trust.planningblox.com Open in urlscan Pro
104.22.27.212 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://trust.planningblox.com/
Submission Tags: phishingrod
Submission: On November 04 via api (November 4th 2023, 4:21:22 am UTC) from DE — Scanned from DE

Summary HTTP 21 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 104.22.27.212, located in and belongs to CLOUDFLARENET, US. The main domain is trust.planningblox.com.
TLS certificate: Issued by R3 on November 4th 2023. Valid for: 3 months.

This is the only time trust.planningblox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.22.27.212 104.22.27.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	216.58.212.138 216.58.212.138	15169 (GOOGLE) (GOOGLE)
9	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	5

7 104.22.27.212 (None, )

ASN13335 (CLOUDFLARENET, US)

trust.planningblox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f138.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

static.vanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	vanta.com static.vanta.com — Cisco Umbrella Rank: 660809	3 MB
7	planningblox.com trust.planningblox.com	14 KB
4	gstatic.com fonts.gstatic.com	138 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
21	4

	Domain	Requested by
9	static.vanta.com	trust.planningblox.com static.vanta.com
7	trust.planningblox.com	static.vanta.com
4	fonts.gstatic.com	trust.planningblox.com fonts.googleapis.com
1	fonts.googleapis.com	trust.planningblox.com
21	4

This site contains links to these domains. Also see Links.

Domain
planningblox.com
vanta.com
clearbit.com

Subject Issuer	Validity	Valid
trust.planningblox.com R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
static.vanta.com E1	`2023-09-15` - `2023-12-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://trust.planningblox.com/
Frame ID: AF46A1F91EEC3DEE29AAC1EE7EEBB47B
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trust Report - Planning Blox, LLC

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

3147 kB
Transfer

9858 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://planningblox.com/
Title: Return to Planning Blox Home Page

Search URL Search Domain Scan URL

URL: https://vanta.com/?utm_source=product&utm_medium=product&utm_campaign=trust-report
Title: Learn more

Search URL Search Domain Scan URL

URL: https://clearbit.com/
Title: Clearbit

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
trust.planningblox.com/ 2 KB
3 KB 467ms
82ms Document
text/html 104.22.27.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trust.planningblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.27.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56f60299ebc2b7cb7611bad8069cc56325654744936c0e2c57ed03861a734a39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 820a11acec144d73-FRA
content-encoding: gzip
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
content-type: text/html; charset=utf-8
date: Sat, 04 Nov 2023 04:21:14 GMT
etag: W/"eb8cd84a226c4e6fd846303e1f8d93bf"
link: <https://fonts.googleapis.com>; rel="preconnect"
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 610ms
17ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: trust.planningblox.com
URL: https://trust.planningblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trust.planningblox.com/
Origin: https://trust.planningblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 07:35:21 GMT
x-content-type-options: nosniff
age: 593154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37780
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 07:35:21 GMT

GET
H2 200 L0x8DFMnlVwD4h3hu_qnZypEiw.woff2
fonts.gstatic.com/s/domine/v19/ 27 KB
27 KB 603ms
11ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/domine/v19/L0x8DFMnlVwD4h3hu_qnZypEiw.woff2

Requested by

Host: trust.planningblox.com
URL: https://trust.planningblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

331215b2d754c35f93a1868c74124b059095b34b1b49625c9bf149a0e8a19518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://trust.planningblox.com/
Origin: https://trust.planningblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 13:39:08 GMT
x-content-type-options: nosniff
age: 52927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27612
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:06:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 13:39:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 391ms
57ms Stylesheet
text/css 216.58.212.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Domine:wght@400;600&family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: trust.planningblox.com
URL: https://trust.planningblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f138.1e100.net

Software

ESF /

Resource Hash

d9bc2391abb0e14534cbcfee3862c75266ed014a916fe44bb0961bc2f09ae05a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trust.planningblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Nov 2023 04:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Nov 2023 04:21:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Nov 2023 04:21:14 GMT

GET
H2 200 index.679bda3d.css
static.vanta.com/static/ 480 KB
82 KB 407ms
45ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.679bda3d.css

