accounts.staging.cloversites.com Open in urlscan Pro
52.8.207.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://accounts.staging.cloversites.com/
Effective URL:
https://accounts.staging.cloversites.com/login
Submission: On July 15 via automatic, source certstream-suspicious (July 15th 2024, 2:13:14 pm UTC) — Scanned from US

Summary HTTP 33 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 1 countries across 14 domains to perform 33 HTTP transactions. The main IP is 52.8.207.9, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is accounts.staging.cloversites.com.
TLS certificate: Issued by R10 on July 15th 2024. Valid for: 3 months.

This is the only time accounts.staging.cloversites.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	52.8.207.9 52.8.207.9	16509 (AMAZON-02) (AMAZON-02)
2 2	54.183.226.174 54.183.226.174	16509 (AMAZON-02) (AMAZON-02)
1 1	23.9.152.109 23.9.152.109	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:251... 2600:9000:2514:c800:18:216b:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	75.2.43.150 75.2.43.150	16509 (AMAZON-02) (AMAZON-02)
1 4	54.236.146.168 54.236.146.168	14618 (AMAZON-AES) (AMAZON-AES)
1	52.216.106.69 52.216.106.69	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:9284	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:5a3e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c04::5f	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:297c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:400d:c0b::61	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:400d:c0f::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c09::8b	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:141b:f00... 2600:141b:f000:4a1::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
33	17

9 52.8.207.9 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-207-9.us-west-1.compute.amazonaws.com

accounts.staging.cloversites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.183.226.174 (San Jose, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-226-174.us-west-1.compute.amazonaws.com

dashboard.staging.cloversites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.9.152.109 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-152-109.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2514:c800:18:216b:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.cloversites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.43.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6033b2998aeb1ff7.awsglobalaccelerator.com

hello.cloversites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.236.146.168 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-146-168.compute-1.amazonaws.com

www.cloversites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.106.69 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9284 (United States)

ASN13335 (CLOUDFLARENET, US)

2513344.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:5a3e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:297c (United States)

ASN13335 (CLOUDFLARENET, US)

6060861.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c0b::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0f::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c09::8b (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:f000:4a1::1e80 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cloversites.com 6 redirects accounts.staging.cloversites.com dashboard.staging.cloversites.com assets.cloversites.com — Cisco Umbrella Rank: 545272 hello.cloversites.com www.cloversites.com	258 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	72 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	209 KB
2	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 20878	3 KB
2	hubspotusercontent-na1.net 2513344.fs1.hubspotusercontent-na1.net 6060861.fs1.hubspotusercontent-na1.net	210 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 521	9 KB
1	gstatic.com fonts.gstatic.com	19 KB
1	hubspot.com no-cache.hubspot.com — Cisco Umbrella Rank: 34139	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	amazonaws.com s3.amazonaws.com	14 KB
1	typography.com 1 redirects cloud.typography.com — Cisco Umbrella Rank: 14479	447 B
33	14

	Domain	Requested by
9	accounts.staging.cloversites.com	2 redirects accounts.staging.cloversites.com
4	www.cloversites.com	1 redirects accounts.staging.cloversites.com www.cloversites.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.cloversites.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	www.cloversites.com
2	connect.facebook.net	www.cloversites.com connect.facebook.net
2	www.googletagmanager.com	www.cloversites.com www.googletagmanager.com
2	cdn2.hubspot.net	www.cloversites.com
2	dashboard.staging.cloversites.com	2 redirects
1	assets.adobedtm.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	no-cache.hubspot.com	www.cloversites.com
1	6060861.fs1.hubspotusercontent-na1.net	www.cloversites.com
1	fonts.googleapis.com	www.cloversites.com
1	2513344.fs1.hubspotusercontent-na1.net	www.cloversites.com
1	s3.amazonaws.com	accounts.staging.cloversites.com
1	hello.cloversites.com	1 redirects
1	assets.cloversites.com	accounts.staging.cloversites.com
1	cloud.typography.com	1 redirects
33	19

This site contains links to these domains. Also see Links.

Domain
www.cloversites.com

Subject Issuer	Validity	Valid
accounts.staging.cloversites.com R10	`2024-07-15` - `2024-10-13`	3 months	crt.sh
www.cloversites.com R11	`2024-07-11` - `2024-10-09`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-05-25` - `2025-05-02`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2024-03-06` - `2024-12-31`	10 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-23` - `2024-07-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://accounts.staging.cloversites.com/login
Frame ID: 124E96DF977F4471B62A00AE3DE9A62C
Requests: 13 HTTP requests in this frame

Frame: https://www.cloversites.com/in-app/
Frame ID: 9EE4640BECF4FF765A97B10C5749BD36
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Clover | Sign In

Page URL History Show full URLs

https://accounts.staging.cloversites.com/ HTTP 301
https://dashboard.staging.cloversites.com/ HTTP 302
https://dashboard.staging.cloversites.com/users/auth/clover?redirect_path=%2F HTTP 302
http://accounts.staging.cloversites.com/oauth/authorize?client_id=115d5bd660b62062bd9740e51b526bb3e96bb166911a6e7ab9... HTTP 307
https://accounts.staging.cloversites.com/oauth/authorize?client_id=115d5bd660b62062bd9740e51b526bb3e96bb166911a6e7ab9... HTTP 302
https://accounts.staging.cloversites.com/login Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

94 %
HTTPS

68 %
IPv6

14
Domains

19
Subdomains

17
IPs

1
Countries

921 kB
Transfer

1999 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloversites.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://accounts.staging.cloversites.com/ HTTP 301
https://dashboard.staging.cloversites.com/ HTTP 302
https://dashboard.staging.cloversites.com/users/auth/clover?redirect_path=%2F HTTP 302
http://accounts.staging.cloversites.com/oauth/authorize?client_id=115d5bd660b62062bd9740e51b526bb3e96bb166911a6e7ab925cc9399da4e01&redirect_uri=https%3A%2F%2Fdashboard.staging.cloversites.com%2Fusers%2Fauth%2Fclover%2Fcallback%3Fredirect_path%3D%252F&response_type=code&state=8da7fbb16878155c6830852c826b77edc628eb9d1222b999 HTTP 307
https://accounts.staging.cloversites.com/oauth/authorize?client_id=115d5bd660b62062bd9740e51b526bb3e96bb166911a6e7ab925cc9399da4e01&redirect_uri=https%3A%2F%2Fdashboard.staging.cloversites.com%2Fusers%2Fauth%2Fclover%2Fcallback%3Fredirect_path%3D%252F&response_type=code&state=8da7fbb16878155c6830852c826b77edc628eb9d1222b999 HTTP 302
https://accounts.staging.cloversites.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cloud.typography.com/783152/623904/css/fonts.css HTTP 302
https://assets.cloversites.com/fonts/648782/922EBAABFD75BCAE9.css

