ns1.cdn.login.karolina.staging.zen.do Open in urlscan Pro
54.72.193.179  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ns1.cdn.login.karolina.staging.zen.do/	3 KB 2 KB	1037ms 326ms	Document text/html	54.72.193.179 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ns1.cdn.login.karolina.staging.zen.do/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.72.193.179 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-193-179.eu-west-1.compute.amazonaws.com Software openresty / Resource Hash 662ad59df1dc6095c3afaa347ae02c9f7f335253ea2d6e3e7c495ff4c91a4c4b Security Headers Name Value Strict-Transport-Security max-age=31536000 max-age=15768000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers age 42273 alt-svc h3=":443"; ma=86400 content-encoding gzip content-type text/html date Tue, 20 Aug 2024 19:13:33 GMT etag W/"ff4585153b8a328f88ae1e73f1b39513" last-modified Tue, 20 Aug 2024 07:26:26 GMT server openresty strict-transport-security max-age=31536000 max-age=15768000 vary Accept-Encoding Accept-Encoding Origin via 1.1 38eb62cecee463a32bb912440e440938.cloudfront.net (CloudFront) x-amz-cf-id VrxIIQaFCdETSMjJeG8cHcUYrfdp9uF5pggpdLYin8rBdODlc4lygQ== x-amz-cf-pop LHR3-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	4af5ca1.js Show response d1qznhxxl8nonu.cloudfront.net/	27 KB 9 KB	1022ms 575ms	Script text/javascript	2600:9000:2511:8c00:1c:c46a:2680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1qznhxxl8nonu.cloudfront.net/4af5ca1.js Requested by Host: ns1.cdn.login.karolina.staging.zen.do URL: https://ns1.cdn.login.karolina.staging.zen.do/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:8c00:1c:c46a:2680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 94b020f4e9c3d65def00bb3ed01e4b678c769f5dc60b1b9b9bb26f89929e61b3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 07:29:03 GMT content-encoding gzip via 1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop JFK50-P6 age 42272 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 20 Aug 2024 07:26:13 GMT server AmazonS3 etag W/"768892088d204593b6482b3a29e4d1ea" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type text/javascript x-amz-cf-id 8tiTM0HsspAe-nIsaI3KWooI1GEUG5U90UE86FJY17yXWKx25-mIDw==
GET H2	200	898bb4f.js Show response d1qznhxxl8nonu.cloudfront.net/	361 KB 102 KB	1037ms 591ms	Script text/javascript	2600:9000:2511:8c00:1c:c46a:2680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1qznhxxl8nonu.cloudfront.net/898bb4f.js Requested by Host: ns1.cdn.login.karolina.staging.zen.do URL: https://ns1.cdn.login.karolina.staging.zen.do/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:8c00:1c:c46a:2680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 26636229963c9b0bd0d1eafa739b9b8ab172cf4a9f7cadb97c324387f47957d3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 08:52:22 GMT content-encoding br via 1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop JFK50-P6 age 37273 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 20 Aug 2024 07:26:16 GMT server AmazonS3 etag W/"1d88105341211dbb96eef220eebc758a" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type text/javascript x-amz-cf-id PTnTuA9tlNBTRef2pUmFwxekjN9Oc95YTweSAu2wMGqvQT92TB6s_g==
GET H2	200	6425d6c.css d1qznhxxl8nonu.cloudfront.net/css/	423 KB 43 KB	642ms 196ms	Stylesheet text/css	2600:9000:2511:8c00:1c:c46a:2680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1qznhxxl8nonu.cloudfront.net/css/6425d6c.css Requested by Host: ns1.cdn.login.karolina.staging.zen.do URL: https://ns1.cdn.login.karolina.staging.zen.do/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:8c00:1c:c46a:2680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 321516be7474d837dddd189697aee8f8f12dcb24928c5a8d8656121ca2858bfc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 08:52:22 GMT content-encoding br via 1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop JFK50-P6 age 37273 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 20 Aug 2024 07:26:20 GMT server AmazonS3 etag W/"a9a1b1d0c0264f83036c77b9ddc2bb95" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type text/css x-amz-cf-id fPl_E0uPCkCqIwuMBLQWOxBu3RGyhPk-67Xcq2B-TnTRcNU-p_wM8Q==