Requested by

Host: trust.planningblox.com
URL: https://trust.planningblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c99fff8c1fa8a28bf3e56e2bae7c2e4ca70171cc25f3b79a51378582eb4cacba

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trust.planningblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 04:21:14 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2e3780af74a03fb73a5537f8a63f2951"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8566i9U5BZso5KMSd1sC7sRmcCRkW7menVh3ingXaE3%2BygKT0Vn09MuHYWX38LT1V3i4Gpa0Uqh4Wx4sx4L%2FVLCQKWb8SxSCREyqVPGVpX2c3D5prk5F9yXn34EhZJQgbk2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 820a11afc86f9b31-FRA

GET
H2 200 index.fd190e71.css
static.vanta.com/static/ 566 B
654 B 407ms
46ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.fd190e71.css

Requested by

Host: trust.planningblox.com
URL: https://trust.planningblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9beae50b8ea51cca1e4fe63ceee608977173aeb44a1d1fa6297d93a3e77f5bd8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trust.planningblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 04:21:14 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c78a3167656670f91dc7e03525ef6920"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qI6btCrgtU9ANvAS2QC%2B8b1S8HZaHNkWBTnPhHhGiwiApyU%2FbXe8vD7C431uaaOKSu%2BULjFvunJXAkKT0uJLDahHHTMhw0KWeytgRGWhcq9UCThRPdX%2Bxl8Pj9nX4GR%2Fw8Gs"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 820a11afc8719b31-FRA

GET
H2 200 index.04727e09.css
static.vanta.com/static/ 574 B
643 B 412ms
51ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.04727e09.css

Requested by

Host: trust.planningblox.com
URL: https://trust.planningblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f48582eae2169bd5126b907566d7c70af153b9daff643866b5b98fdac29bd5e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trust.planningblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 04:21:14 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"595ce78ec4af2ff37e22c6bf1a059ff7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nP8qU75oFIsSFWv87oZXxMrbyqOR6IsjGJcOxLm6BONvQbSycYDlWqKbyV8%2FMsSY266yrMJRpEu6IN2O6VMAcdQDjyh6%2BqdkINOOzvIFWdW8cj4ob5N5TkMRhP5M8cPPuzOy"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 820a11afc8709b31-FRA

GET
H2 200 entry-trust-report.js Show response
static.vanta.com/static/ 548 B
579 B 33ms
32ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/entry-trust-report.js

Requested by

Host: trust.planningblox.com
URL: https://trust.planningblox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c98ee566fd2aa7b9ad182e1d8184b3579595cac2d18c603ba00e2334858a1647

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trust.planningblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 04:21:14 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ae7f678caf5f06110e42a5e63b968bc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfS%2B0p0jTmEYZiqJ%2BVDN8dvpfeRO4QM9BMZ0AuNXg0D6gJ%2BUanNipG%2FHvqyS0FRq2i%2BZBgNK2xxto5HYXlNQMAwkluRG4bQbMftplMLg28DZwfZ47sjKT4FiAzOgEHDCMzFS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 820a11b048a79b31-FRA

GET
H2 200 index.d0f35fab.js Show response
static.vanta.com/static/ 9 MB
3 MB 66ms
65ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.d0f35fab.js

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/entry-trust-report.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a7f93a1795024fa3771d84dce60d2a39367a95877f9a22eaeb99cb9212a31f0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trust.planningblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 04:21:15 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"64cb369f45814e3d1155961d0d7924e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGY%2BVdrN%2FpjW%2FLXrC4HMvWwS0cz72s7SGiFw2cdEp9yaMbgUM2oO%2F%2FvAV4SvJF7Yt3djrtLG%2BfV1k8xVsC3mFjk%2BNHBHnVD%2B%2FIADXb03DtORC%2B3zVEmak6VV8GIv66uLwciW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 820a11b078be9b31-FRA

GET
H2 200 index.runtime.d4acc125.js Show response
static.vanta.com/static/ 4 KB
4 KB 36ms
36ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.runtime.d4acc125.js

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/entry-trust-report.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e371fd8af0dc46620a7d84ec55ae01577601b2d2abc47b85bda2a539244c129