Request Chain 4

https://hello.cloversites.com/in-app HTTP 301
https://www.cloversites.com/in-app HTTP 301
https://www.cloversites.com/in-app/

33 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
accounts.staging.cloversites.com/
Redirect Chain

https://accounts.staging.cloversites.com/
https://dashboard.staging.cloversites.com/
https://dashboard.staging.cloversites.com/users/auth/clover?redirect_path=%2F
http://accounts.staging.cloversites.com/oauth/authorize?client_id=115d5bd660b62062bd9740e51b526bb3e96bb166911a6e7ab925cc9399da4e01&redirect_uri=https%3A%2F%2Fdashboard.staging.cloversites.com%2Fuse...
https://accounts.staging.cloversites.com/oauth/authorize?client_id=115d5bd660b62062bd9740e51b526bb3e96bb166911a6e7ab925cc9399da4e01&redirect_uri=https%3A%2F%2Fdashboard.staging.cloversites.com%2Fus...
https://accounts.staging.cloversites.com/login

3 KB
3 KB

224ms
223ms

Document
text/html

52.8.207.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.staging.cloversites.com/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.8.207.9 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-8-207-9.us-west-1.compute.amazonaws.com

Software

nginx + Phusion Passenger(R) 6.0.10 / Phusion Passenger(R) 6.0.10 cloud66

Resource Hash

597a347d6819e48028e749fdb77cb47c33bbdb45590f2c17448303c33f2e1ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https:://greenhouse.staging.cloversites.com
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 15 Jul 2024 14:13:08 GMT
ETag: W/"a3a2ccedde6597573bb3149202371774"
Server: nginx + Phusion Passenger(R) 6.0.10
Status: 200 OK
X-Content-Type-Options: nosniff
X-Frame-Options: ALLOW-FROM https:://greenhouse.staging.cloversites.com
X-Powered-By: Phusion Passenger(R) 6.0.10 cloud66
X-Request-Id: fec86967-a207-4e63-b697-64cc9df1445e
X-Runtime: 0.138341
X-XSS-Protection: 1; mode=block
transfer-encoding: chunked

Redirect headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 112
Content-Type: text/html; charset=utf-8
Date: Mon, 15 Jul 2024 14:13:08 GMT
Location: https://accounts.staging.cloversites.com/login
Server: nginx + Phusion Passenger(R) 6.0.14
Status: 302 Found
X-Content-Type-Options: nosniff
X-Frame-Options: ALLOW-FROM https:://greenhouse.staging.cloversites.com
X-Powered-By: Phusion Passenger(R) 6.0.14 cloud66
X-Request-Id: 5fa89246-202d-4a63-afe3-a31d351f0e8e
X-Runtime: 0.004682
X-XSS-Protection: 1; mode=block

GET
H2

200

922EBAABFD75BCAE9.css
assets.cloversites.com/fonts/648782/
Redirect Chain

https://cloud.typography.com/783152/623904/css/fonts.css
https://assets.cloversites.com/fonts/648782/922EBAABFD75BCAE9.css

133 KB
101 KB

272ms
98ms

Stylesheet
text/css

2600:9000:2514:c800:18:216b:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.cloversites.com/fonts/648782/922EBAABFD75BCAE9.css
Requested by: Host: accounts.staging.cloversites.com
URL: https://accounts.staging.cloversites.com/login
Protocol: H2
Server: 2600:9000:2514:c800:18:216b:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9ed4ed874f3f55c3362f4e93cd1febc095ebb6c107566f4393c627213883b84

Request headers

Referer: https://accounts.staging.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 14:13:10 GMT
content-encoding: gzip
via: 1.1 b8a14e264cc616c0c59fba7aea8f19be.cloudfront.net (CloudFront)
last-modified: Wed, 21 Mar 2018 22:04:01 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
etag: W/"39c3e146e58e550d5d58cc24c6b4d1c3"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: qbfM10wHL35jmf0FBWYBON6m99Fd7HF9j6t_YpuPATi2LTQ1GbYP8w==

Redirect headers

Date: Mon, 15 Jul 2024 14:13:08 GMT
Last-Modified: Wed, 21 Mar 2018 22:05:35 GMT
Server: AkamaiNetStorage
X-HCo-pid: 19
ETag: "0865f83bb76c9625f89f9143f983a588:1648224259.544542"
Content-Type: text/html
Location: https://assets.cloversites.com/fonts/648782/922EBAABFD75BCAE9.css
Cache-Control: must-revalidate, private
Connection: keep-alive
Content-Length: 154
Expires: Mon, 15 July 2024 14:13:08 GMT

GET
H/1.1 200
OK accounts-a0de222039e6c4b84089988392b14e95d6fe9036e88a4b50a7ef044d5ffac3d2.css
accounts.staging.cloversites.com/assets/ 13 KB
4 KB 85ms
84ms Stylesheet
text/css 52.8.207.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.staging.cloversites.com/assets/accounts-a0de222039e6c4b84089988392b14e95d6fe9036e88a4b50a7ef044d5ffac3d2.css
Requested by: Host: accounts.staging.cloversites.com
URL: https://accounts.staging.cloversites.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.207.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-207-9.us-west-1.compute.amazonaws.com
Software: nginx / cloud66
Resource Hash: a0de222039e6c4b84089988392b14e95d6fe9036e88a4b50a7ef044d5ffac3d2

Request headers

Referer: https://accounts.staging.cloversites.com/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 14:13:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Sep 2022 17:04:23 GMT
Server: nginx
ETag: W/"63347e97-327d"
X-Powered-By: cloud66
Content-Type: text/css
Connection: keep-alive
Content-Length: 4237