GET H2	200	1b76289.js Show response d1qznhxxl8nonu.cloudfront.net/	2 MB 613 KB	1211ms 766ms	Script text/javascript	2600:9000:2511:8c00:1c:c46a:2680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1qznhxxl8nonu.cloudfront.net/1b76289.js Requested by Host: ns1.cdn.login.karolina.staging.zen.do URL: https://ns1.cdn.login.karolina.staging.zen.do/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:8c00:1c:c46a:2680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 348de011f9164080eb86efbebbd0bbf3637bd6c04801cd3b485d4c79063e3227 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 08:52:22 GMT content-encoding br via 1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop JFK50-P6 age 37273 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 20 Aug 2024 07:26:11 GMT server AmazonS3 etag W/"8ab7481622f9870a1cf924042029b23b" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type text/javascript x-amz-cf-id eYWSaasIZedrnYBvdSQ-dqLD9k8Yrt8CpAvmW_XOsiJBYMuBGIwS4A==
GET H2	200	cf2941d.css d1qznhxxl8nonu.cloudfront.net/css/	703 KB 118 KB	817ms 372ms	Stylesheet text/css	2600:9000:2511:8c00:1c:c46a:2680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1qznhxxl8nonu.cloudfront.net/css/cf2941d.css Requested by Host: ns1.cdn.login.karolina.staging.zen.do URL: https://ns1.cdn.login.karolina.staging.zen.do/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:8c00:1c:c46a:2680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5aa04772f60f669c17cd2ed6612a90916e0eecaf2bb5c761b0341e0e582f7af9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 08:52:22 GMT content-encoding br via 1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop JFK50-P6 age 37273 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 20 Aug 2024 07:26:21 GMT server AmazonS3 etag W/"86b0284d8fd37f9d862952e7e31472ce" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type text/css x-amz-cf-id QQbWZfizgyhGjVetZHHACxu6vguHd8V-EBxaE06QzTO76UeebpMlfA==
GET H2	200	181ebca.js Show response d1qznhxxl8nonu.cloudfront.net/	1 MB 264 KB	2129ms 1684ms	Script text/javascript	2600:9000:2511:8c00:1c:c46a:2680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1qznhxxl8nonu.cloudfront.net/181ebca.js Requested by Host: ns1.cdn.login.karolina.staging.zen.do URL: https://ns1.cdn.login.karolina.staging.zen.do/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:8c00:1c:c46a:2680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6f0ba22c1fe0c6f5a64def0b869978b312b0020f55715bc543a9dc4acbd8f361 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 07:29:03 GMT content-encoding gzip via 1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop JFK50-P6 age 42272 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 20 Aug 2024 07:26:11 GMT server AmazonS3 etag W/"3c034f589aa9dfeccdfd2ae248494654" vary Accept-Encoding, Origin x-frame-options SAMEORIGIN content-type text/javascript x-amz-cf-id tY2VRPBTTVnaFQmJtslK93TJZHIEuw_GshZu87_vhioEic2KHZRwHw==
GET H2	200	03f26ca.js Show response d1qznhxxl8nonu.cloudfront.net/	344 B 841 B	478ms 477ms	Script text/javascript	2600:9000:2511:8c00:1c:c46a:2680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1qznhxxl8nonu.cloudfront.net/03f26ca.js Requested by Host: d1qznhxxl8nonu.cloudfront.net URL: https://d1qznhxxl8nonu.cloudfront.net/4af5ca1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:8c00:1c:c46a:2680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 969887a25b9673ae778cca04c50834d64906ed0145aa91bf852dd1940bc85383 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 07:44:17 GMT via 1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop JFK50-P6 age 41361 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 344 x-xss-protection 1; mode=block last-modified Tue, 20 Aug 2024 07:26:11 GMT server AmazonS3 etag "9d49fa1898207f909a12b4fec00652a3" x-frame-options SAMEORIGIN vary Origin content-type text/javascript accept-ranges bytes x-amz-cf-id IYOd6C1k0WMQO-_V_MGqOHlivEpjnlUYprMsCszeIqpshmj5cRnwEQ==
GET H2	200	js Show response www.googletagmanager.com/gtag/	291 KB 98 KB	1266ms 250ms	Script application/javascript	2607:f8b0:4006:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-RF4XNR6VKL&l=dataLayer&cx=c Requested by Host: d1qznhxxl8nonu.cloudfront.net URL: https://d1qznhxxl8nonu.cloudfront.net/181ebca.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5b4e40aab33211ba34e210d54ec72fbd01d13833cc1ed0a566c4903b0289e86b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 19:13:38 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 100674 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 20 Aug 2024 19:13:38 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	220 KB 75 KB	1239ms 223ms	Script application/javascript	2607:f8b0:4006:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-W8HNHX9 Requested by Host: d1qznhxxl8nonu.cloudfront.net URL: https://d1qznhxxl8nonu.cloudfront.net/181ebca.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0a2b8deb28c4404e736aac5eacf3e480464f349f9aa9157fbb1db5fdebcf4419 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 19:13:38 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 76607 x-xss-protection 0 last-modified Tue, 20 Aug 2024 18:36:44 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 20 Aug 2024 19:13:38 GMT
