app.hellobonsai.com Open in urlscan Pro
2606:4700:20::ac43:4b74 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_med...
Submission: On August 03 via manual (August 3rd 2022, 12:38:42 pm UTC) from IL — Scanned from DE

Summary HTTP 238 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 42 IPs in 4 countries across 28 domains to perform 238 HTTP transactions. The main IP is 2606:4700:20::ac43:4b74, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.hellobonsai.com. The Cisco Umbrella rank of the primary domain is 579653.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 21st 2022. Valid for: a year.

This is the only time app.hellobonsai.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	2606:4700:20:... 2606:4700:20::ac43:4b74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
14	2600:9000:225... 2600:9000:2250:8000:6:9b9d:3240:93a1	16509 (AMAZON-02) (AMAZON-02)
33	18.66.122.50 18.66.122.50	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:cb0... 2a02:6ea0:cb00::2	60068 (CDN77 ^_^) (CDN77 ^_^)
6	108.138.36.26 108.138.36.26	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:2240:da00:1e:b6b6:9ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.219.112.185 52.219.112.185	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2600:1f18:24e... 2600:1f18:24e6:b900:ced3:8b66:1073:c601	14618 (AMAZON-AES) (AMAZON-AES)
56	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
2	173.194.76.92 173.194.76.92	15169 (GOOGLE) (GOOGLE)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211a:9000:11:9cfd:9400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.222.206.178 52.222.206.178	16509 (AMAZON-02) (AMAZON-02)
1 1	108.138.17.98 108.138.17.98	16509 (AMAZON-02) (AMAZON-02)
9	18.66.139.67 18.66.139.67	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
3	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.43.93.136 52.43.93.136	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:211... 2600:9000:211a:e200:10:7ddc:ae40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.15.120 18.66.15.120	16509 (AMAZON-02) (AMAZON-02)
4	44.239.247.156 44.239.247.156	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.28 18.66.139.28	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::5c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
4	35.227.225.220 35.227.225.220	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	18.66.112.67 18.66.112.67	16509 (AMAZON-02) (AMAZON-02)
238	42

38 2606:4700:20::ac43:4b74 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hellobonsai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:2250:8000:6:9b9d:3240:93a1 (United States)

ASN16509 (AMAZON-02, US)

t.hellobonsai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 18.66.122.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-50.fra60.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:cb00::2 (United Kingdom)

ASN60068 (CDN77 ^_^, GB)

cdn.headwayapp.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.36.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-26.muc50.r.cloudfront.net

cdn.plaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:da00:1e:b6b6:9ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.firstpromoter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.112.185 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com

bonsai-invoice-imgs.s3.us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bonsai-company-imgs.s3.us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o921014.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:24e6:b900:ced3:8b66:1073:c601 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.92 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f92.1e100.net

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211a:9000:11:9cfd:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-178.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.98 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-98.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.139.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-67.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.appcues.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.43.93.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-93-136.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211a:e200:10:7ddc:ae40:93a1 (United States)

ASN16509 (AMAZON-02, US)

sgmt.hellobonsai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-120.vie50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.239.247.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-247-156.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-28.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.219.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.225.220 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com

track.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-67.fra56.r.cloudfront.net

static.intercomassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
90	stripe.com js.stripe.com — Cisco Umbrella Rank: 1740 q.stripe.com — Cisco Umbrella Rank: 10929 r.stripe.com — Cisco Umbrella Rank: 6349 m.stripe.com — Cisco Umbrella Rank: 1565	945 KB
55	hellobonsai.com app.hellobonsai.com — Cisco Umbrella Rank: 579653 t.hellobonsai.com sgmt.hellobonsai.com	3 MB
18	google.com pay.google.com — Cisco Umbrella Rank: 3621 www.google.com — Cisco Umbrella Rank: 10 play.google.com — Cisco Umbrella Rank: 50	393 KB
9	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2684	500 KB
6	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 3693
6	plaid.com cdn.plaid.com — Cisco Umbrella Rank: 13500	431 KB
5	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 4130 api.amplitude.com — Cisco Umbrella Rank: 1341	19 KB
5	customer.io assets.customer.io — Cisco Umbrella Rank: 20292 track.customer.io — Cisco Umbrella Rank: 15290	3 KB
4	gstatic.com www.gstatic.com	103 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	564 B
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 322	182 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	131 KB
3	appcues.com fast.appcues.com — Cisco Umbrella Rank: 6317	123 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 642 script.hotjar.com — Cisco Umbrella Rank: 770 vars.hotjar.com — Cisco Umbrella Rank: 803	68 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	40 KB
2	intercomassets.com static.intercomassets.com — Cisco Umbrella Rank: 13032	26 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5596	611 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 118	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	98 KB
2	intercom.io 1 redirects widget.intercom.io — Cisco Umbrella Rank: 2674 api-iam.intercom.io — Cisco Umbrella Rank: 2559	3 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1863	17 KB
2	amazonaws.com bonsai-invoice-imgs.s3.us-west-1.amazonaws.com bonsai-company-imgs.s3.us-west-1.amazonaws.com	216 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 283	721 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 402	14 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	sentry.io o921014.ingest.sentry.io	279 B
1	firstpromoter.com cdn.firstpromoter.com — Cisco Umbrella Rank: 33001	2 KB
1	headwayapp.co cdn.headwayapp.co — Cisco Umbrella Rank: 26932	7 KB
238	28

	Domain	Requested by
41	r.stripe.com	js.stripe.com
38	app.hellobonsai.com	app.hellobonsai.com
33	js.stripe.com	app.hellobonsai.com js.stripe.com
15	q.stripe.com	app.hellobonsai.com
14	t.hellobonsai.com	app.hellobonsai.com t.hellobonsai.com
13	play.google.com	www.gstatic.com
9	js.intercomcdn.com	app.hellobonsai.com widget.intercom.io js.intercomcdn.com
6	rum.browser-intake-datadoghq.com	app.hellobonsai.com
6	cdn.plaid.com	app.hellobonsai.com cdn.plaid.com
4	track.customer.io
4	www.gstatic.com	pay.google.com www.gstatic.com
4	www.facebook.com	app.hellobonsai.com
4	api.amplitude.com	app.hellobonsai.com
4	pay.google.com	js.stripe.com pay.google.com app.hellobonsai.com www.gstatic.com
4	maps.googleapis.com	app.hellobonsai.com maps.googleapis.com
3	sgmt.hellobonsai.com	t.hellobonsai.com
3	connect.facebook.net	t.hellobonsai.com connect.facebook.net
3	fast.appcues.com	t.hellobonsai.com fast.appcues.com
3	www.google-analytics.com	app.hellobonsai.com www.gstatic.com
2	static.intercomassets.com
2	www.google.de	app.hellobonsai.com
2	www.googletagmanager.com	t.hellobonsai.com
2	m.stripe.network	js.stripe.com m.stripe.network
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	app.hellobonsai.com
1	stats.g.doubleclick.net	app.hellobonsai.com
1	www.google.com	app.hellobonsai.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	api-iam.intercom.io	js.intercomcdn.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	m.stripe.com	m.stripe.network
1	widget.intercom.io	1 redirects
1	cdn.amplitude.com	t.hellobonsai.com
1	assets.customer.io	t.hellobonsai.com
1	static.hotjar.com	t.hellobonsai.com
1	o921014.ingest.sentry.io	app.hellobonsai.com
1	bonsai-company-imgs.s3.us-west-1.amazonaws.com	app.hellobonsai.com
1	bonsai-invoice-imgs.s3.us-west-1.amazonaws.com	app.hellobonsai.com
1	cdn.firstpromoter.com	app.hellobonsai.com
1	cdn.headwayapp.co	app.hellobonsai.com
238	42

This site contains links to these domains. Also see Links.

Domain
intercom.help
www.pcisecuritystandards.org
stripe.com
plaid.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-21` - `2023-05-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.hellobonsai.com Amazon	`2022-01-24` - `2023-02-22`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
1529036741.rsc.cdn77.org R3	`2022-06-09` - `2022-09-07`	3 months	crt.sh
secure.plaid.com DigiCert SHA2 Extended Validation Server CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
*.firstpromoter.com Amazon	`2022-01-20` - `2023-02-18`	a year	crt.sh
*.s3-us-west-1.amazonaws.com Amazon	`2021-12-17` - `2022-12-16`	a year	crt.sh
*.ingest.sentry.io R3	`2022-06-21` - `2022-09-19`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-09-08`	4 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.customer.io Amazon	`2021-12-20` - `2023-01-17`	a year	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-01-28` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-12` - `2022-08-10`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-11` - `2022-10-19`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.intercomcdn.com Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
api.customer.io GTS CA 1D4	`2022-07-22` - `2022-10-20`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
intercomassets.com Amazon	`2022-06-17` - `2023-07-16`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Frame ID: E631C09C61A715FF97251B9BAC795DCB
Requests: 111 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html
Frame ID: B26C815088457CC908F50DE949D75D4F
Requests: 22 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html
Frame ID: 1420FD3091DFBC10753FC5703BEA1C6B
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html
Frame ID: 69BA2E3B543FFC7AA1790223F188FF48
Requests: 33 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-db544c4e4ca706ec1fe40ab454099109.html
Frame ID: 874131A6A97E20DFA3F9034781A295BD
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-95c831272f05feff407c236300e8289f.html
Frame ID: 9EED6AAF913E5B6ED2687A1B397D213F
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-e38946e804432be68f641f02ebc1364f.html
Frame ID: B7B699E193DDD0777E17F7DB306A820F
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 168F5AEE408F13DD3FB3D81475152DA9
Requests: 4 HTTP requests in this frame