GET
H/1.1 200
OK accounts-277ac2520c2099b13d93d87299c572586f0c6e245a60febdb8cffd35a81719a5.js Show response
accounts.staging.cloversites.com/assets/ 340 KB
122 KB 255ms
168ms Script
application/javascript 52.8.207.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.staging.cloversites.com/assets/accounts-277ac2520c2099b13d93d87299c572586f0c6e245a60febdb8cffd35a81719a5.js
Requested by: Host: accounts.staging.cloversites.com
URL: https://accounts.staging.cloversites.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.207.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-207-9.us-west-1.compute.amazonaws.com
Software: nginx / cloud66
Resource Hash: 277ac2520c2099b13d93d87299c572586f0c6e245a60febdb8cffd35a81719a5

Request headers

Referer: https://accounts.staging.cloversites.com/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 14:13:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Apr 2022 15:07:19 GMT
Server: nginx
ETag: W/"624daca7-54fa9"
X-Powered-By: cloud66
transfer-encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK clover-icon@2x-cdc50c5cd41c6b452f37aeefc6968189095bfa6c9c56f2775dc0ae3c79159c85.png
accounts.staging.cloversites.com/assets/users/ 3 KB
3 KB 84ms
84ms Image
image/png 52.8.207.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.staging.cloversites.com/assets/users/clover-icon@2x-cdc50c5cd41c6b452f37aeefc6968189095bfa6c9c56f2775dc0ae3c79159c85.png
Requested by: Host: accounts.staging.cloversites.com
URL: https://accounts.staging.cloversites.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.207.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-207-9.us-west-1.compute.amazonaws.com
Software: nginx / cloud66
Resource Hash: cdc50c5cd41c6b452f37aeefc6968189095bfa6c9c56f2775dc0ae3c79159c85

Request headers

Referer: https://accounts.staging.cloversites.com/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 14:13:09 GMT
Last-Modified: Wed, 28 Sep 2022 17:03:08 GMT
Server: nginx
ETag: "63347e4c-ce1"
X-Powered-By: cloud66
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3297

GET
H2

200

/ Show response
www.cloversites.com/in-app/ Frame 9EE4
Redirect Chain

https://hello.cloversites.com/in-app
https://www.cloversites.com/in-app
https://www.cloversites.com/in-app/

59 KB
7 KB

19ms
19ms

Document
text/html

54.236.146.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloversites.com/in-app/
Requested by: Host: accounts.staging.cloversites.com
URL: https://accounts.staging.cloversites.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.236.146.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-146-168.compute-1.amazonaws.com
Software: nginx / WP Engine
Resource Hash: 0ba6a726b50efb77d0dee90b5ba374b6858b34bb27b0094a90416c3dc1ca9420

Request headers

Referer: https://accounts.staging.cloversites.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=600, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 15 Jul 2024 14:13:10 GMT
link: <https://www.cloversites.com/wp-json/>; rel="https://api.w.org/" <https://www.cloversites.com/wp-json/wp/v2/pages/953>; rel="alternate"; type="application/json" <https://www.cloversites.com/?p=953>; rel=shortlink
server: nginx
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 10
x-cache-group: normal
x-cacheable: SHORT
x-powered-by: WP Engine

Redirect headers

cache-control: max-age=600, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 15 Jul 2024 14:13:10 GMT
expires: Mon, 15 Jul 2024 15:09:29 GMT
location: https://www.cloversites.com/in-app/
server: nginx
x-cache: HIT: 3
x-cache-group: normal
x-cacheable: non200
x-powered-by: WP Engine
x-redirect-by: WordPress

GET
H/1.1 200
OK accounts_pattern-de5c25e56f3a4ed9867459b63aca1efaeaee1fcd4a75b821b96bfaac5d24c252.png
accounts.staging.cloversites.com/assets/users/ 3 KB
3 KB 85ms
84ms Image
image/png 52.8.207.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.staging.cloversites.com/assets/users/accounts_pattern-de5c25e56f3a4ed9867459b63aca1efaeaee1fcd4a75b821b96bfaac5d24c252.png
Requested by: Host: accounts.staging.cloversites.com
URL: https://accounts.staging.cloversites.com/assets/accounts-a0de222039e6c4b84089988392b14e95d6fe9036e88a4b50a7ef044d5ffac3d2.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.207.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-207-9.us-west-1.compute.amazonaws.com
Software: nginx / cloud66
Resource Hash: de5c25e56f3a4ed9867459b63aca1efaeaee1fcd4a75b821b96bfaac5d24c252

Request headers

Referer: https://accounts.staging.cloversites.com/assets/accounts-a0de222039e6c4b84089988392b14e95d6fe9036e88a4b50a7ef044d5ffac3d2.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 14:13:09 GMT
Last-Modified: Wed, 06 Apr 2022 15:05:28 GMT
Server: nginx
ETag: "624dac38-cbd"
X-Powered-By: cloud66
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3261

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88693ebe4f24989a6102df5ee90bb285ffaeaf6f1f85c69d1f3948300697a84c

Request headers

Referer
Origin: https://accounts.staging.cloversites.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e90b20a715191099d5fd051c6cc78df9ceca02cceea2672993abef00a9c229c

Request headers

Referer
Origin: https://accounts.staging.cloversites.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 13 KB
13 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21c3e26f8a3b1068bd2075ffed3d5079293d284c95527eeae1517d414f5afeaf

Request headers

Referer
Origin: https://accounts.staging.cloversites.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H/1.1 200
OK cloveraccounts-08471cb4497b7bdc4d15412e78ccba0186934ff5fcb7498bb7da6179bee0ca38.woff
accounts.staging.cloversites.com/assets/ 1 KB
2 KB 119ms
86ms Font
font/woff 52.8.207.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.staging.cloversites.com/assets/cloveraccounts-08471cb4497b7bdc4d15412e78ccba0186934ff5fcb7498bb7da6179bee0ca38.woff
Requested by: Host: accounts.staging.cloversites.com
URL: https://accounts.staging.cloversites.com/assets/accounts-a0de222039e6c4b84089988392b14e95d6fe9036e88a4b50a7ef044d5ffac3d2.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.207.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-207-9.us-west-1.compute.amazonaws.com
Software: nginx / cloud66
Resource Hash: 08471cb4497b7bdc4d15412e78ccba0186934ff5fcb7498bb7da6179bee0ca38

