9000:2057:b600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:b600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 20:35:48 GMT
content-encoding: br
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 13
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: YXxueIKltxNNZmSgs0EPlGJjMrTEuFlslPInwdnVGI0mk4TfjjHP2A==

POST
H2 200 6 Show response
m.stripe.com/ Frame C766 156 B
669 B 590ms
192ms XHR
application/json 44.237.70.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.70.166 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-70-166.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0bcbe77cfaa9e360f4c59bd293981371409797e50686e44faead7c1caabde2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 07 Feb 2024 20:36:01 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1707338161452667
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1707338161452434
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 frame-modern.6a377076.js Show response
js.intercomcdn.com/ Frame 726E 516 KB
143 KB 164ms
36ms Script
application/javascript 3.162.38.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.6a377076.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/u6iqbjrb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.38.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-38-35.cdg52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

520d62ae8314023737fd1f8cc1ee89c52960ca0991d4b63e7dc768d5f208f28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: JlSKb6mox3X3efiN6qw95OQRvT5ORvHw
content-encoding: gzip
via: 1.1 36c6c3811cab96a013bc3537d6f39092.cloudfront.net (CloudFront)
date: Wed, 07 Feb 2024 20:27:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P6
age: 496
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 145544
last-modified: Wed, 07 Feb 2024 16:24:48 GMT
server: AmazonS3
etag: "a5f63f09b0f072f19686b580a4bcec06"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: fa-DCK4E9CmnjFpHgp0SGbo_kEVUi6mVhSOlR4vwyEX3eVU3hijZaQ==

GET
H2 200 vendor-modern.af6641c5.js Show response
js.intercomcdn.com/ Frame 726E 408 KB
126 KB 248ms
120ms Script
application/javascript 3.162.38.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.af6641c5.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/u6iqbjrb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.38.35 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-38-35.cdg52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6376e264ac24e50f7ac1866a86e23a3c0134ce82d6b059aefee2177b211effa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 3J.IJPaqOhofQQSf2v2RAGLxretN6Z0i
content-encoding: gzip
via: 1.1 36c6c3811cab96a013bc3537d6f39092.cloudfront.net (CloudFront)
date: Wed, 07 Feb 2024 20:14:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: CDG52-P6
age: 1317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 128603
last-modified: Tue, 06 Feb 2024 17:09:19 GMT
server: AmazonS3
etag: "ceb2be930e6354b8c59b3cf04a3f088b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: own3Css_ZAOW607JOhgXO1yeDIyc-6-qAJjXtkG5xC65xoORk_w93w==

POST
H2 200 / Show response
o4505685823324160.ingest.sentry.io/api/4505905912676352/envelope/ 41 B
96 B 45ms
45ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4505685823324160.ingest.sentry.io/api/4505905912676352/envelope/?sentry_key=4e0a6040059e7a5615b1edff3a8b8ca4&sentry_version=7&sentry_client=sentry.javascript.react%2F7.91.0

Requested by

Host: dashboard.cardynale.com
URL: https://dashboard.cardynale.com/assets/index-3951f96a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

93edb1d4f0bf4b824677e32b1bceacb65e48debc00cb457af0f1a201332f77a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dashboard.cardynale.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 07 Feb 2024 20:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cardynale.com/	1970-01-21 03:01:14	Name: _hjSessionUser_3624283 Value: eyJpZCI6ImEzMzAzMDI3LWE1ODctNWFhZS05YTNmLThkNDlmZjFjYmRjMyIsImNyZWF0ZWQiOjE3MDczMzgxNjAzMDMsImV4aXN0aW5nIjp0cnVlfQ==
.cardynale.com/	1970-01-20 18:15:39	Name: _hjSession_3624283 Value: eyJpZCI6ImRkMzA5Nzc2LTFlN2QtNDJmMy04Nzg3LTRhMDc5OGE5NTg4MSIsImMiOjE3MDczMzgxNjAzMDQsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.cardynale.com/	1970-01-21 03:43:35	Name: _hp2_id.2135187684 Value: %7B%22userId%22%3A%224447783324534451%22%2C%22pageviewId%22%3A%221645178947968055%22%2C%22sessionId%22%3A%223936960207824777%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.cardynale.com/	1970-01-21 03:51:38	Name: _ga_3H93WQ1ZN6 Value: GS1.1.1707338160.1.0.1707338160.0.0.0
.cardynale.com/	1970-01-21 03:51:38	Name: _ga Value: GA1.1.463331424.1707338161
.cardynale.com/	1970-01-20 18:15:39	Name: _hp2_ses_props.2135187684 Value: %7B%22ts%22%3A1707338160340%2C%22d%22%3A%22dashboard.cardynale.com%22%2C%22h%22%3A%22%2Fdashboard%22%7D
m.stripe.com/	1970-01-21 03:51:38	Name: m Value: 4777d5c0-0d4d-42c1-b838-92b53ccb3df642ada9
.dashboard.cardynale.com/	1970-01-21 03:01:14	Name: __stripe_mid Value: 292042be-2898-422e-98ac-8f64a84a757eebf6ad
.dashboard.cardynale.com/	1970-01-20 18:15:39	Name: __stripe_sid Value: 04edc4d1-fa19-4266-8095-37dd18d81bd0f0ef7e