Frame: https://cdn.plaid.com/link/v2/stable/link.html?isHostedTrustedAuth=false&isLinkInitialize=true&origin=https%3A%2F%2Fapp.hellobonsai.com&token=link-production-b72bcec5-80ec-48d6-a485-4801fa8da7b1&uniqueId=1&version=2.0.1357
Frame ID: 2ED394729BA681828BBE31B2DD26D99D
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html
Frame ID: 66F1BFE113AE3624462DB3B9E6B2BC0D
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.c0368ce5.js
Frame ID: B882F4595184D2631C977C8FB82764CB
Requests: 8 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: E28D7DD32555D0DF2DE2951EE58BDDD5
Requests: 15 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-3889d1e0b894c5b2088f7bfeb143b1a4.html
Frame ID: C2BBE3F53A90B805F0A37D46A6E018B0
Requests: 8 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: 74586CCF9DB8D6D357E8E2ECD5E4D6D2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Boldface Branding Corp. - LVN Retreat '22 Logo Invoice

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

238
Requests

99 %
HTTPS

48 %
IPv6

28
Domains

42
Subdomains

42
IPs

4
Countries

6506 kB
Transfer

22432 kB
Size

27
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://intercom.help/bonsai/
Title: View FAQ

Search URL Search Domain Scan URL

URL: https://www.pcisecuritystandards.org/
Title: PCI Security Standards Council

Search URL Search Domain Scan URL

URL: https://stripe.com/help/security
Title: ABOUT STRIPE

Search URL Search Domain Scan URL

URL: https://plaid.com/security/
Title: ABOUT PLAID

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 141

https://widget.intercom.io/widget/vu2ry3p0 HTTP 302
https://js.intercomcdn.com/shim.latest.js

238 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 3911b48fa81eea0 Show response
app.hellobonsai.com/i/ 51 KB
18 KB 761ms
613ms Document
text/html 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59dd3f86dd41ce8ac48da0e635f1dbfc1dfb0076b9fa1561028fb9f07ba755f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 734f1c5c183c9bca-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 12:38:31 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: </assets/ProximaNova-Light-b1cffb91031e9e9eaaf5d305544163d8320452f2fb8c9d3bb8d129f4b8048451.ttf>; rel=preload; as=font; type=font/ttf; crossorigin=anonymous,</assets/ProximaNova-Light-32c28b89d3916748321efd8fb795e798fff52830491f50ea36c0ec72d6a3e346.woff>; rel=preload; as=font; type=font/woff; crossorigin=anonymous,</assets/ProximaNova-Regular-1c7bf8e2542ddba042d514223c506dafca5918a64f178181b4b8f12db2567a05.ttf>; rel=preload; as=font; type=font/ttf; crossorigin=anonymous,</assets/ProximaNova-Regular-76a321a96fdb986afb09508c37d6c4eef93af2a1ba6e03d6d5aba34a410033e7.woff>; rel=preload; as=font; type=font/woff; crossorigin=anonymous,</assets/ProximaNova-Semibold-911c15220f8f1819fd15e1672eb7f957396c33fbdf561be48c2ef81dffa853b3.ttf>; rel=preload; as=font; type=font/ttf; crossorigin=anonymous,</assets/ProximaNova-Semibold-ed575f80189c08ab12dbac29d5c51249580b879bcae8ba0fd115255481fc7f84.woff>; rel=preload; as=font; type=font/woff; crossorigin=anonymous,</assets/ionicons-2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9.ttf>; rel=preload; as=font; type=font/ttf; crossorigin=anonymous,</assets/ionicons-a627d9068c1235d9b3c95c405eb6ecb64a290b159cf5e926c0d96d89b24cd5fc.svg>; rel=preload; as=image; type=image/svg+xml,</assets/ionicons-709f2789daaff440820ebb975d3ae409af45121bdec47e39e83523490b1bc0fc.woff>; rel=preload; as=font; type=font/woff; crossorigin=anonymous,</assets/application-9f3d879d920d7376c540852b8123b8a6ba7e83e89b86bcf1e408ff6131bdf88b.css>; rel=preload; as=style; nopush,</packs/css/3432-a67886b9.css>; rel=preload; as=style; nopush,</packs/css/application-0b8cac1c.css>; rel=preload; as=style; nopush,</assets/application-1f38dbb91c272c99107b81403ef5451e68690f27e9a8f3ee09e9eb3848dd9dd1.js>; rel=preload; as=script; nopush
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1tCbZD3cgMEjpTLZaVPiQ9nSq%2BkR2%2FQS9IaSbUnquZOdbr6KS4ilFIot5AI9RHfa963nHmVjIhgM6K4xT2iPytHX3lC1hsTxN0hZRgzYfuv8GKcThptIE238CHfO8bd7xuBScCAIIhv8%2B%2BWioCn74Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: ea3a5c8b-a3de-4b89-900e-f8d8c9067744
x-runtime: 0.291778
x-xss-protection: 0

GET
H2 200 ProximaNova-Light-b1cffb91031e9e9eaaf5d305544163d8320452f2fb8c9d3bb8d129f4b8048451.ttf
app.hellobonsai.com/assets/ 138 KB
138 KB 327ms
319ms Font
application/octet-stream 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/assets/ProximaNova-Light-b1cffb91031e9e9eaaf5d305544163d8320452f2fb8c9d3bb8d129f4b8048451.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1cffb91031e9e9eaaf5d305544163d8320452f2fb8c9d3bb8d129f4b8048451

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Origin: https://app.hellobonsai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:31 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 140936
last-modified: Tue, 23 Apr 2019 20:49:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkLB2Kq0tXnIf%2BAwW8dVsYzEmQmNkUs5m8mZRUn%2B9RludeB0tEhUVFm2gsFIx3wyZ1Edh2E3yV3l5SX31eFIptswCe9fR5zHxap7Lis8aGHEAuMXbxbqyA4WpCSwyoBNEGeGu0CdreIYOxpsJx5s%2Bn4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 734f1c600fb49bca-FRA
expires: Mon, 31 Jan 2022 20:54:46 +0000

GET
H2 200 ProximaNova-Light-32c28b89d3916748321efd8fb795e798fff52830491f50ea36c0ec72d6a3e346.woff
app.hellobonsai.com/assets/ 57 KB
57 KB 39ms
29ms Font
application/font-woff 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/assets/ProximaNova-Light-32c28b89d3916748321efd8fb795e798fff52830491f50ea36c0ec72d6a3e346.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c28b89d3916748321efd8fb795e798fff52830491f50ea36c0ec72d6a3e346

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Origin: https://app.hellobonsai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:31 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 525942
content-encoding: br
last-modified: Tue, 23 Apr 2019 20:49:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgijC%2FNiFKRSvCf03BcdWnBCSIhmA9lZflMwaHpnu3sw0%2FHLsvirC0bcGNhCSjFOMW8KgxCjPRsFhAv81W1Pv57GZvNscxbvBmMW1drCxzPsM54hNluMIkUlrZC3no1KVrTQ%2F1QiwFjGSrDYv7MhpK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=604800
cf-ray: 734f1c600fc19bca-FRA
expires: Wed, 03 Aug 2022 19:09:39 GMT

GET
H2 200 ProximaNova-Regular-1c7bf8e2542ddba042d514223c506dafca5918a64f178181b4b8f12db2567a05.ttf
app.hellobonsai.com/assets/ 88 KB
89 KB 44ms
35ms Font
application/octet-stream 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/assets/ProximaNova-Regular-1c7bf8e2542ddba042d514223c506dafca5918a64f178181b4b8f12db2567a05.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c7bf8e2542ddba042d514223c506dafca5918a64f178181b4b8f12db2567a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Origin: https://app.hellobonsai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:31 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 540067
content-length: 90104
last-modified: Tue, 23 Apr 2019 20:49:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FV1Q6QEuPbjZdE2Gsuhper2WDu1ml4IzB2gPfG8hudxeQPWj5VExphPA4JWWJDtZ6OfieLiizpGYts8rU%2BLTjIPEPk%2FT8mlmGCmZYIzh7SPf4YN%2BbrRdbeeJY8TVFfR5pm%2BP%2FNFy420N8rzl4GwUNYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 734f1c600fc39bca-FRA
expires: Wed, 03 Aug 2022 19:09:39 GMT

GET
H2 200 ProximaNova-Regular-76a321a96fdb986afb09508c37d6c4eef93af2a1ba6e03d6d5aba34a410033e7.woff
app.hellobonsai.com/assets/ 39 KB
40 KB 316ms
308ms Font
application/font-woff 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/assets/ProximaNova-Regular-76a321a96fdb986afb09508c37d6c4eef93af2a1ba6e03d6d5aba34a410033e7.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76a321a96fdb986afb09508c37d6c4eef93af2a1ba6e03d6d5aba34a410033e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Origin: https://app.hellobonsai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 734f1c600fc49bca-FRA
date: Wed, 03 Aug 2022 12:38:31 GMT
via: 1.1 vegur
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Apr 2019 20:49:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZiWJbU3yb0Gx%2Bs8Nq1WJuzUmahyIExHm0rcFXPRW5L5%2B6B3vqY%2Fcb0dykphZ8ehhxazLhLWpUwlMCK66cgNBuqXW4VvhDmqWGAVZl9FtNxII5n6%2FaCpxEisuofzi79U3b3OYUZNntC58bdvGos4UTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
expires: Mon, 07 Mar 2022 23:23:39 +0000