Request headers

Referer: https://accounts.staging.cloversites.com/assets/accounts-a0de222039e6c4b84089988392b14e95d6fe9036e88a4b50a7ef044d5ffac3d2.css
Origin: https://accounts.staging.cloversites.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 14:13:09 GMT
Last-Modified: Wed, 28 Sep 2022 17:03:08 GMT
Server: nginx
ETag: "63347e4c-548"
X-Powered-By: cloud66
Content-Type: font/woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1352

GET
H/1.1 200
OK proximanova-reg.woff
s3.amazonaws.com/assets.cloversites.com/fonts/ProximaNova/ 13 KB
14 KB 99ms
42ms Font
application/font-woff 52.216.106.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.cloversites.com/fonts/ProximaNova/proximanova-reg.woff
Requested by: Host: accounts.staging.cloversites.com
URL: https://accounts.staging.cloversites.com/assets/accounts-a0de222039e6c4b84089988392b14e95d6fe9036e88a4b50a7ef044d5ffac3d2.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.106.69 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 03d3b0e845dea8e28786bb177d9d88320b42261f7aa341649875385558707fa0

Request headers

Referer: https://accounts.staging.cloversites.com/
Origin: https://accounts.staging.cloversites.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 14:13:10 GMT
Last-Modified: Wed, 08 Feb 2023 17:43:36 GMT
Server: AmazonS3
x-amz-request-id: EWPE9HNHTCRMMJ0D
ETag: "f54ee730cf17a39aa0357413f3acda8a"
x-amz-server-side-encryption: AES256
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Type: application/font-woff
Accept-Ranges: bytes
Content-Length: 13616
x-amz-id-2: Ll8EsEDgGTPkPPDG3uY2fG+lZ90Ip8vFTCaNOxsS6voeJGrihNqWoN1CSvDPnqKMf6EX5+9eOio=

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89331eb928ad5500261d4f476f7f89082ad812748fc6eae2a9aabeefb811afd7

Request headers

Referer
Origin: https://accounts.staging.cloversites.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H2 404 jquery-1.7.1.js
www.cloversites.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ Frame 9EE4 0
0 22ms
17ms Script
text/html 54.236.146.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloversites.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
Requested by: Host: www.cloversites.com
URL: https://www.cloversites.com/in-app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.236.146.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-146-168.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.cloversites.com/in-app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 14:13:10 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/html

GET
H2 200 Whitney-Fonts.css
2513344.fs1.hubspotusercontent-na1.net/hubfs/2513344/CSS/ Frame 9EE4 200 KB
133 KB 158ms
70ms Stylesheet
text/css 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2513344.fs1.hubspotusercontent-na1.net/hubfs/2513344/CSS/Whitney-Fonts.css
Requested by: Host: www.cloversites.com
URL: https://www.cloversites.com/in-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c02b8ba1ccd8d9025f94195423e23fea7091157376930e723364f7deaefcfa7

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 14:13:10 GMT
via: 1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-meta-cache-tag: F-4402789578,P-2513344,FLS-ALL
x-amz-version-id: APZVh4QmPnlIZDiZKh.bDmZj5I6l8fFT
age: 336753
x-amz-cf-pop: JFK50-P6
x-amz-request-id: 7XY7ZYBAFQZZ0XZQ
edge-cache-tag: F-4402789578,P-2513344,FLS-ALL
cache-tag: F-4402789578,P-2513344,FLS-ALL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-id-2: ZeVlUjnpDSR9zZWhqUcNpTo/RKvs3eI2iUIx14x9ZY1MC+e20e63SfQObXUKLwQoQBdgg2KKPF0=
last-modified: Mon, 09 Oct 2017 04:36:33 GMT
server: cloudflare
etag: W/"67e88393577621ceec0980931872bc58"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8a3a5a03ba3c19ef-EWR
timing-allow-origin: 2513344.fs1.hubspotusercontent-na1.net
x-amz-cf-id: yyOBEWPPZscaSTcwG2ayJLOlK9ftfn5MPnxnU9-MFDC4ekLuZlSGqA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1698241598733/hubspot/hubspot_default/shared/responsive/ Frame 9EE4 4 KB
2 KB 54ms
36ms Stylesheet
text/css 2606:4700::6812:5a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1698241598733/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.cloversites.com
URL: https://www.cloversites.com/in-app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 1222594
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"94daf62e7e6df83595c6251fb0c7c055"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1698241599553
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 15 Jul 2024 14:13:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 6ad066a3-a88b-445f-bac7-f4e650cf1f5f
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 245
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6ad066a3-a88b-445f-bac7-f4e650cf1f5f
last-modified: Wed, 25 Oct 2023 13:46:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kt51oq9OzkBbCucUEfgqa0MVdiada9Hx7U3AqxkhalAos0R5qt8pTxspLTXETMiyE30csz%2FCDjYBrCwmFu5RJ%2BaY%2BgRhGX%2F8zLC8XPp1%2Ft3N%2FLRVC00feN3Qbg%2BSmphqODKp2X0t2q5YMARFFo8%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 8a3a5a034e544235-EWR
timing-allow-origin: cdn2.hubspot.net

GET
H2 200 css
fonts.googleapis.com/ Frame 9EE4 6 KB
2 KB 82ms
31ms Stylesheet
text/css 2607:f8b0:400d:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Baskerville|Open+Sans

Requested by

Host: www.cloversites.com
URL: https://www.cloversites.com/in-app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e733a4fc2220ed1402b99308bade12136c331aa9ea41280a20670c9b531f2eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jul 2024 14:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 14:13:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jul 2024 14:13:10 GMT

GET
H2 200 Clover-Ad-Image-Live-Stream-2%20(2).jpg
6060861.fs1.hubspotusercontent-na1.net/hubfs/6060861/ Frame 9EE4 75 KB
76 KB 133ms
65ms Image
image/webp 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6060861.fs1.hubspotusercontent-na1.net/hubfs/6060861/Clover-Ad-Image-Live-Stream-2%20(2).jpg?width=836&name=Clover-Ad-Image-Live-Stream-2%20(2).jpg
Requested by: Host: www.cloversites.com
URL: https://www.cloversites.com/in-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 289671b42b0fd6db598558b2f151c43b1933ffcfe0408e203c70174233202476