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://dashboard.cardynale.com/auth/login Message: Failed to decode downloaded font: https://dashboard.cardynale.com/assets/assets/fonts/Montserrat.ttf
other	warning	URL: https://dashboard.cardynale.com/auth/login Message: OTS parsing error: invalid sfntVersion: 1008813135
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other	warning	URL: https://dashboard.cardynale.com/auth/login Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
content.hotjar.io
dashboard.cardynale.com
edge.api.stigg.io
firebase.googleapis.com
firebaseinstallations.googleapis.com
firestore.googleapis.com
heapanalytics.com
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
o4505685823324160.ingest.sentry.io
q.stripe.com
region1.google-analytics.com
rpc.screeb.app
script.hotjar.com
static.hotjar.com
t.screeb.app
tally.so
widget.intercom.io
www.googletagmanager.com
13.227.219.28
13.32.27.21
151.101.192.176
18.172.153.7
2001:4860:4802:32::36
2600:9000:2057:b600:19:7d10:bd80:93a1
2600:9000:23d4:aa00:12:31ef:1b40:93a1
2606:4700:3030::6815:5dd6
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2008
2a00:1450:4001:811::200a
2a00:1450:4001:813::200a
2a06:98c1:3120::3
2a06:98c1:3120::9
3.162.38.35
34.120.195.249
44.193.96.101
44.237.70.166
52.222.139.116
54.187.119.242
54.194.77.36
05a717cf0f47e5910e756402570e97b8bc1ac2fedb67f24531f6c13cd7310a41
060dee0d18583c9c07f9740fbab00e66632c9c4b859ca51cd4246b35c6b70c2c
0bcbe77cfaa9e360f4c59bd293981371409797e50686e44faead7c1caabde2c8
130d2be9b6d544e808f2109f1553b2817c80b02f38242848dcc1b0d86b361887
135cc2fb726f9d5ba840faf6e0ff280e2bd7b6b28a2736bd6092c807cfbea88c
1717807b4e9bb7cf5c9c84e3faf5b0ad158789088234d8438fe23d7264b7778a
185ca330886f520e0dabb5f002ee6445ccffda924f66486de606cb23474ba8de
2b77708deca4ad1ef08662f2efb32e940fe435d791f14682497d7c0ed4a0a89f
35c32b4fa5e7d4e2a0dd436319600a437d640ba6df490cc065acbce67a81b4e8
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
37ff4877ee628ad9258e813119833c5d4316e071c1c457cd06ab020668d4602a
406bafc150681ae379032b81a9ed1f471b4fd16c23c98fe1b8e6f1ea57e9de3c
520d62ae8314023737fd1f8cc1ee89c52960ca0991d4b63e7dc768d5f208f28b
62e09686662ad0a73b4cb46dc9dcc888a3a3ea0bf6127505b7331f999ca7d72a
6376e264ac24e50f7ac1866a86e23a3c0134ce82d6b059aefee2177b211effa9
6ee28a20a4d17cd1f2766015bb7da2086eeab1e42b70f189570e75aca427a430
75fd159f0cbd1747a76c445d270cc0f83e4568d89ca8a5c4b14b2e7988748c93
7c673f1f936677f0f241944f882882483d0a64a88ed608152c0008e129a7e92c
82e86343056ceb21486458a1e63d5ba68979ced9ec881342facd2a8d40a90c41
8db3fa83865d5591a9933c5a447fcef834585eec2bc2e04555c2059a89225af8
93edb1d4f0bf4b824677e32b1bceacb65e48debc00cb457af0f1a201332f77a3
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c968d44a71217ae878381906fe68102cc148db950380ada9373091a5b61e73b8
ce577aab9b0fb6200882c17971a1350dcb4afd9ddaf2c1bf29de1b27d444135e
d89fc71d7490f6e379d45fc8be39328280813ff2770f03f08ed713ad9b72e4e3
dbfa9c2f9e1772cf723ec0c9d0d24ad0d623578f4e5fb12d184952d02584fbc0
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e291a4e152d9854cf1d360e6ec966048f9d3e97aefbccd4327bc91b5ec78cfd4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b1a3fbac6e5bf9f20860f9a254abe39240439f445568d8cd37482789e5dcac
f5b2ea5a719477d34001600d2344d08b655e9ee440ba64e57746089ecbdadf32
f8049ae68dfaf1f9a2e961810a903b5396ff4c45270367670747f18d12ef35ba

dashboard.cardynale.com Open in urlscan Pro 2606:4700:3030::6815:5dd6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

48 %IPv6

15 Domains

22 Subdomains

21 IPs

3 Countries

2881 kBTransfer

10604 kBSize

9 Cookies

0 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dashboard.cardynale.com Open in urlscan Pro
2606:4700:3030::6815:5dd6 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

48 %
IPv6

15
Domains

22
Subdomains

21
IPs

3
Countries

2881 kB
Transfer

10604 kB
Size

9
Cookies

43 HTTP transactions
0 data transactions