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trust.planningblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 04:21:14 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"7c8fc6db09e257d4fab4fd9fa5ab6c8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIqWgKY1qSo06S%2FCRnLJ3HqO26o%2FxyMFIGCPrA2xpTW4sciUPvpfv4ji88GkXguKnbYhEMKQYzzs1qYoS%2BFXMR52HVt%2B2IWLn53tUjzqoQwCcJ4EVsOv6nr%2FQ93g4WMj3zcY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 820a11b078bf9b31-FRA

GET
H2 200 index-trust-report.b3df7639.js Show response
static.vanta.com/static/ 4 KB
2 KB 34ms
34ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index-trust-report.b3df7639.js

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/entry-trust-report.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4740b3e086cdf0373bbfbc62e6100f4697abfffa536f18e4840f3e361543f608

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trust.planningblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 04:21:14 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"18d7b272eb5feb11d4b32fed2e67baac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8O48Wo%2Bz2CuySCodWlqiReIl4oySlYftMEZU7JfsF4V%2BwVBMdI2geH3gaBVaJ%2Bb67SShdiROufxm4MwB9t2jA3ciO%2B6IXp0KdRwB%2BpbvM8fKlCKysWVI1quq%2BPYQcxABp8Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 820a11b078c09b31-FRA

POST
H2 200 graphql Show response
trust.planningblox.com/ 104 B
238 B 666ms
665ms Fetch
application/json 104.22.27.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trust.planningblox.com/graphql?operation=recordTrustReportPageView

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.d0f35fab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.27.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bccc43b1502d7b7b6835847f95020e8bef47005c24b14c2c00f623f4efca9114

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: application/json
accept: */*
Referer: https://trust.planningblox.com/
apollographql-client-version: 99eb4e
graphql-schema-version: 99eb4e

Response headers

date: Sat, 04 Nov 2023 04:21:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
uuid: 98f4f6b0-7ac9-11ee-894a-c5851a779ba9
x-xss-protection: 0
referrer-policy: same-origin
server: cloudflare
etag: W/"68-N/p0f1ybPAWtcVrv0+H7di6IGMw"
expect-ct: max-age=0
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trust.planningblox.com
x-download-options: noopen
access-control-allow-credentials: true
cf-ray: 820a11b9fa8f4d73-FRA
x-robots-tag: noindex

POST
H2 200 graphql Show response
trust.planningblox.com/ 104 B
208 B 667ms
667ms Fetch
application/json 104.22.27.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trust.planningblox.com/graphql?operation=recordTrustReportPageView

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.d0f35fab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.27.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bccc43b1502d7b7b6835847f95020e8bef47005c24b14c2c00f623f4efca9114

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: application/json
accept: */*
Referer: https://trust.planningblox.com/
apollographql-client-version: 99eb4e
graphql-schema-version: 99eb4e

Response headers

date: Sat, 04 Nov 2023 04:21:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
uuid: 98f5e110-7ac9-11ee-959e-11188677d6aa
x-xss-protection: 0
referrer-policy: same-origin
server: cloudflare
etag: W/"68-N/p0f1ybPAWtcVrv0+H7di6IGMw"
expect-ct: max-age=0
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trust.planningblox.com
x-download-options: noopen
access-control-allow-credentials: true
cf-ray: 820a11b9fa904d73-FRA
x-robots-tag: noindex

POST
H2 200 graphql Show response
trust.planningblox.com/ 2 KB
990 B 666ms
666ms Fetch
application/json 104.22.27.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trust.planningblox.com/graphql?operation=fetchDataForTrustReport

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.d0f35fab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.27.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91edf720c88711a8b5a65e14dd9e72af94df68bcbf6cc647d762490242719035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: application/json
accept: */*
Referer: https://trust.planningblox.com/
apollographql-client-version: 99eb4e
graphql-schema-version: 99eb4e

Response headers

date: Sat, 04 Nov 2023 04:21:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
x-dns-prefetch-control: off
uuid: 98f321f0-7ac9-11ee-95b6-633feadaafa8
x-xss-protection: 0
referrer-policy: same-origin
server: cloudflare
etag: W/"7fb-ZDTfYrbHRxIy6+6Kj1y0MWmAl5c"
expect-ct: max-age=0
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trust.planningblox.com
x-download-options: noopen
access-control-allow-credentials: true
cf-ray: 820a11ba0a924d73-FRA
x-robots-tag: noindex