GET H2	200	ns.html www.googletagmanager.com/ Frame 60B3	0 0	1221ms 211ms	Document text/html	2607:f8b0:4006:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/ns.html?id=GTM-W8HNHX9 Requested by Host: d1qznhxxl8nonu.cloudfront.net URL: https://d1qznhxxl8nonu.cloudfront.net/181ebca.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate content-encoding br content-length 92 content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 20 Aug 2024 19:13:38 GMT expires Fri, 01 Jan 1990 00:00:00 GMT pragma no-cache server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains vary * x-xss-protection 0
GET H2	500	me Show response ns1.cdn.login.karolina.staging.zen.do/api/v1/auth/	162 B 275 B	694ms 692ms	XHR application/json	54.72.193.179 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ns1.cdn.login.karolina.staging.zen.do/api/v1/auth/me Requested by Host: d1qznhxxl8nonu.cloudfront.net URL: https://d1qznhxxl8nonu.cloudfront.net/898bb4f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.72.193.179 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-193-179.eu-west-1.compute.amazonaws.com Software openresty / PHP/8.2.22 Resource Hash f4c0bf7479523753bdb456fc290e5d632dbc6d7756a68f5462cff4a8eb788992 Request headers Accept application/json, text/plain, */* Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 With-Cookies * Response headers date Tue, 20 Aug 2024 19:13:38 GMT cache-control no-cache, private server openresty x-powered-by PHP/8.2.22 content-type application/json
GET H3	200	Gilroy-Medium.b99aa24.woff d1qznhxxl8nonu.cloudfront.net/fonts/	34 KB 34 KB	1064ms 514ms	Font font/woff	2600:9000:2511:8c00:1c:c46a:2680:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1qznhxxl8nonu.cloudfront.net/fonts/Gilroy-Medium.b99aa24.woff Requested by Host: d1qznhxxl8nonu.cloudfront.net URL: https://d1qznhxxl8nonu.cloudfront.net/css/cf2941d.css Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2511:8c00:1c:c46a:2680:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5435562080b8812622dfa1e7b8f61bebb5c04601c1d2130d49467699d2aad0a5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://d1qznhxxl8nonu.cloudfront.net/css/cf2941d.css Origin https://ns1.cdn.login.karolina.staging.zen.do User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 07:44:17 GMT via 1.1 f48e3bba7eb119871945c3726fab1888.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31536000 x-amz-cf-pop JFK50-P6 age 41361 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 34708 x-xss-protection 1; mode=block last-modified Tue, 20 Aug 2024 07:26:23 GMT server AmazonS3 etag "b99aa24a94776464647455527f788e66" x-frame-options SAMEORIGIN content-type font/woff access-control-allow-origin * accept-ranges bytes x-amz-cf-id P4laWQ1zqEQP3C-kJMm5Jh7YSd5hu3bcL2uQmow26RgCmYm5YuURDQ==
GET H2	500	all Show response ns1.cdn.login.karolina.staging.zen.do/api/v1/offers-catalog/forms/	162 B 275 B	505ms 505ms	XHR application/json	54.72.193.179 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ns1.cdn.login.karolina.staging.zen.do/api/v1/offers-catalog/forms/all Requested by Host: d1qznhxxl8nonu.cloudfront.net URL: https://d1qznhxxl8nonu.cloudfront.net/898bb4f.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.72.193.179 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-193-179.eu-west-1.compute.amazonaws.com Software openresty / PHP/8.2.22 Resource Hash f4c0bf7479523753bdb456fc290e5d632dbc6d7756a68f5462cff4a8eb788992 Request headers Accept application/json, text/plain, */* Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 With-Cookies * Response headers date Tue, 20 Aug 2024 19:13:38 GMT cache-control no-cache, private server openresty x-powered-by PHP/8.2.22 content-type application/json