GET
H2 200 ProximaNova-Semibold-911c15220f8f1819fd15e1672eb7f957396c33fbdf561be48c2ef81dffa853b3.ttf
app.hellobonsai.com/assets/ 88 KB
88 KB 37ms
29ms Font
application/octet-stream 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/assets/ProximaNova-Semibold-911c15220f8f1819fd15e1672eb7f957396c33fbdf561be48c2ef81dffa853b3.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

911c15220f8f1819fd15e1672eb7f957396c33fbdf561be48c2ef81dffa853b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Origin: https://app.hellobonsai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:31 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 534897
content-length: 90100
last-modified: Tue, 23 Apr 2019 20:49:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksOweWsMVe7QIEOcAEpadmru%2BzBxDEAg%2BrcDNa9CxkHYwAsfxMgeKHFEnEebOkOicXsBW0fgvml922G2grGV5lP5bbSIgTxLOrrFHooWq3e0P6bnbRcJ%2FA7%2Fc6GYNAhkIqj8iReM3x3TMdLckG7j02Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 734f1c600fc69bca-FRA
expires: Wed, 03 Aug 2022 19:09:39 GMT

GET
H2 200 ProximaNova-Semibold-ed575f80189c08ab12dbac29d5c51249580b879bcae8ba0fd115255481fc7f84.woff
app.hellobonsai.com/assets/ 39 KB
39 KB 305ms
298ms Font
application/font-woff 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/assets/ProximaNova-Semibold-ed575f80189c08ab12dbac29d5c51249580b879bcae8ba0fd115255481fc7f84.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed575f80189c08ab12dbac29d5c51249580b879bcae8ba0fd115255481fc7f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Origin: https://app.hellobonsai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 734f1c600fc79bca-FRA
date: Wed, 03 Aug 2022 12:38:31 GMT
via: 1.1 vegur
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Apr 2019 20:49:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOWVcVOSUFVnmzi7mnvjIxQH6ihhqPt0GnHp4YZqMRYc0um07LDiUMr9H1tkzBpSZZdPSxDJMkGDIurBgYVkjbquzDM5WS1fTEC1adN%2BAu%2F6YHKC8b9mfamNQBatmW6NTCfdK2H0GwDpPN8L%2BG5uSII%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
expires: Mon, 31 Jan 2022 20:54:46 +0000

GET
H2 200 ionicons-2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9.ttf
app.hellobonsai.com/assets/ 184 KB
185 KB 27ms
21ms Font
application/octet-stream 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/assets/ionicons-2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9.ttf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Origin: https://app.hellobonsai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:31 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 534830
content-length: 188508
last-modified: Tue, 23 Apr 2019 20:49:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQHkOnc%2B3z6uRl8QpTzL1ITdWT5KlX%2FAxgCtunEm%2F53B2AvLr1gY8gk1UaguFQCbL6FukREx6rV8GUJ89%2FK9%2FuGd3oXvoi5HU7VIJM7Vv2QOG9lVaA9YQ%2FmTPu5SPmESC6rtcrzJ7vo7bvZqq0vaAfM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 734f1c600fc89bca-FRA
expires: Wed, 03 Aug 2022 19:09:39 GMT

GET
H2 200 ionicons-a627d9068c1235d9b3c95c405eb6ecb64a290b159cf5e926c0d96d89b24cd5fc.svg
app.hellobonsai.com/assets/ 326 KB
99 KB 119ms
119ms Image
image/svg+xml 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.hellobonsai.com/assets/ionicons-a627d9068c1235d9b3c95c405eb6ecb64a290b159cf5e926c0d96d89b24cd5fc.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a627d9068c1235d9b3c95c405eb6ecb64a290b159cf5e926c0d96d89b24cd5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 734f1c621b5a9bca-FRA
date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Apr 2019 20:49:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnM0glu%2FsZS6qNVyCKMiM%2FPdcuw8ki21WBf8GXVRROi1oEtZxhvLOAWBxqzuUYaZwE%2FoAnP%2BOTWsHN5POiMI1AYNjwuiXemcgQHATj50AhOnJQG7d5B25QcowWbhJxugaeLu%2FN2VFaNThYLn7tlIKU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
expires: Sat, 19 Feb 2022 20:36:16 +0000

GET
H2 200 ionicons-709f2789daaff440820ebb975d3ae409af45121bdec47e39e83523490b1bc0fc.woff
app.hellobonsai.com/assets/ 66 KB
66 KB 315ms
309ms Font
application/font-woff 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/assets/ionicons-709f2789daaff440820ebb975d3ae409af45121bdec47e39e83523490b1bc0fc.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

709f2789daaff440820ebb975d3ae409af45121bdec47e39e83523490b1bc0fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Origin: https://app.hellobonsai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 734f1c601fd59bca-FRA
date: Wed, 03 Aug 2022 12:38:31 GMT
via: 1.1 vegur
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Apr 2019 20:49:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0Poh8qqTa0dUIFI%2F1IwjojA32pi5m7oQOHsB%2F7WHd2NJwvbW4GRDugcAhik9vVfA9VPVuiJrHf1zgTjWKxi97Cjr0fL3Ev8vKljiekBSUB%2FCYa05ZZZiPv6%2BeZ7xQP3D%2BsxDIsdSWZQT4QM%2FEzpDPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
expires: Mon, 07 Mar 2022 23:23:39 +0000

GET
H2 200 application-9f3d879d920d7376c540852b8123b8a6ba7e83e89b86bcf1e408ff6131bdf88b.css
app.hellobonsai.com/assets/ 1 MB
207 KB 47ms
42ms Stylesheet
text/css 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/assets/application-9f3d879d920d7376c540852b8123b8a6ba7e83e89b86bcf1e408ff6131bdf88b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee98058dd681cae506370c7702819492f7d3f1fb0af8564acdcfa0e3b02e8b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:31 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53575
cf-polished: origSize=1277518
cf-bgj: minify
content-encoding: br
last-modified: Tue, 02 Aug 2022 19:42:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8y%2FsH6Be5zSAHcg1Ld4sZTEwaOBPRjzlnp%2BiVQ2isRJJa8UZuP%2Bur0dncVmdNrNqYv6dPFXo9Dzg7%2BC56AXlbOhAM2DguZC76sBC%2BKk31xf1v4ia6S%2FAcrQRL9B6Vb6Vb9W30YXCe6fbko%2BP%2BESvtw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 734f1c601fcb9bca-FRA
expires: Tue, 09 Aug 2022 20:05:28 GMT

GET
H2 200 3432-a67886b9.css
app.hellobonsai.com/packs/css/ 96 KB
15 KB 39ms
34ms Stylesheet
text/css 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/css/3432-a67886b9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2018d4c905767c70037b9acc77686d6e3571c2c6e8c219343a4fc0efa76b02d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:31 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153180
cf-polished: origSize=99597
cf-bgj: minify
content-encoding: br
last-modified: Mon, 01 Aug 2022 14:48:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vaPlk31QfEZP04kCoUMnqq281mLpvvfyZCEPRo9KVOSyJXo2rfCxZ6KkIS9P1TRnfiCriXgtgS3xvQ%2BiPBl0pPDxBpYP4gIY8bPX4ew2ivBygW9Ci0uTBwg2GtAgbJFsXNdRpsVSiXUErQzdKZHu1zs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 734f1c601fcd9bca-FRA
expires: Mon, 08 Aug 2022 14:51:18 GMT

GET
H2 200 application-0b8cac1c.css
app.hellobonsai.com/packs/css/ 14 KB
3 KB 32ms
28ms Stylesheet
text/css 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/css/application-0b8cac1c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffe954e3a60585ee30365e41b381fde3afaa029c7aad24e66fb9588f94a8c663

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:31 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 598166
cf-polished: origSize=14704
cf-bgj: minify
content-encoding: br
last-modified: Mon, 25 Jul 2022 22:30:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2GKxnHuqOCfg4NqEaapGfG87Ea5QVwqjE9KGDRngjJx6HpYnJ0EX9UO9z%2Bu%2FsdCVlrl418m%2F5gec9WPF3LbxLdRpcPZ5avLpG03neMq3nli5Yz9drkDjEvcorIKtWcIQTXWZUVBXGG0VNa484R%2FkK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 734f1c601fce9bca-FRA
expires: Tue, 02 Aug 2022 23:00:39 GMT

GET
H2 200 application-1f38dbb91c272c99107b81403ef5451e68690f27e9a8f3ee09e9eb3848dd9dd1.js Show response
app.hellobonsai.com/assets/ 118 KB
42 KB 45ms
41ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/assets/application-1f38dbb91c272c99107b81403ef5451e68690f27e9a8f3ee09e9eb3848dd9dd1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f38dbb91c272c99107b81403ef5451e68690f27e9a8f3ee09e9eb3848dd9dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:31 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2571
content-encoding: br
last-modified: Mon, 02 Mar 2020 14:46:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5v0huZqIC89NcYMBfMEwbi%2BxEkUC5TGdwR%2BTQfdt%2Fpo%2BWwIrSAl%2FF2CvlJOsndNUywuuR7lnNuzO8eY5mOin739Vf8F6%2Bxd0Lx0m8cWOdLjVSnKkhEVh7lHyjZz5HpgRCCFhA7UgB%2BbN5%2Fyc9mc08Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c601fd69bca-FRA
expires: Mon, 07 Mar 2022 17:11:06 +0000