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-27159218350,FD-169430068224,P-6060861,FLS-ALL
age: 263037
x-amz-request-id: NQY4TC7WXR4AHJJ7
x-amz-server-side-encryption: AES256
edge-cache-tag: F-27159218350,FD-169430068224,P-6060861,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="Clover-Ad-Image-Live-Stream-2%20(2).webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-not-indexable
cf-bgj: imgq:85,h2pri
etag: "e0184c2471818c00df8c4ccd4ef3dc83"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1584432911710
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 15 Jul 2024 14:13:10 GMT
via: 1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: uy6Es568fP_eVPlm98TGGwVsta717.FT
x-amz-cf-pop: JFK50-P6
cf-polished: qual=85, origFmt=jpeg, origSize=752135
x-cache: Miss from cloudfront
cache-tag: F-27159218350,FD-169430068224,P-6060861,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 76956
x-amz-id-2: 0fv/+mrTByrQ/wMrRseJ9p74IIWl6FF+ARERf3VZVXIy0DErle4YWJvn56IegGusRf0IWg9EmRY=
last-modified: Tue, 04 Jun 2024 18:20:29 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 8a3a5a039c7dc35d-EWR
timing-allow-origin: 6060861.fs1.hubspotusercontent-na1.net
x-amz-cf-id: tml1bUdaBU-lRoRdZrwNdUj4RLv6D-svkPmpG1cazULi8sSyCkvcVw==

GET
H2 200 75d74e2b-a265-4d98-8450-a4ea6e4f0438.png
no-cache.hubspot.com/cta/default/6060861/ Frame 9EE4 3 KB
4 KB 99ms
72ms Image
image/png 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/6060861/75d74e2b-a265-4d98-8450-a4ea6e4f0438.png

Requested by

Host: www.cloversites.com
URL: https://www.cloversites.com/in-app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9276b783c719e7fd70a86b053d92a4b91d145ba91b76f7b19759a993f8c92e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 14:13:10 GMT
x-amz-version-id: null
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: 9YBQ8ZJEMV6JZMHX
x-amz-server-side-encryption: AES256
content-length: 2623
x-amz-id-2: QdExGsB1OvS+R/BVYWNv2MQsXTXmuJN+9zeKDtOpl0PXoRsEytFrvUvkQzM5t8+q68xh0XUzn6R4nDhyDdFIcwnNLd+XQMOn
last-modified: Tue, 17 Mar 2020 08:24:01 GMT
server: cloudflare
etag: "a3108c2536f8833741bcff97e1b1ffc4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0fiDxytV5y2NFokdo7eHDMkzfjJSQK4ycyKR8lCkwp8xvHPWPkg9BJV%2FcxtNj6E9m13q7WdQFOZ3MgUMkHChQGro0usW5pbn0Y3E3yK%2FSHdQPwipBCBsOiTT6gPTMZZ32StvQt%2F675klDCCLsP7gVLKm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 8a3a5a035f315e79-EWR

GET
H2 404 current.js
www.cloversites.com/hs/cta/cta/ Frame 9EE4 0
0 19ms
18ms Script
text/html 54.236.146.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cloversites.com/hs/cta/cta/current.js
Requested by: Host: www.cloversites.com
URL: https://www.cloversites.com/in-app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.236.146.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-146-168.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://www.cloversites.com/in-app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 14:13:10 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/html

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 9EE4 309 KB
106 KB 87ms
39ms Script
application/javascript 2607:f8b0:400d:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N43X7T

Requested by

Host: www.cloversites.com
URL: https://www.cloversites.com/in-app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b087e84a86cbaaa5c8a2679a0aba1472f6beff1c09f0a6e2e1dea4e536a49819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 14:13:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107729
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Jul 2024 14:13:10 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 9EE4 223 KB
60 KB 50ms
17ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.cloversites.com
URL: https://www.cloversites.com/in-app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 Jul 2024 14:13:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=12, mss=1328, tbw=2787, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: i7ev/xNNhaBaJ/OYxCGJOF8+GJFuPEofsrz5tOzm/Oiv90y9hXKMPGN79T4U/gQuSdGO51w+hDTZNsHA1Xk3GQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET cloversites-icons-39134ede2a9f4d80df03e75fe859ae9dfc9c62c75572b693172a7bd5d86b591f.ttf
www.cloversites.com/assets/cloversites-icons/ Frame 9EE4 0
0

GET
DATA 200
OK truncated
/ Frame 9EE4 13 KB
13 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75503e8f9443b08d750478c701d5fa78d6aa4ac0ea919c0d98f43c8e8923c38a

Request headers

Referer
Origin: https://www.cloversites.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ Frame 9EE4 13 KB
13 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2486adf74f2c223fc6b5d0b86cd29958368811117bc38dc45bd18be3d95f6e6f

Request headers

Referer
Origin: https://www.cloversites.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 9EE4 18 KB
19 KB 70ms
23ms Font
font/woff2 2607:f8b0:400d:c0f::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Baskerville|Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0f::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cloversites.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 14 Jul 2024 02:32:14 GMT
x-content-type-options: nosniff
age: 128456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jul 2025 02:32:14 GMT

GET
DATA 200
OK truncated
/ Frame 9EE4 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31b0b8b7b3d391a94e2b07a6ffa3803d39d29c82a689a924815fe7bca91a228f

Request headers

Referer
Origin: https://www.cloversites.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
DATA 200
OK truncated
/ Frame 9EE4 6 KB
6 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7692c6235a6f9aceef6f34b710f916c5296dfc9b0b5ced5787e04558d389426b

Request headers

Referer
Origin: https://www.cloversites.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff

GET
H3 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1698241598733/hubspot/hubspot_default/shared/responsive/ Frame 9EE4 4 KB
1 KB 27ms
26ms Other
text/css 2606:4700::6812:5a3e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1698241598733/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.cloversites.com
URL: https://www.cloversites.com/in-app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:5a3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 1222594
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"94daf62e7e6df83595c6251fb0c7c055"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-created-unix-time-millis: 1698241599553
access-control-allow-origin: *
x-evy-trace-virtual-host: all
content-type: text/css
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Mon, 15 Jul 2024 14:13:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 6ad066a3-a88b-445f-bac7-f4e650cf1f5f
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 245
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6ad066a3-a88b-445f-bac7-f4e650cf1f5f
last-modified: Wed, 25 Oct 2023 13:46:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pfy2N9bvlS5%2BORtx8%2FLKUF4c%2B%2BtrAQOC3mRyBY5DTSPsjICo%2BaBH%2FfRumXB%2BOxBzJEtfvxTdy43gMaBa4vc91%2B6YHICnbYf2B6qrnMFh3N1nMxlQAv2IL3AoAPZzSB7HA8pZgtzF%2FjHYv08LB9E%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 8a3a5a045fd54235-EWR
timing-allow-origin: cdn2.hubspot.net