GET H2	200	js Show response www.googletagmanager.com/gtag/	308 KB 103 KB	71ms 70ms	Script application/javascript	2607:f8b0:4006:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3TSH3QD9KH&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8HNHX9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0f6639c0c9746ce72f3c9809067e89e2ce2ed01bfb023a29b3f3096a52752d2a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 19:13:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 105389 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 20 Aug 2024 19:13:39 GMT
POST H2	204	collect analytics.google.com/g/	0 0	230ms 92ms	Fetch text/plain	2001:4860:4802:32::181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-3TSH3QD9KH&gtm=45je48j0v882925325z8892945810za200zb892945810&_p=1724181217893&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1909291504.1724181220&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724181219&sct=1&seg=0&dl=https%3A%2F%2Fns1.cdn.login.karolina.staging.zen.do%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=6935 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3TSH3QD9KH&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 20 Aug 2024 19:13:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ns1.cdn.login.karolina.staging.zen.do cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 269 B	239ms 101ms	Ping text/plain	2607:f8b0:4004:c17::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3TSH3QD9KH&cid=1909291504.1724181220&gtm=45je48j0v882925325z8892945810za200zb892945810&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3TSH3QD9KH&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 20 Aug 2024 19:13:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ns1.cdn.login.karolina.staging.zen.do cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	favicon.ico ns1.cdn.login.karolina.staging.zen.do/	0 145 B	121ms 121ms	Other image/x-icon	54.72.193.179 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ns1.cdn.login.karolina.staging.zen.do/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 54.72.193.179 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-72-193-179.eu-west-1.compute.amazonaws.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://ns1.cdn.login.karolina.staging.zen.do/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 19:13:39 GMT strict-transport-security max-age=15768000 last-modified Tue, 20 Aug 2024 14:20:09 GMT server openresty etag "66c4a619-0" content-type image/x-icon accept-ranges bytes content-length 0

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| __vueuse_ssr_handlers__ object| onNuxtReadyCbs function| onNuxtReady function| _ object| core function| applyFocusVisiblePolyfill object| AppZiggyConfig object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ns1.cdn.login.karolina.staging.zen.do/	1970-01-21 07:41:57	Name: zendo_user_language Value: en
			.zen.do/	1970-01-21 08:32:21	Name: _ga Value: GA1.1.1909291504.1724181220
			.zen.do/	1970-01-21 08:32:21	Name: _ga_3TSH3QD9KH Value: GS1.1.1724181219.1.0.1724181219.60.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ns1.cdn.login.karolina.staging.zen.do/api/v1/auth/me Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://ns1.cdn.login.karolina.staging.zen.do/api/v1/offers-catalog/forms/all Message: Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
d1qznhxxl8nonu.cloudfront.net
ns1.cdn.login.karolina.staging.zen.do
stats.g.doubleclick.net
www.googletagmanager.com
2001:4860:4802:32::181
2600:9000:2511:8c00:1c:c46a:2680:93a1
2607:f8b0:4004:c17::9d
2607:f8b0:4006:80f::2008
54.72.193.179
0a2b8deb28c4404e736aac5eacf3e480464f349f9aa9157fbb1db5fdebcf4419
0f6639c0c9746ce72f3c9809067e89e2ce2ed01bfb023a29b3f3096a52752d2a
26636229963c9b0bd0d1eafa739b9b8ab172cf4a9f7cadb97c324387f47957d3
321516be7474d837dddd189697aee8f8f12dcb24928c5a8d8656121ca2858bfc
348de011f9164080eb86efbebbd0bbf3637bd6c04801cd3b485d4c79063e3227
5435562080b8812622dfa1e7b8f61bebb5c04601c1d2130d49467699d2aad0a5
5aa04772f60f669c17cd2ed6612a90916e0eecaf2bb5c761b0341e0e582f7af9
5b4e40aab33211ba34e210d54ec72fbd01d13833cc1ed0a566c4903b0289e86b
662ad59df1dc6095c3afaa347ae02c9f7f335253ea2d6e3e7c495ff4c91a4c4b
6f0ba22c1fe0c6f5a64def0b869978b312b0020f55715bc543a9dc4acbd8f361
94b020f4e9c3d65def00bb3ed01e4b678c769f5dc60b1b9b9bb26f89929e61b3
969887a25b9673ae778cca04c50834d64906ed0145aa91bf852dd1940bc85383
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4c0bf7479523753bdb456fc290e5d632dbc6d7756a68f5462cff4a8eb788992