GET
H2 200 runtime-10f778991156894e5419.js Show response
app.hellobonsai.com/packs/js/ 5 KB
3 KB 26ms
23ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/js/runtime-10f778991156894e5419.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6b0ded502205d8f5044ac8ce461575b8d2d69422c028a02923fc3e2b0a98b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 408895
content-encoding: br
last-modified: Fri, 29 Jul 2022 18:45:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOrPuW22OFLQ%2BSFp%2BaXeMYoZ5UPxidk7QIkrL1GZ1gmuwrzvsPEIbjA98kS5HkexNVLSpbVPra9rWrIMoxIYejevkXvslPBKSExDU0k9p1K0sg%2FgukzGhhnYgkjHOUXg7uqSlhzZZagBFWXj1Uo0MCM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c623b819bca-FRA
expires: Fri, 05 Aug 2022 18:49:33 GMT

GET
H2 200 8423-ee960e138c7ee21c8a68.js Show response
app.hellobonsai.com/packs/js/ 198 KB
63 KB 29ms
26ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c31c8f6d73eca87339232c3105faa5b8aa830f0fa5bace7ebcb3ee06aaf4e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50293
content-encoding: br
last-modified: Tue, 02 Aug 2022 20:01:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdtu60P7kh%2Bs%2B0QRg3Iimk2eprggFSD2AliHNe%2BlQjAe7aLteVxT2xJ1eQAeBtXE89g4XFTIQzkYH8k3gIGBYEPOtOtdSrXMh5qjcdSBlCZa91%2Fd%2BPVzwcgb%2FL8QaeCnqQRe%2FHDOzZf%2FCbNfHdFftVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c623b859bca-FRA
expires: Tue, 09 Aug 2022 20:05:28 GMT

GET
H2 200 1087-7536cafd853d7a0d163c.js Show response
app.hellobonsai.com/packs/js/ 371 KB
102 KB 36ms
32ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/js/1087-7536cafd853d7a0d163c.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01b5ccd7e20bce7a4b9b04832e12f0008711b7925b5627771cb36b6f4cba2183

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153181
content-encoding: br
last-modified: Mon, 01 Aug 2022 14:48:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gTL9h%2B1cDiuU4yVDdZKjnm3gVU3NW5ue0njZ74d6fSKTvtvEEmPdwKs9DMNgsRjryfuUKg4v7L3qR5lLCN0LdgkUA6O7L2RF1zVD3X%2F82XKQg9pn%2BhE%2B9cP8n2pVmXH8c2Fwhlyk3deXKd00pJJnxvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c623b869bca-FRA
expires: Mon, 08 Aug 2022 14:51:18 GMT

GET
H2 200 386-da0d29e65672149ee184.js Show response
app.hellobonsai.com/packs/js/ 21 KB
7 KB 27ms
23ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/js/386-da0d29e65672149ee184.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4b914a89a418e4899f57ccf9525ea0783381915c7361b2da1de3c48b837caee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50292
content-encoding: br
last-modified: Tue, 02 Aug 2022 20:01:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSwqj22%2FY%2BP2AJj%2BkkNj%2BWlwY9AaJBmvdTmS%2BHw8UtOsKDwIV4xui5jXK%2FM5QXwuExFtor0A61T%2BUgd8YA9KQi4o6HMadzs6u9Vwi5LXaT40qiFo7Co0x8WJzO%2B%2BIEKglYWzBBP14SokEB489xMK2dc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c623b889bca-FRA
expires: Tue, 09 Aug 2022 20:05:28 GMT

GET
H2 200 legacy-bd9c6181c278a649c1ec.js Show response
app.hellobonsai.com/packs/js/ 346 KB
83 KB 34ms
31ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/js/legacy-bd9c6181c278a649c1ec.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4754ad18ce90dd9f0180b9eea65807e52d00123eb98c277a80bb1ab8fec04f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73617
content-encoding: br
last-modified: Tue, 02 Aug 2022 14:45:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5tswhKbm2K7LmF5Dx84m2yPVZ44hfChXws67oq9wuQudSXdE4AZlUAsN5SWb8sDdwA2a9y%2BNzTgpU9KK%2B7yITBabnzWUULjcNA0S3vWoQXPEgyJAK%2FpVxLW4po8akyiOc7hokksMGJXTWmtNYhQy20%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c623b899bca-FRA
expires: Tue, 09 Aug 2022 14:48:20 GMT

GET
H2 200 5884-d55946a0741801df8197.js Show response
app.hellobonsai.com/packs/js/ 646 KB
176 KB 44ms
41ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/js/5884-d55946a0741801df8197.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5b15b382303417b514468864194c30d475c415f7efa58d23233aff9ca963a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153192
content-encoding: br
last-modified: Mon, 01 Aug 2022 14:48:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntY%2B4avWmQ7i5n912MgfA%2BhtTm5CNp%2FXOcQ7rqlcK9ssbYmZhgH9CqegEC2HLXIgtOm77vANRU76XXARbwc0XbGU8veKjEspAVaOpdBtYqwOMS%2FwwrQDZ1BZGituBlWiW5XdWgmCKpA7H7KlXKgQ5B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c623b8b9bca-FRA
expires: Mon, 08 Aug 2022 14:51:18 GMT

GET
H2 200 450-b34abcc4a2b5216e9787.js Show response
app.hellobonsai.com/packs/js/ 253 KB
66 KB 30ms
27ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/js/450-b34abcc4a2b5216e9787.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

420b46168a05d5a2e76ea8dcbefe375d7340a5b1f0453c7a2a3e0b64e95fa49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73617
content-encoding: br
last-modified: Tue, 02 Aug 2022 14:45:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gh7lJhi3SsdvskoTKcjEJsvyPWrW2x8oVJD9ya%2B5YUbxyU4wyBndffpoPIy7%2FHuwsoYBcud884EZhNMJkBUzdcNJOUCeH8h0Xo48ZT9Lp8NR9QFKeBkup6xDuJRMyWbYej%2BAVpEdEXhj0R8edyNdYA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c623b8d9bca-FRA
expires: Tue, 09 Aug 2022 14:48:20 GMT

GET
H2 200 3432-cda91737b2634437f586.js Show response
app.hellobonsai.com/packs/js/ 37 KB
12 KB 24ms
21ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/js/3432-cda91737b2634437f586.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

243cdf9407941ae430325550156c6c2908b9af0fe2a1b6e7e32763fa9e531a58

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 153180
content-encoding: br
last-modified: Mon, 01 Aug 2022 14:48:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqBwOvDVRQX%2BE0075pIMpCk88WVPlSgCWWR0FOBCOQfu610ya5QWD8bXoJPnGs1vCo5CYlbj0E3U9MBzLIRZ12QkOhp7sdIvucUZWyofl0C1S2qxGyCNWhDMgIdMGU8W7%2B%2FTL4v6xoGPgaEE%2FNkfVP0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c623b8e9bca-FRA
expires: Mon, 08 Aug 2022 14:51:18 GMT

GET
H2 200 9326-19abfb492c5c5ac3de13.js Show response
app.hellobonsai.com/packs/js/ 2 MB
511 KB 47ms
45ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/js/9326-19abfb492c5c5ac3de13.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab38a795d4cdb06eb956fef8e325ca96d288edbfff0bf8509a07ade3c7ce1173

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73617
content-encoding: br
last-modified: Tue, 02 Aug 2022 14:45:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWzd9IPJlucqRFjyqVN6K5JEwqns0lj20k%2BBevZ%2B8l7LLI6cwkrWI%2F0jB8Xkmd%2Bd67JUJXUcJtzdeZU82P9JnkpfDyGkEMvzYcWCHd%2BmA0PYC56sM%2Bq6JW1zhMj1eoJpdvuddoPBbzDa6wuLZnpYELA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c623b909bca-FRA
expires: Tue, 09 Aug 2022 14:48:20 GMT

GET
H2 200 7287-07b68155ecfa43208ae3.js Show response
app.hellobonsai.com/packs/js/ 83 KB
18 KB 32ms
29ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/js/7287-07b68155ecfa43208ae3.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e18a3ff1a2cc69d11c23db2c64f838b48530befbb44592cbae6338e8a94afb7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72756
content-encoding: br
last-modified: Tue, 02 Aug 2022 16:17:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrCnmgWkUn87xK1JUcIeGf5cG1XiQ%2Bn4d2UilKI7HLEYg1xouKhcvY1EaQ5tYKpJBhNQnh9IfqIlWxR7J1s0Mf%2F2m14V9Mgi3H0BQg2z2ZgMJW7Fp%2Bu%2By40f5TW2YZIs04Q5rjAvlNlqrcXBL8J9l5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c623b9c9bca-FRA
expires: Tue, 09 Aug 2022 16:21:13 GMT

GET
H2 200 6179-6b5eb6a07550e658576b.js Show response
app.hellobonsai.com/packs/js/ 373 KB
68 KB 42ms
40ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/js/6179-6b5eb6a07550e658576b.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6be9784acf1f06734eae5551c5e5242a6d0c5a92f52a94faa85cad76eed63ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72756
content-encoding: br
last-modified: Tue, 02 Aug 2022 16:17:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J7PMDLBLBWyNMK3Xh6UWUf6yVcTw5Fi0ULuftHEdTXZreVp4obBTJUc%2FMA9UweW%2FXPMzhcC7gMGK3zLN1RFjM8q7UBK9VDBIHGthEff66sCz96ezx7XPHgc4NcC9l9pUHQUaOXY4IwpVNKvg0XfDtRk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c623ba19bca-FRA
expires: Tue, 09 Aug 2022 16:21:13 GMT