GET
H2 200 301393330220905 Show response
connect.facebook.net/signals/config/ Frame 9EE4 60 KB
12 KB 93ms
92ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/301393330220905?v=2.9.161&r=stable&domain=accounts.staging.cloversites.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

720836aae022eda3657b4548c3b3d0f8aba1bc4cc8ec43c4da1422458027abd4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 Jul 2024 14:13:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=64, mss=1328, tbw=64172, tp=-1, tpl=-1, uplat=76, ullat=0
pragma: public
x-fb-debug: HzZ9CQ2GPWkpZGstt9ZxXy6m+w9/ZSKCoH4DXG9MCm3PKfjLp0hGpPaX5iwMdAdWUVUJ8mWZv7t6whzbbJ9mnA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 9EE4 308 KB
103 KB 36ms
36ms Script
application/javascript 2607:f8b0:400d:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3D05JDZK2E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N43X7T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0b::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a25a89b87deae93c93c62ec297480ee3ea0090b7c71e06ef7b7b309d4291e1aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 14:13:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 Jul 2024 14:13:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 9EE4 52 KB
21 KB 52ms
15ms Script
text/javascript 2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N43X7T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 Jul 2024 13:07:21 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3949
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 15 Jul 2024 15:07:21 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 9EE4 49 KB
14 KB 87ms
24ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N43X7T

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 15 Jul 2024 14:13:10 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 94FECAEC09F84F6FA190A3C8B2A91322 Ref B: EWR311000103023 Ref C: 2024-07-15T14:13:10Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 launch-f135f5386cbb.min.js Show response
assets.adobedtm.com/175f7caa2b90/b2cdde1b51b3/ Frame 9EE4 24 KB
9 KB 280ms
13ms Script
application/x-javascript 2600:141b:f000:4a1::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/175f7caa2b90/b2cdde1b51b3/launch-f135f5386cbb.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N43X7T
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:f000:4a1::1e80 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ed86d3c695f0606c769daff3c0cdcd775cfecf7f6d28c0e32941a861ea5d717e

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 14:13:10 GMT
content-encoding: gzip
last-modified: Fri, 21 Jan 2022 02:34:52 GMT
server: AkamaiNetStorage
etag: "f503b5e804f2f02e23f205cc03cf9532:1642732492.486356"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.cloversites.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 9294
expires: Mon, 15 Jul 2024 15:13:10 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 9EE4 0
274 B 50ms
15ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=301393330220905&ev=PageView&dl=https%3A%2F%2Fwww.cloversites.com%2Fin-app%2F&rl=https%3A%2F%2Faccounts.staging.cloversites.com%2F&if=true&ts=1721052790655&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1721052790653.60699878789811747&ler=other&cdl=API_unavailable&it=1721052790540&coo=false&rqm=GET

Requested by

Host: www.cloversites.com
URL: https://www.cloversites.com/in-app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1328, tbw=2792, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 Jul 2024 14:13:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 9EE4 67 B
4 KB 135ms
102ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=301393330220905&ev=PageView&dl=https%3A%2F%2Fwww.cloversites.com%2Fin-app%2F&rl=https%3A%2F%2Faccounts.staging.cloversites.com%2F&if=true&ts=1721052790655&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1721052790653.60699878789811747&ler=other&cdl=API_unavailable&it=1721052790540&coo=false&rqm=FGET

Requested by

Host: www.cloversites.com
URL: https://www.cloversites.com/in-app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x9df2e8638539aed2","source_keys":["1","2"]},{"key_piece":"0xe9f88208e2781d3c","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Mon, 15 Jul 2024 14:13:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7391865447990243368", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1328, tbw=3110, tp=-1, tpl=-1, uplat=85, ullat=0
pragma: no-cache
x-fb-debug: LFq2fjjE4ffObr+dgnWiR/wt3vFUEZNUNPgB3KdHOm8AOhOXZHofV5UxSE2LRljkPtyWGy4tWq9wG4Cg7Nm4kA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7391865447990243368"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ Frame 9EE4 0
0 27ms
26ms Fetch
text/plain 2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-3D05JDZK2E&gtm=45je4790v877321363z872209677za200zb72209677&_p=1721052790441&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=2086029031.1721052791&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=2&pscdl=noapi&_s=1&sid=1721052790&sct=1&seg=0&dl=https%3A%2F%2Fwww.cloversites.com%2Fin-app%2F&dr=https%3A%2F%2Faccounts.staging.cloversites.com%2F&dt=Clover%20Sites%20Offer&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1428&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3D05JDZK2E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 14:13:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cloversites.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 9EE4 3 B
93 B 25ms
24ms XHR
text/plain 2607:f8b0:4004:c09::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1149854511&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cloversites.com%2Fin-app%2F&dr=https%3A%2F%2Faccounts.staging.cloversites.com%2F&ul=en-us&de=UTF-8&dt=Clover%20Sites%20Offer&sd=24-bit&sr=1600x1200&vp=800x1200&je=0&_u=YADAAAABAAAAAC~&jid=1602176361&gjid=822285910&cid=2086029031.1721052791&tid=UA-2654070-8&_gid=803538172.1721052791&_r=1&_slc=1&gtm=45He4790n71N43X7Tv72209677za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1810299535