POST
H2 200 graphql Show response
trust.planningblox.com/ 405 B
692 B 661ms
661ms Fetch
application/json 104.22.27.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trust.planningblox.com/graphql?operation=fetchReportContext

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.d0f35fab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.27.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d499f991594c019bf84bf15e3176d126b02df07295f38244cdc949b25ef867e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: application/json
accept: */*
Referer: https://trust.planningblox.com/
apollographql-client-version: 99eb4e
graphql-schema-version: 99eb4e

Response headers

date: Sat, 04 Nov 2023 04:21:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
uuid: 98f321f0-7ac9-11ee-abc8-a9ef9e793387
x-xss-protection: 0
referrer-policy: same-origin
server: cloudflare
etag: W/"195-spWtQ6SOlHPotyc/0Ijf5vbKpxQ"
expect-ct: max-age=0
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trust.planningblox.com
x-download-options: noopen
access-control-allow-credentials: true
cf-ray: 820a11ba0a934d73-FRA
x-robots-tag: noindex

POST
H2 200 graphql Show response
trust.planningblox.com/ 35 KB
4 KB 574ms
574ms Fetch
application/json 104.22.27.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trust.planningblox.com/graphql?operation=fetchControlsDataForExternalTrustReport

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.d0f35fab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.27.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9156da257145ad85f90ff28bc3a960ec7d9e72a40d0c36f655b56a232c564102

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: application/json
accept: */*
Referer: https://trust.planningblox.com/
apollographql-client-version: 99eb4e
graphql-schema-version: 99eb4e

Response headers

date: Sat, 04 Nov 2023 04:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
x-dns-prefetch-control: off
uuid: 99338650-7ac9-11ee-8186-7d0e9727facc
x-xss-protection: 0
referrer-policy: same-origin
server: cloudflare
etag: W/"8af1-OOAqtKnvAEa5Le8xkxIk0v2WVpQ"
expect-ct: max-age=0
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://trust.planningblox.com
x-download-options: noopen
access-control-allow-credentials: true
cf-ray: 820a11be4d144d73-FRA
x-robots-tag: noindex

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 19ms
18ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Domine:wght@400;600&family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trust.planningblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:27:54 GMT
x-content-type-options: nosniff
age: 122003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:27:54 GMT

GET
H2 200 L0x8DFMnlVwD4h3hu_qn.woff2
fonts.gstatic.com/s/domine/v20/ 27 KB
28 KB 18ms
17ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/domine/v20/L0x8DFMnlVwD4h3hu_qn.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Domine:wght@400;600&family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

4ca7a2bf57b8f60a37d94646e7e67ffda591d8816c58a054d8ff1cc4103ba902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trust.planningblox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:19:59 GMT
x-content-type-options: nosniff
age: 205278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28060
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Oct 2024 19:19:59 GMT

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a75977b1f0d47d0017aee8a2730a694aff027ef5df56c70c89f3cd73c433196c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 doc
trust.planningblox.com/ 5 KB
5 KB 477ms
476ms Image
image/png 104.22.27.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trust.planningblox.com/doc?s=hpx53yx532nzlyhipd4m2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.27.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ef78241b483561443efc2f9a4059ec685afbc9af5697884062a0b4a31a9092b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trust.planningblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 04:21:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'
x-dns-prefetch-control: off
content-disposition: filename=Planning%20Blox%20Logo.png
uuid: 9979b710-7ac9-11ee-bdda-b5f562cb2459
x-xss-protection: 0
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://trust.planningblox.com
x-download-options: noopen
cf-ray: 820a11bf7db04d73-FRA
x-robots-tag: noindex