GET
H2 200 2033-0ab7f1179c46e503d12a.js Show response
app.hellobonsai.com/packs/js/ 96 KB
19 KB 31ms
28ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/js/2033-0ab7f1179c46e503d12a.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f09834a8228cb5b59ed1ca6958f0765d71392d2a3bad0ac8caf13c850406f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50292
content-encoding: br
last-modified: Tue, 02 Aug 2022 20:01:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLuuhBWUQDwXJU1csAlJh2DNLNZQxk0Bf2gkz%2BT%2Bby2GMJ6eNNlgpw3HadShWSD8s417A3c4fXarYC9W2pEDgwfPLvY3W8nwuA4VIPYb9QnzHiVuWBU3gOR6coXzAcn9BHsNPfZhzHae9OddMxDZvk4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c623ba69bca-FRA
expires: Tue, 09 Aug 2022 20:05:28 GMT

GET
H2 200 application-72fe25a2fe140abf2162.js Show response
app.hellobonsai.com/packs/js/ 4 MB
614 KB 51ms
48ms Script
application/javascript 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/packs/js/application-72fe25a2fe140abf2162.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c53820158b79be0e71d0d33ce80107248a807717aecf0d297ab7bff1d45200ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53576
content-encoding: br
last-modified: Tue, 02 Aug 2022 20:01:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5lSDWPu55vQWHcCUJ0iCcGEroCy3oIguIqNxal93Z5yHCJQJXplh1YOYvmHHgK80dkHPSNXo4X%2BXmTgi%2FggPIl%2FqRn4fZMbrTplEgo0rCLmN%2BRpa4mLWgqHlxrNCNGALgmp47NeCf%2Fy7kcAkj9XKUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 734f1c623ba79bca-FRA
expires: Tue, 09 Aug 2022 20:05:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 498ms
37ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6590
date: Wed, 03 Aug 2022 10:48:42 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 03 Aug 2022 12:48:42 GMT

GET
H2 200 analytics.min.js Show response
t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/ 95 KB
27 KB 99ms
32ms Script
text/javascript 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c71381cdb62fe36bfd78a7618b3fc33994eb8db82b9a6f64a9b66811a280350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: MDgXu_GucIy0y89DAOL5qNuWIuE8aefm
content-encoding: gzip
etag: W/"eca6076f7fcb2f807a6b41836fb0ad73"
age: 104
x-cache: Miss from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 07 Jul 2022 00:56:15 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 12:36:49 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA6-C1, FRA60-P2
x-amz-cf-id: pQnn4cK3yROQfH8FUWrJ8nwo9yKwVLfvtN7R-s2Tlx7pm-sYPRHn5g==

GET
H2 200 / Show response
js.stripe.com/v3/ 315 KB
77 KB 177ms
10ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d0a58cef2353163fc5f4c8b3ef68b7c28e99150cd98b0a793c43108a2434ba00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 47
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:37:45 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Tue, 02 Aug 2022 22:31:46 GMT
server: Cloudfront
etag: W/"07a669093ca7a9afa58da1b05dce764d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: KG3oREHFY_7ee2BgS0H_24LqSSZH9IR93IvKbHdLzdqwSERcQJ6CjA==

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 169 KB
56 KB 354ms
75ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAHwtnzqqHHvQn4-UKnz-oMzpydAvnv7ik&libraries=places

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

677153baab37ea1b5fda3f510134c08654abbab2ea668b0f26ad3a66c9d6c9d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=23
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56889
x-xss-protection: 0
expires: Wed, 03 Aug 2022 13:08:32 GMT

GET
H2 200 widget.js Show response
cdn.headwayapp.co/ 27 KB
7 KB 118ms
17ms Script
application/javascript 2a02:6ea0:cb00::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.headwayapp.co/widget.js
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:cb00::2 , United Kingdom, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 038854c1db8658c2d0f918c047c4f335bd11c07c4ab2686ce1a780113e3591a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-77-pop: viennaAT
date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 218366faeb88f6d265d2589e37ea2dac.cloudfront.net (CloudFront)
x-77-nzt-ray: +QEMwW6sZJI
age: 31
x-77-cache: HIT
x-cache: HIT
x-hello: headway
content-encoding: br
x-77-nzt: Abm0DAYBQNz/JgAAAA
x-accel-expires: @1659530334
last-modified: Mon, 25 Apr 2022 04:20:45 GMT
server: CDN77-Turbo
etag: W/"038854c1db8658c2d0f918c047c4f335"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=60
x-amz-cf-pop: VIE50-C2
x-age: 38
x-amz-cf-id: RrXTdiErOQqkxp-36VlxZCVvT4HVY3JMtCoFLowKvmgfGmc7ws_jvA==

GET
H2 200 link-initialize.js Show response
cdn.plaid.com/link/v2/stable/ 89 KB
32 KB 128ms
45ms Script
application/javascript 108.138.36.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-26.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29d9505b433e35bb6c623302be8fc54475667eb9009e932c202718b0c16dd249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 07:54:18 GMT
content-encoding: gzip
age: 17055
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-request-id: G045P6NAWEJ0QNBZ
x-amz-id-2: mnBJ2+yEOwjg6rrc5qAj9+Nzz0PNwW6bf/3ieeSDC+iM1MvHXQweoZ3cPKFXAp4CIFhCCctxLo8=
last-modified: Wed, 03 Aug 2022 07:28:11 GMT
server: AmazonS3
etag: W/"9076c801dbdc4bd949c9c5f2ad99fbbf"
vary: Accept-Encoding
x-amz-version-id: 94rExYLUz.bV_ri9m2Ol3aywx3fmb1cN
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
cache-control: no-cache,must-revalidate,max-age=0
x-amz-cf-pop: MUC50-P2
content-type: application/javascript
x-amz-cf-id: Q5P0COe5MLOQMv8VeFPx9XokX598kldl61D9ON_7w8vQEw-VqlbYZg==

GET
H2 200 fprom.js Show response
cdn.firstpromoter.com/ 5 KB
2 KB 81ms
7ms Script
application/javascript 2600:9000:2240:da00:1e:b6b6:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstpromoter.com/fprom.js
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:da00:1e:b6b6:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c9c5272136c7ebb6df65a9f5f7e30afe147971ec8d417412e7e5cbc3c51b77c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 11:29:36 GMT
content-encoding: gzip
last-modified: Sun, 16 May 2021 12:18:56 GMT
server: AmazonS3
age: 4137
etag: W/"4050b7f2106d3693d62497155108e557"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
cache-control: public, max-age=7200
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: FpAeXsCdaJt3EK80Wek42UL015WaHVAm1LWkvHnjgPLeSNN9f3EFpw==

GET
H2 200 ionicons-2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9.ttf
app.hellobonsai.com/assets/ 184 KB
185 KB 314ms
313ms Font
application/octet-stream 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/assets/ionicons-2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9.ttf?v=2.0.0

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/assets/application-9f3d879d920d7376c540852b8123b8a6ba7e83e89b86bcf1e408ff6131bdf88b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://app.hellobonsai.com/assets/application-9f3d879d920d7376c540852b8123b8a6ba7e83e89b86bcf1e408ff6131bdf88b.css
Origin: https://app.hellobonsai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 188508
last-modified: Tue, 23 Apr 2019 20:49:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAMzEq9NrME4HLZsUy9oo6JrNlwHPFD%2BPKzmpfhE7rvlcgd96Tlf9Y2NTBFFEUTX2wLO2%2FwCj7ssdvs4lg7FQSzSwOCAuFVXRvfZmjPKXQT26H6YcBGmuGl09XHfo4Wk69MqxNZikbfRu%2BZcPaaj5%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 734f1c623ba89bca-FRA
expires: Wed, 16 Feb 2022 21:14:59 +0000

GET
H2 200 ProximaNova-RegularIt-6a7bb73bc3b47b6d1ad2951ef02260e0d2cf870f27ef5f27b42271f49195fc17.woff
app.hellobonsai.com/assets/ 59 KB
60 KB 309ms
309ms Font
application/font-woff 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/assets/ProximaNova-RegularIt-6a7bb73bc3b47b6d1ad2951ef02260e0d2cf870f27ef5f27b42271f49195fc17.woff

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/assets/application-9f3d879d920d7376c540852b8123b8a6ba7e83e89b86bcf1e408ff6131bdf88b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a7bb73bc3b47b6d1ad2951ef02260e0d2cf870f27ef5f27b42271f49195fc17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://app.hellobonsai.com/assets/application-9f3d879d920d7376c540852b8123b8a6ba7e83e89b86bcf1e408ff6131bdf88b.css
Origin: https://app.hellobonsai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

cf-ray: 734f1c624bab9bca-FRA
date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
cf-cache-status: REVALIDATED
last-modified: Tue, 23 Apr 2019 20:49:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmG6WgYHpyL4XQTRHRyt5uPL4vNl%2BdvG125P8kNj3UrG4%2FpML7ky8LFOsPCMHsXdPx9PbEW3qaEI%2BPv0YcmKSqB%2BqCfxH4unIfW9hD5txPW9SFvRy6oMUGEfgxx%2F4cLnbcBm4TzbIioj3fLVsPfvYu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
expires: Fri, 01 Apr 2022 04:37:51 +0000