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Jul 2024 14:13:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cloversites.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26056082.js Show response
bat.bing.com/p/action/ Frame 9EE4 334 B
407 B 25ms
24ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26056082.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0170197caffee3d73fe659b2b65d4c50b88310d98752d7dba0e7988e7dfe4376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 15 Jul 2024 14:13:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 32C06586AF5D42B88AB5282803B35CC7 Ref B: EWR311000103023 Ref C: 2024-07-15T14:13:10Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 204 0
bat.bing.com/action/ Frame 9EE4 0
361 B 24ms
24ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26056082&tm=gtm002&Ver=2&mid=3081168e-6f2d-4bb5-8fa1-8b905361b94b&sid=5de8dc7042b411ef84bbf52c268eb194&vid=5de90cc042b411efbb46a1a541778464&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Clover%20Sites%20Offer&p=https%3A%2F%2Faccounts.staging.cloversites.com%2F&r=&lt=1160&evt=pageLoad&ifm=1&sv=1&cdb=AQAQ&rn=821055

Requested by

Host: www.cloversites.com
URL: https://www.cloversites.com/in-app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cloversites.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 15 Jul 2024 14:13:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B0D2A3E7FBE94523B417FA03BF7C5BD2 Ref B: EWR311000103023 Ref C: 2024-07-15T14:13:10Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK favicon.ico
accounts.staging.cloversites.com/images/ 8 KB
8 KB 85ms
84ms Other
image/x-icon 52.8.207.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.staging.cloversites.com/images/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.8.207.9 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-8-207-9.us-west-1.compute.amazonaws.com
Software: nginx / cloud66
Resource Hash: f947011ad900ca74f1d46a861b263d268df4b715ec6c6f5ffde3eca8598bd62a

Request headers

Referer: https://accounts.staging.cloversites.com/login
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 14:13:10 GMT
Last-Modified: Wed, 29 May 2024 14:11:47 GMT
Server: nginx
ETag: "665737a3-209c"
X-Powered-By: cloud66
Content-Type: image/x-icon
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8348

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.cloversites.com
URL: http://www.cloversites.com/assets/cloversites-icons/cloversites-icons-39134ede2a9f4d80df03e75fe859ae9dfc9c62c75572b693172a7bd5d86b591f.ttf?uhz3a4