GET
H2 200 iso27001_badge.389da6de.png
static.vanta.com/static/ 41 KB
41 KB 40ms
39ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.vanta.com/static/iso27001_badge.389da6de.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba9c7c5925d0dacef42671fec2674c7765a2b7bfe0734f981f37f7b201ebff4e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trust.planningblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 04:21:17 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 42100
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "646e3916d47c9785e71e71c61cbec994"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2F36nEa1deK8oAHDipCGLI1eKVO8mdk8glHRXOGhZCdEWtTt5HYqyIUxtdyaQ9eN39ZXjsK93VHJHFLQuaySBvxMQidRvi3BKV21T50JNCYrDoDYxaSpAIN%2Fxchzpi6%2FRh2a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 820a11bf7ddb9b31-FRA

GET
H2 200 iso27001_badge.290cf5ff.png
static.vanta.com/static/ 41 KB
41 KB 42ms
41ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.vanta.com/static/iso27001_badge.290cf5ff.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba9c7c5925d0dacef42671fec2674c7765a2b7bfe0734f981f37f7b201ebff4e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trust.planningblox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 04:21:17 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 42100
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "646e3916d47c9785e71e71c61cbec994"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zY9mjnGNYNA2kpeFxhDsJOv3D4YG05BV3gUCiDHYSn5J9n2mw57Hfw7eVgLNduI8vZKTbIjASstZk%2F3bukq6lUzYESgeP%2BHXvmIBNOdPpdvZqdjT2HARyqO9SQKBaF0zwgQd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 820a11bf7ddc9b31-FRA

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			trust.planningblox.com/	1969-12-31 23:59:59	Name: slugId Value: ckgvpsdl7oj6ec9opbf7fb
			trust.planningblox.com/	1969-12-31 23:59:59	Name: domainId Value: 62914b1e72eb9d1f261ec0cc

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://trust.planningblox.com/ Message: The resource https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://trust.planningblox.com/ Message: The resource https://fonts.gstatic.com/s/domine/v19/L0x8DFMnlVwD4h3hu_qnZypEiw.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
static.vanta.com
trust.planningblox.com
104.22.27.212
142.250.186.35
188.114.96.3
216.58.212.138
331215b2d754c35f93a1868c74124b059095b34b1b49625c9bf149a0e8a19518
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
3e371fd8af0dc46620a7d84ec55ae01577601b2d2abc47b85bda2a539244c129
3ef78241b483561443efc2f9a4059ec685afbc9af5697884062a0b4a31a9092b
4740b3e086cdf0373bbfbc62e6100f4697abfffa536f18e4840f3e361543f608
4ca7a2bf57b8f60a37d94646e7e67ffda591d8816c58a054d8ff1cc4103ba902
56f60299ebc2b7cb7611bad8069cc56325654744936c0e2c57ed03861a734a39
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8a7f93a1795024fa3771d84dce60d2a39367a95877f9a22eaeb99cb9212a31f0
9156da257145ad85f90ff28bc3a960ec7d9e72a40d0c36f655b56a232c564102
91edf720c88711a8b5a65e14dd9e72af94df68bcbf6cc647d762490242719035
9beae50b8ea51cca1e4fe63ceee608977173aeb44a1d1fa6297d93a3e77f5bd8
a75977b1f0d47d0017aee8a2730a694aff027ef5df56c70c89f3cd73c433196c
ba9c7c5925d0dacef42671fec2674c7765a2b7bfe0734f981f37f7b201ebff4e
bccc43b1502d7b7b6835847f95020e8bef47005c24b14c2c00f623f4efca9114
c98ee566fd2aa7b9ad182e1d8184b3579595cac2d18c603ba00e2334858a1647
c99fff8c1fa8a28bf3e56e2bae7c2e4ca70171cc25f3b79a51378582eb4cacba
d499f991594c019bf84bf15e3176d126b02df07295f38244cdc949b25ef867e3
d9bc2391abb0e14534cbcfee3862c75266ed014a916fe44bb0961bc2f09ae05a
f48582eae2169bd5126b907566d7c70af153b9daff643866b5b98fdac29bd5e7

trust.planningblox.com Open in urlscan Pro 104.22.27.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

5 IPs

3 Countries

3147 kBTransfer

9858 kBSize

2 Cookies

3 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

Indicators

trust.planningblox.com Open in urlscan Pro
104.22.27.212 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

3147 kB
Transfer

9858 kB
Size

2
Cookies

21 HTTP transactions
1 data transactions