GET
H2 200 settings Show response
t.hellobonsai.com/v1/projects/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/ 6 KB
3 KB 27ms
9ms XHR
application/json 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/v1/projects/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/settings
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6553adf17d242b67abd05adae528fef2f8eeea39fa8cc2b529a35808d724780c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: hN0CCfQL4Wff1esX1iDnsprlCf0yUy18
content-encoding: gzip
etag: W/"96d2b01d356a87bb73a96f5830ab150a"
age: 754
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Mon, 25 Jul 2022 12:04:10 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 12:25:59 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public, max-age=10800
x-amz-cf-pop: FRA2-C1, FRA60-P2
x-amz-cf-id: NxMlRrjN0qR1ZUvCdKq3GIBYcH8S39xpm5lkZ90Uqv7gZaCI7xxjSA==

GET
H2 200 link-dynamic-loader.js
cdn.plaid.com/link/2.0.1357/ 0
43 KB 18ms
18ms Other
application/javascript 108.138.36.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1357/link-dynamic-loader.js
Requested by: Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-26.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 07:54:21 GMT
content-encoding: gzip
age: 17052
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 03 Aug 2022 07:28:11 GMT
server: AmazonS3
etag: W/"bba1fb991885ec6c67721a6a78889fd2"
vary: Accept-Encoding
x-amz-version-id: xTP4XyFQgJqjtoQS0OadndHg5We_aFgb
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: MUC50-P2
content-type: application/javascript
x-amz-cf-id: FhAaQtzMgBKTObJU9NL--mjKpayP1k1BBhUXRPlH3lpb6a8nNH0sYA==

GET
H/1.1 200
OK grey-pattern-angled.jpg
bonsai-invoice-imgs.s3.us-west-1.amazonaws.com/backgrounds/b3b4cb3b-df5f-412b-ace7-e56658930263/ 201 KB
201 KB 798ms
252ms Image
binary/octet-stream 52.219.112.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsai-invoice-imgs.s3.us-west-1.amazonaws.com/backgrounds/b3b4cb3b-df5f-412b-ace7-e56658930263/grey-pattern-angled.jpg
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.112.185 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e327fbf68565faaecff805ca80d16f5ca3c99f71eef0cfadcd173458d5c41c6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 12:38:33 GMT
Last-Modified: Tue, 08 Mar 2022 23:15:51 GMT
Server: AmazonS3
x-amz-request-id: 74ZZJWYF8NBJ7W36
ETag: "607f4201ed5546ee3d905ac228d573eb"
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 205378
x-amz-id-2: vdMFCzHvLlY0YOS0NeRqhw2szQuq0XxbyK92NWJBnJPBkT9M0g5bzOOdYRPO713dU7tHmDJmAQY=

GET
H/1.1 200
OK boldface-logo-84px.jpg
bonsai-company-imgs.s3.us-west-1.amazonaws.com/logos/ebfb4d49-fea8-4d79-a95e-76f053ee3dcd/ 14 KB
15 KB 724ms
198ms Image
binary/octet-stream 52.219.112.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bonsai-company-imgs.s3.us-west-1.amazonaws.com/logos/ebfb4d49-fea8-4d79-a95e-76f053ee3dcd/boldface-logo-84px.jpg
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.112.185 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 54e839da4741572f9ef2ac695e1bc0f60578b2cd6fe9baee012a7c7a5c7d0833

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 12:38:33 GMT
Last-Modified: Mon, 19 Nov 2018 13:24:44 GMT
Server: AmazonS3
x-amz-request-id: 74ZKVN7KZRAXF4XN
ETag: "8cc312abb2d122cb1bf466c9dbde9cf0"
Content-Type: binary/octet-stream
Accept-Ranges: bytes
Content-Length: 14571
x-amz-id-2: 84zgR5/y0jodKt2/WSdoNgxdOoh++2pJiuOrX9SsheZveJO84Xnl0BTs7+w/rxsBOfFD5jO6ROM=

GET
H2 200 870.bundle.323974846b6d45afb45e.js Show response
t.hellobonsai.com/analytics-next/bundles/ 17 KB
5 KB 9ms
9ms Script
application/javascript 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 22:16:15 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2989337
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 22:08:20 GMT
server: AmazonS3
etag: W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: vtk7WtzuZv7XC7.8W8paVYZjDVOB__Fh
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1, FRA60-P2
content-type: application/javascript
x-amz-cf-id: VaO34QREYOmh43Vjv9-P78Yn2z9RF4OOdtnQFLCAMTT_cKGSoJU1SQ==

GET
H2 200 ajs-destination.bundle.35a8f6f19959bf2f455f.js Show response
t.hellobonsai.com/analytics-next/bundles/ 10 KB
4 KB 10ms
10ms Script
application/javascript 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 22:16:15 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2989337
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 22:08:20 GMT
server: AmazonS3
etag: W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: stIn74GxOf97h5iB9Hjj_zHs2bMdyA0O
via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P6, FRA60-P2
content-type: application/javascript
x-amz-cf-id: Jn6LH4ASXdS75zDA1c52-LY_LGhgwjlirkXqAuDJ8_bqh6a4DeEkzQ==

POST
H2 200 / Show response
o921014.ingest.sentry.io/api/1482370/envelope/ 2 B
279 B 7421ms
4050ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o921014.ingest.sentry.io/api/1482370/envelope/?sentry_key=7f77e6426506409da8fbb0b3e6cbb24e&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.8.1

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 12:38:39 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://app.hellobonsai.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
DATA 200
OK truncated
/ 353 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 910d42773de429538b60f2bd714ebd734dd66dea33fcd52845228ea0daa77fe1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 controller-0ceda78a026ab57ff30ad8d7e4790a6a.html Show response
js.stripe.com/v3/ Frame B26C 351 B
1 KB 9ms
9ms Document
text/html 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ded2432debc66221d8d501bf5e7075cd45f8b4d4ced7f3dc8bec35771febffc3

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hellobonsai.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 38
cache-control: max-age=60
content-length: 351
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 12:37:58 GMT
etag: "0ceda78a026ab57ff30ad8d7e4790a6a"
last-modified: Fri, 29 Jul 2022 21:27:42 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-id: JhsVHHgzdHHT4ZhIEslb1aeNy_mNt8c8yJGkGWe_YTqMkeFRHnJIsw==
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html Show response
js.stripe.com/v3/ Frame 1420 810 B
2 KB 9ms
9ms Document
text/html 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9c28add258ddddedb4a19488d09a3dbdd252bb37d8f9634018d71395cf680851

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hellobonsai.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1628
cache-control: max-age=31536000
content-length: 810
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 12:11:35 GMT
etag: "83ba27ad154004a1d007fd22f26113f1"
last-modified: Fri, 29 Jul 2022 21:27:42 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-id: OjZDuWv9MWeV0grJehFqBwM_xbCNXOFhLlThTKMR0jHuXPLTidvsBQ==
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 201 plaid_link_tokens Show response
app.hellobonsai.com/api/v1/ 150 B
1 KB 417ms
416ms Fetch
application/json 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/api/v1/plaid_link_tokens

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ae1a9f0dd33ed94b0cb5d33846940a5e17761f21cfee7aa5366caf7df763508

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
X-CSRF-Token: z5rsc9j-vhoS1pypmdg_birQZ6ACznSDmxOYlWv20gcoFxgc8Ow6lNUWXp_gieNqdtHzuF6dTZJGbqAoz4xaIw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cf-ray: 734f1c667bed9bca-FRA
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
strict-transport-security: max-age=63072000; includeSubDomains
vary: Origin
x-xss-protection: 0
x-request-id: f8a5fbbc-15b5-428f-860c-7fbc597fc0a7
x-runtime: 0.092392
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5ae1a9f0dd33ed94b0cb5d33846940a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0vHHRc3QkbIgxLUZlMvlYMdF79j%2F0W%2FmTueTzRGsUwiDnTNrufrGRRwMGw222YYk1Qi46NHYmtHQ%2FzYu4AKEtE583PvAguZsP7J35f0sZ2qZy%2Fo0zwosSK5koSNj23cMV%2F3K9CekBPDb8BcGqpfktY%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: https://app.hellobonsai.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-security-policy: frame-ancestors 'self'
content-type: application/json; charset=utf-8

POST
H2 200 set_redirect Show response
app.hellobonsai.com/plaid_oauth/ 2 B
1 KB 140ms
140ms Fetch
application/json 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/plaid_oauth/set_redirect

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
X-CSRF-Token: z5rsc9j-vhoS1pypmdg_birQZ6ACznSDmxOYlWv20gcoFxgc8Ow6lNUWXp_gieNqdtHzuF6dTZJGbqAoz4xaIw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 12:38:32 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPtGOTZJZNGB5dzxkxvUWHKH4kYzQTjayvItl1yah9D7xzweHxHOSP8wOdA1ms3zHLmw%2BGkKhrxgjBHlzQBHfRhYbDgqBJ6%2F%2FnPkCyXjYtcFOwCEnUBTxPgUTnNWhD4dGhxqYtbltzqeNMvhtJhf3SA%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-xss-protection: 0
x-request-id: ef146343-a0df-4332-a1c4-13cb0aff9a09
x-runtime: 0.010558
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"44136fa355b3678a1146ad16f7e8649e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-security-policy: frame-ancestors 'self'
cf-ray: 734f1c667bef9bca-FRA