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.staging.cloversites.com/	1969-12-31 23:59:59	Name: _dashboard_session_staging Value: a1dQSjRJcHhiUGE1RmhVUWprZEl2MXdsYkdHMkRGYjQ5WU8waXV0ZFRRMWJIbXJNamFlZ1ZBaXJia092TFhoYTVCanQyWStnaUlJL3RqblZ1WThzWTNVbVhWSXllenV5QjlqWVd2Z0d2ZFFjUzNGN1ltNHBuSVlDU3EvT1RaaGVEelo5eDhZR2JiMmRjZ0ladXFmdnN3MUo5OXB6TTV6bklkNTdWcTdmR1J1dENTSlE3M1JpNXpkdmNBY0Z0a0xXNVZxa0oxN0ROV2JtQU5reFR4b0ZkU1RKMkVBQzBheGpKdlJyNENWS3pYNDR1NEEvTDRuS1E5bkh2c1MyOXRJOC0tZjZwZjNTbEppMTZFMWJ3YTRZQzNjQT09--facd173ebf0aa6acfec809ebe9a8c3362a96b48b
.staging.cloversites.com/	1969-12-31 23:59:59	Name: _accounts_session_staging Value: U1Fmc0Z1L3dKeHJjSUlBZEZ5djRxSTNFOC9UUzdXOG11cWh5N1A0Z3pvV2RnVzZqKzNyaHBFbURhdHlpdXprMVVOYWtreEhqWXRwS25rbm1WazJ2RXVkMWg3QnlKWElFRFNPYUJVa24yLzJIN0RPWG9SOFlMWVB3aitiRVFhTTBIL1BnbVlZU2FveFQ4Z1lNUXI1dFZnZWovMzRtN1lrZ3NwSU5VYnlPdDRsaytWMHNqYWNBOWVSRTdCalU2NitUajVjdjJPVXZ4dGUrVWFEcEQ3ZFlFcEdWRGJVNkZxblhJYm5tYUYvQzJEQmJUTGZTY3l2Z3FBaFVKSmlvQ3Z3VFdiNmtpaVhTdFZpZW4rOHVuL2Q4U0dsMUZhNjJyRkp2emkzRmkxb1pPTmQxeUowSFdtZ0dSeWs4TG1wcWF0S2VhaWRTYzc2aEZhTy94cHdIRjNzbkhTa2dRR1VOc3hwakVIMGlmZmVPRzBxZlF3engrY05rZzUvWVpOZVVIUks2bXJPNE1TQzY3WGpnWlh2bVpPRXRMS2RCNDhwc2FSSk1PcmV6eG9XN1JSZ2lDNUhrb2NueWtFUjlXeUNESXZxSzR3VC9ydGwzYW0vYWJtcHB5QzY3bFVMTDBhTkFLcm44U1JkK2JCR09Wc1J2Ty9iU1dkRXFQeGZQWWdSWDdqdFBmMksvb1pNWi9UcmhiVDJEVjFja0lwSCtkQ1YrdjJ2eXdDSjhIRFVIU2JNSENSKzRERzI5SWNkaG1ENUk4YnlpU1RxQUFyMEI5ZHFvaTYxSXZYOWFET3dwZXdhZ1plYUszWHY4aG40aW1CYmhtK3I5eWkrSy9UcGl3ODNLNEtKV2o4cUlCVC9VeExCazUrVmMyeEg3NllFOWh2Q2lIVDR2VnoxbWszbThKSDE3eWF1cHVOWnNQOHNyMW5ad0tDcTlkVXp3TFlqbHNBY2tFUXp1RFlodHhTYzErbGxhcklzU3BPZ005OXdGWCtsQ0IxTGhmSTBLZ2JxU1A5NmxWTWRXLS13cHZBMVQyWTlZRkpxcjRZNlRFR3FnPT0%3D--b1fc66b94d2d14b058d0d4a28f5b519947a04f4c
.hubspot.com/	1970-01-20 22:04:14	Name: __cf_bm Value: WS_5dL_VRZ1GJG_OBsPyBQHlC97WzpDQsq_tbyrElbc-1721052790-1.0.1.1-zlcRonIZsjC8riPksNPJZSrV1cKKkunM5GWx3Yme71t914.8wvZfzjyDFelDNGn.2Kbamh_P5x0LHka2J4NYmg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: pIJmFdnz6jtqQkak3Brs2vyju7Y49GXMsKeYWoXEvcU-1721052790354-0.0.1.1-604800000
.cloversites.com/	1970-01-21 00:13:48	Name: _gcl_au Value: 1.1.1880362855.1721052791
.cloversites.com/	1970-01-21 00:13:48	Name: _fbp Value: fb.1.1721052790653.60699878789811747
.cloversites.com/	1970-01-21 07:40:12	Name: _ga_3D05JDZK2E Value: GS1.1.1721052790.1.0.1721052790.0.0.0
.cloversites.com/	1970-01-21 07:40:12	Name: _ga Value: GA1.2.2086029031.1721052791
.cloversites.com/	1970-01-20 22:05:39	Name: _gid Value: GA1.2.803538172.1721052791
.cloversites.com/	1970-01-20 22:04:12	Name: _gat_UA-2654070-8 Value: 1
.cloversites.com/	1970-01-20 22:05:39	Name: _uetsid Value: 5de8dc7042b411ef84bbf52c268eb194
.cloversites.com/	1970-01-21 07:25:48	Name: _uetvid Value: 5de90cc042b411efbb46a1a541778464
.bing.com/	1970-01-21 07:25:48	Name: MUID Value: 3F529677AAC5614C3E3A82CAAB4F60CC
.bat.bing.com/	1970-01-20 22:14:17	Name: MR Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://accounts.staging.cloversites.com/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://www.cloversites.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.cloversites.com/hs/cta/cta/current.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.cloversites.com/in-app/(Line 157) Message: Mixed Content: The page at 'https://accounts.staging.cloversites.com/login' was loaded over HTTPS, but requested an insecure font 'http://www.cloversites.com/assets/cloversites-icons/cloversites-icons-39134ede2a9f4d80df03e75fe859ae9dfc9c62c75572b693172a7bd5d86b591f.ttf?uhz3a4'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https:://greenhouse.staging.cloversites.com
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2513344.fs1.hubspotusercontent-na1.net
6060861.fs1.hubspotusercontent-na1.net
accounts.staging.cloversites.com
assets.adobedtm.com
assets.cloversites.com
bat.bing.com
cdn2.hubspot.net
cloud.typography.com
connect.facebook.net
dashboard.staging.cloversites.com
fonts.googleapis.com
fonts.gstatic.com
hello.cloversites.com
no-cache.hubspot.com
s3.amazonaws.com
www.cloversites.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.cloversites.com
23.9.152.109
2600:141b:f000:4a1::1e80
2600:9000:2514:c800:18:216b:e40:93a1
2606:4700:4400::6812:297c
2606:4700:4400::ac40:9284
2606:4700::6810:7574
2606:4700::6812:5a3e
2607:f8b0:4004:c09::8b
2607:f8b0:400d:c04::5f
2607:f8b0:400d:c0b::61
2607:f8b0:400d:c0f::5e
2620:1ec:c11::237
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
52.216.106.69
52.8.207.9
54.183.226.174
54.236.146.168
75.2.43.150
0170197caffee3d73fe659b2b65d4c50b88310d98752d7dba0e7988e7dfe4376
03d3b0e845dea8e28786bb177d9d88320b42261f7aa341649875385558707fa0
08471cb4497b7bdc4d15412e78ccba0186934ff5fcb7498bb7da6179bee0ca38
0ba6a726b50efb77d0dee90b5ba374b6858b34bb27b0094a90416c3dc1ca9420
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21c3e26f8a3b1068bd2075ffed3d5079293d284c95527eeae1517d414f5afeaf
2486adf74f2c223fc6b5d0b86cd29958368811117bc38dc45bd18be3d95f6e6f
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
277ac2520c2099b13d93d87299c572586f0c6e245a60febdb8cffd35a81719a5
289671b42b0fd6db598558b2f151c43b1933ffcfe0408e203c70174233202476
31b0b8b7b3d391a94e2b07a6ffa3803d39d29c82a689a924815fe7bca91a228f
597a347d6819e48028e749fdb77cb47c33bbdb45590f2c17448303c33f2e1ef4
6e90b20a715191099d5fd051c6cc78df9ceca02cceea2672993abef00a9c229c
720836aae022eda3657b4548c3b3d0f8aba1bc4cc8ec43c4da1422458027abd4
75503e8f9443b08d750478c701d5fa78d6aa4ac0ea919c0d98f43c8e8923c38a
7692c6235a6f9aceef6f34b710f916c5296dfc9b0b5ced5787e04558d389426b
88693ebe4f24989a6102df5ee90bb285ffaeaf6f1f85c69d1f3948300697a84c
89331eb928ad5500261d4f476f7f89082ad812748fc6eae2a9aabeefb811afd7
8c02b8ba1ccd8d9025f94195423e23fea7091157376930e723364f7deaefcfa7
9276b783c719e7fd70a86b053d92a4b91d145ba91b76f7b19759a993f8c92e16
a0de222039e6c4b84089988392b14e95d6fe9036e88a4b50a7ef044d5ffac3d2
a25a89b87deae93c93c62ec297480ee3ea0090b7c71e06ef7b7b309d4291e1aa
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b087e84a86cbaaa5c8a2679a0aba1472f6beff1c09f0a6e2e1dea4e536a49819
b9ed4ed874f3f55c3362f4e93cd1febc095ebb6c107566f4393c627213883b84
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
cdc50c5cd41c6b452f37aeefc6968189095bfa6c9c56f2775dc0ae3c79159c85
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5c25e56f3a4ed9867459b63aca1efaeaee1fcd4a75b821b96bfaac5d24c252
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e733a4fc2220ed1402b99308bade12136c331aa9ea41280a20670c9b531f2eea
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
ed86d3c695f0606c769daff3c0cdcd775cfecf7f6d28c0e32941a861ea5d717e
f947011ad900ca74f1d46a861b263d268df4b715ec6c6f5ffde3eca8598bd62a

accounts.staging.cloversites.com Open in urlscan Pro 52.8.207.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

94 %HTTPS

68 %IPv6

14 Domains

19 Subdomains

17 IPs

1 Countries

921 kBTransfer

1999 kBSize

14 Cookies

1 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

accounts.staging.cloversites.com Open in urlscan Pro
52.8.207.9 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

94 %
HTTPS

68 %
IPv6

14
Domains

19
Subdomains

17
IPs

1
Countries

921 kB
Transfer

1999 kB
Size

14
Cookies

33 HTTP transactions
8 data transactions