GET
H2 200 country_from_ip Show response
app.hellobonsai.com/api/v1/locations/ 33 B
1 KB 337ms
337ms Fetch
application/json 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/api/v1/locations/country_from_ip

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d58d10d6dac34d4e018996fa21056fb12ecdb3704f614549423e9e34fbdece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
X-CSRF-Token: z5rsc9j-vhoS1pypmdg_birQZ6ACznSDmxOYlWv20gcoFxgc8Ow6lNUWXp_gieNqdtHzuF6dTZJGbqAoz4xaIw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1pizQcGNW%2Bt1kDVmj6FG6EIPqYD82Qzrsa99Ic4%2BYM9pem2QFSyHhMTZQS4%2BCmiLnvDLmj8fkNsG69LzDDX6qgFE02%2BAL1nDab1wzsWvLqml3KIwd%2B9%2Bnc58aAxgUf%2FHHqzB1aDhSCHJa6xJ87psdU%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-xss-protection: 0
x-request-id: c7d24e1f-4ea4-4f9f-bc0a-f69d5ce68d4b
x-runtime: 0.038606
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"65d58d10d6dac34d4e018996fa21056f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
cf-ray: 734f1c668c069bca-FRA

GET
H2 200 country_from_ip Show response
app.hellobonsai.com/api/v1/locations/ 33 B
1 KB 374ms
374ms Fetch
application/json 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/api/v1/locations/country_from_ip

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d58d10d6dac34d4e018996fa21056fb12ecdb3704f614549423e9e34fbdece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
X-CSRF-Token: z5rsc9j-vhoS1pypmdg_birQZ6ACznSDmxOYlWv20gcoFxgc8Ow6lNUWXp_gieNqdtHzuF6dTZJGbqAoz4xaIw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XD4%2FM1WvtjoulOtQsBRVm91I6aj4klMsTrjfl45eIx8lkEAQ2QC%2B%2F2zjXgkkG3x4ROXBTlenSNss%2Fp8Z5mamfI4pIzRs6yd4BpslLyHW4k%2Bng4zLbzI05Y9gT7pb78EppaNgfLUUg1jXMZWOgp%2Fy2kk%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-xss-protection: 0
x-request-id: 52429372-7f86-4eae-b235-152707836e23
x-runtime: 0.051592
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"65d58d10d6dac34d4e018996fa21056f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
cf-ray: 734f1c669c1d9bca-FRA

GET
H2 200 ip_from_europe Show response
app.hellobonsai.com/api/v1/locations/ 20 B
1011 B 337ms
337ms Fetch
application/json 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/api/v1/locations/ip_from_europe

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

890f0e2f5861e182ed585b12def67327c781eee2ef7a08f5618e8f2b84a1d299

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
X-CSRF-Token: z5rsc9j-vhoS1pypmdg_birQZ6ACznSDmxOYlWv20gcoFxgc8Ow6lNUWXp_gieNqdtHzuF6dTZJGbqAoz4xaIw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voLFxDKDRkyVO8djzNiOX0dqS9VJ%2F3dLR4wnOKETkv8uKqih0Fr5Ag8jZcusOQ%2FlIg88qZzbz7KAWmOeW8%2F01TP34smMezZQkHo5M7iqrOCDlHWxOAfseBoGkH6b4DN5%2FKWxBQQomLKLmIKr90YVJNU%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-xss-protection: 0
x-request-id: 5f2dd807-0820-485b-a913-71d51cde12a8
x-runtime: 0.038870
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"890f0e2f5861e182ed585b12def67327"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
cf-ray: 734f1c669c1f9bca-FRA

GET
H2 200 country_from_ip Show response
app.hellobonsai.com/api/v1/locations/ 33 B
1 KB 347ms
347ms Fetch
application/json 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/api/v1/locations/country_from_ip

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d58d10d6dac34d4e018996fa21056fb12ecdb3704f614549423e9e34fbdece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
X-CSRF-Token: z5rsc9j-vhoS1pypmdg_birQZ6ACznSDmxOYlWv20gcoFxgc8Ow6lNUWXp_gieNqdtHzuF6dTZJGbqAoz4xaIw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPN8XOUzRN0o5SHEl9LxxBrplkWFkWsL8xxQBbxW62cgJd8V0EOP7wjQtmAgkOS83ZpvDOJnuh6hj9E4ZWdz9C1Hso%2BqkQOfzwFb0vkgRNmqlDbZLHuaXmlBD5quXZzy%2FnucnCt3vXgWWzQL5WFO9%2Fw%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-xss-protection: 0
x-request-id: 61a79a13-5790-4dc7-9576-d2c9a2b3657c
x-runtime: 0.037278
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"65d58d10d6dac34d4e018996fa21056f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
cf-ray: 734f1c66ac289bca-FRA

GET
H2 200 controller-0ceda78a026ab57ff30ad8d7e4790a6a.html Show response
js.stripe.com/v3/ Frame 69BA 351 B
1 KB 9ms
8ms Document
text/html 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ded2432debc66221d8d501bf5e7075cd45f8b4d4ced7f3dc8bec35771febffc3

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hellobonsai.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 38
cache-control: max-age=60
content-length: 351
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 12:37:58 GMT
etag: "0ceda78a026ab57ff30ad8d7e4790a6a"
last-modified: Fri, 29 Jul 2022 21:27:42 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-id: BC509DqiA3V0NDUYurwDu4Q_pcAOjeBIbJlUSJ45zk3obCfwBC5mPw==
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 country_from_ip Show response
app.hellobonsai.com/api/v1/locations/ 33 B
1 KB 352ms
352ms Fetch
application/json 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/api/v1/locations/country_from_ip

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d58d10d6dac34d4e018996fa21056fb12ecdb3704f614549423e9e34fbdece

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
X-CSRF-Token: z5rsc9j-vhoS1pypmdg_birQZ6ACznSDmxOYlWv20gcoFxgc8Ow6lNUWXp_gieNqdtHzuF6dTZJGbqAoz4xaIw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGR7bpVziTFATm87v8uIu%2BrvX2vpzG%2BprCB6eooSNuLssH98p5BL%2Fnszq5uN3FhVZRKo9WStDAM4NMrAPAQtYgRXjOw83vOXRsPIgwrJ5UYarS0FZWBQDDSZwPEZJEXF6%2F5UcOhwoEPIayeh2yvBBkA%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-xss-protection: 0
x-request-id: ed346069-f375-4814-86bb-a8ebb7b215d7
x-runtime: 0.045152
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"65d58d10d6dac34d4e018996fa21056f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
cf-ray: 734f1c66bc479bca-FRA

GET
H2 200 ip_from_europe Show response
app.hellobonsai.com/api/v1/locations/ 20 B
1013 B 363ms
363ms Fetch
application/json 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/api/v1/locations/ip_from_europe

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

890f0e2f5861e182ed585b12def67327c781eee2ef7a08f5618e8f2b84a1d299

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
X-CSRF-Token: z5rsc9j-vhoS1pypmdg_birQZ6ACznSDmxOYlWv20gcoFxgc8Ow6lNUWXp_gieNqdtHzuF6dTZJGbqAoz4xaIw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUzYjYMTE%2Feu%2Fd5XfYmaSCrf5JGHcZkxYnc%2FcFme2rJbFIWRw1O5i%2FI%2BXG7WX%2Bjb8xQtMdORSSWvoKTt5LbgI%2BHKs7xJyYp5Vsc6UVOi6dM4zuJyHc%2FBQcfks39sprxK4UMbt%2B96dOJhCkOfun8XJEU%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: br
x-xss-protection: 0
x-request-id: ea99a560-2ba4-4ffb-adec-34c039c4a27f
x-runtime: 0.039287
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"890f0e2f5861e182ed585b12def67327"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
x-download-options: noopen
content-type: application/json; charset=utf-8
cache-control: max-age=86400, public
content-security-policy: frame-ancestors 'self'
cf-ray: 734f1c66bc4b9bca-FRA

GET
H2 200 payment-request-inner-google-pay-db544c4e4ca706ec1fe40ab454099109.html Show response
js.stripe.com/v3/ Frame 8741 434 B
1 KB 8ms
8ms Document
text/html 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-db544c4e4ca706ec1fe40ab454099109.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ef7cec6494c4440776e1deb546fdfb609f8a37090294028ece94aa8cdb4cd78d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hellobonsai.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 45
cache-control: max-age=60
content-length: 434
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; font-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 12:37:48 GMT
etag: "db544c4e4ca706ec1fe40ab454099109"
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-id: YkG109ytas_d4W-az7inb1u55VTuLh5m56qUTVGjCGiRs6WdtiX1NQ==
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-95c831272f05feff407c236300e8289f.html Show response
js.stripe.com/v3/ Frame 9EED 370 B
2 KB 8ms
8ms Document
text/html 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-95c831272f05feff407c236300e8289f.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9d017ff22b281cd772b70d8b15af16bd6a8792f0e51b27e374f6a14a8647e260

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hellobonsai.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 46
cache-control: max-age=60
content-length: 370
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 12:37:47 GMT
etag: "95c831272f05feff407c236300e8289f"
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-id: SY-5q9uHs7Ie3YsFcrSeFyrjLFC-vOUfj4PZMq_KoFckeTXk_h_maA==
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 506ms
223ms Ping
application/json 2600:1f18:24e6:b900:ced3:8b66:1073:c601
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aproduction&dd-api-key=pub1c977e2af62d7b729f3cdfe8440cf32c&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=f1a5b53b-351f-4a93-ab0a-39cfc94b2f9a&batch_time=1659530312814
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/9326-19abfb492c5c5ac3de13.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:ced3:8b66:1073:c601 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 csp-report
q.stripe.com/ Frame B26C 0
571 B 874ms
498ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 40
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B26C 0
571 B 874ms
499ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 39
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1420 0
571 B 736ms
363ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 30
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1420 0
571 B 871ms
499ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 59
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 69BA 0
570 B 704ms
335ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 69BA 0
571 B 742ms
373ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 39
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8741 0
571 B 697ms
334ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8741 0
570 B 701ms
338ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9EED 0
571 B 722ms
363ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 29
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9EED 0
570 B 697ms
338ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-ee7c56bb43e4457408e31edc9af1e80b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B26C 249 KB
59 KB 11ms
9ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

cd604db5fa3861f64aa6c6e7815b774b6d6eb1047b5a48517f26c40e3dd1e9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 57
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:37:35 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
etag: W/"b0632f9d1f9085f906d9466c9c958707"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: 0vTPx6bciKvziagPKEIZhiStZeBgpq7KAzFmzKpLQPNfx48pIWvdGA==

GET
H2 200 controller-0be2bf2be72a1c381cfe4070f2f391a8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B26C 369 KB
93 KB 11ms
7ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-0be2bf2be72a1c381cfe4070f2f391a8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

02ad1b0d71bae7477b58e1ec25a823f215d4158588f82a20454fdbadb286c2f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 10
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:23 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:50 GMT
server: Cloudfront
etag: W/"43240ef01b69948b2499602a4d2efa2e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: dJ4cfhPmkq8f-4zmSZ2Pozsdc8-HSQ8OBBJnZ4h1HNJEfqpoe-CKJA==

GET
H2 200 ui-shared-1104b2481ba0bac028499b76824b8032.css
js.stripe.com/v3/fingerprinted/css/ Frame 1420 19 KB
3 KB 20ms
17ms Stylesheet
text/css 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1104b2481ba0bac028499b76824b8032.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 25
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:23 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:43 GMT
server: Cloudfront
etag: W/"ac79e433d75898d8e3712ae684cf6c65"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: Ihl4DBZAiE4Jm_Cu10SWWbp-Vtflv86bfpMhCnWDJH3O0UzKMi1qZQ==

GET
H2 200 elements-inner-card-27ca893a60852d1b2861657a398b2178.css
js.stripe.com/v3/fingerprinted/css/ Frame 1420 5 KB
1 KB 21ms
18ms Stylesheet
text/css 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-27ca893a60852d1b2861657a398b2178.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

406aee8e16677422cfdda788d097fec2bb6440a2aa9ce5e574bb7f9eb3fa024a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 42
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:03 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Tue, 02 Aug 2022 22:29:49 GMT
server: Cloudfront
etag: W/"470227332039df6189bb16ef598336e5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: ywK49syQ0VR4rtbtHPPauWa574nCsU2ZEAUdvr7Nz9B87fTA7J-xHw==

GET
H2 200 shared-ee7c56bb43e4457408e31edc9af1e80b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1420 249 KB
59 KB 24ms
21ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

cd604db5fa3861f64aa6c6e7815b774b6d6eb1047b5a48517f26c40e3dd1e9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 57
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:37:35 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
etag: W/"b0632f9d1f9085f906d9466c9c958707"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: IR8zLPwsQpLiO5HdXlPObUX2dR05CpCDOWjgUuECp44roUSOsIhSIg==

GET
H2 200 ui-shared-664c910ea218b6ed7d421642b668883a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1420 208 KB
60 KB 22ms
19ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-664c910ea218b6ed7d421642b668883a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b9f8781586b5327f18c191fea82e9d84dfe9761ccc932d0559bdfff7fee28201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 27
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:23 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
etag: W/"0a136310929ac2a9576fcc2cbcbb93ac"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: 42cKiKRugyp5nqPsL5-wYwCf5fdwI-dKTnfNeq01lQVccyM2wJg2tg==

GET
H2 200 elements-inner-card-ecff182d97cc21627fcf82d347f90062.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1420 46 KB
12 KB 26ms
23ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-ecff182d97cc21627fcf82d347f90062.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e47944ce8eea2607994a5fdc426a68a6456f61c62f49850f89e5706e440ac943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 16
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:23 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:51 GMT
server: Cloudfront
etag: W/"580a7338104cf2c8d70b894c4b99bdd4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: MQWtE1-fihHSY6ZGWca-GVF11q72BQ_XHBLB7NTHHMj19r5X7Tyl1g==

GET
H2 200 shared-ee7c56bb43e4457408e31edc9af1e80b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 69BA 249 KB
59 KB 26ms
24ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

cd604db5fa3861f64aa6c6e7815b774b6d6eb1047b5a48517f26c40e3dd1e9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 57
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:37:35 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
etag: W/"b0632f9d1f9085f906d9466c9c958707"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: o9ESs4-XF4VEWpKf0oK0sZP1zpE51EE1WlqmliIShOWC6579JrqUFQ==

GET
H2 200 controller-0be2bf2be72a1c381cfe4070f2f391a8.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 69BA 369 KB
93 KB 30ms
29ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-0be2bf2be72a1c381cfe4070f2f391a8.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

02ad1b0d71bae7477b58e1ec25a823f215d4158588f82a20454fdbadb286c2f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 10
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:23 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:50 GMT
server: Cloudfront
etag: W/"43240ef01b69948b2499602a4d2efa2e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: bxjBBKJ7bjIGPe-WqJamM3q7W-c3PRU5h2UnuEkcDJiuLNhZ5lBlKw==

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
452 B 871ms
285ms XHR
application/json 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.hellobonsai.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 m-outer-e38946e804432be68f641f02ebc1364f.html Show response
js.stripe.com/v3/ Frame B7B6 240 B
1 KB 16ms
6ms Document
text/html 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-e38946e804432be68f641f02ebc1364f.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9fc1fbb9b073659cb057d6241dac61a3e407df07ecb3dbfabce79c9491203497

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hellobonsai.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1972
cache-control: max-age=31536000
content-length: 240
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 12:05:41 GMT
etag: "e38946e804432be68f641f02ebc1364f"
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-id: Yl-IjmqNHVR59WoRwurnUUlsbphswowp9p-8PaaXholBk12AqMIRFg==
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 401 t Show response
app.hellobonsai.com/ 61 B
1 KB 152ms
143ms Fetch
application/json 2606:4700:20::ac43:4b74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellobonsai.com/t

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0393dc9df69db9522a48431ae24fa4d59942ff1d6aa0054bef8f3161aedd9fb7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept: application/json
Referer: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
X-CSRF-Token: z5rsc9j-vhoS1pypmdg_birQZ6ACznSDmxOYlWv20gcoFxgc8Ow6lNUWXp_gieNqdtHzuF6dTZJGbqAoz4xaIw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

x-runtime: 0.008795
date: Wed, 03 Aug 2022 12:38:33 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ih%2Byuwz%2BKK%2BbyrEqYt6LZ4b0wOE3QZAO2fIpGNXjHQB%2FcCPzWiYXLTxIOOXP0XTFOJEexDp7xjqOzEw%2B93Rq3l7ggSO62yucXqP0AWYUgvuRhO%2FQTjRed5oclFSOekTtA85XycLV8SCL4PydA4hu%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cache-control: no-cache
content-security-policy: frame-ancestors 'self'
cf-ray: 734f1c678e399bca-FRA
x-request-id: 457f45bb-b559-4a96-b05c-046330164e6c

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 8741 95 KB
31 KB 640ms
65ms Script
application/javascript 173.194.76.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-db544c4e4ca706ec1fe40ab454099109.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f92.1e100.net

Software

ESF /

Resource Hash

3b6f87e7eb7e27cb769f7552282850747393fd7d3d374ab20f28a3326d7280d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-t6mmgMo53Wd_OeJixkIBWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-t6mmgMo53Wd_OeJixkIBWg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-t6mmgMo53Wd_OeJixkIBWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-t6mmgMo53Wd_OeJixkIBWg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Wed, 03 Aug 2022 12:38:33 GMT

GET
H2 200 shared-ee7c56bb43e4457408e31edc9af1e80b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8741 249 KB
59 KB 11ms
9ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-db544c4e4ca706ec1fe40ab454099109.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

cd604db5fa3861f64aa6c6e7815b774b6d6eb1047b5a48517f26c40e3dd1e9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-db544c4e4ca706ec1fe40ab454099109.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 57
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:37:35 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
etag: W/"b0632f9d1f9085f906d9466c9c958707"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: NbVmEIEknZnfF-WR0X7riCKQuyO7UnTwaYlxx8tCM-URXYILWq4b1g==

GET
H2 200 payment-request-inner-google-pay-2d727a572ae19f20bd629029b9702595.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8741 14 KB
5 KB 12ms
11ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-2d727a572ae19f20bd629029b9702595.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-db544c4e4ca706ec1fe40ab454099109.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e0b0f145c7e2d4dc088034e19c6f9d802468f4bbae83df9b84129a19a5ceef9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-db544c4e4ca706ec1fe40ab454099109.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 10
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:23 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
etag: W/"a48d9556005e9dc54d34c45fa9167545"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: QS1ZbgCylNWEWsXarAfOqlqEFI9QqWk7xHewDtwrS0z2sAC4VzFj5A==

GET
H2 200 shared-ee7c56bb43e4457408e31edc9af1e80b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9EED 249 KB
59 KB 12ms
11ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-95c831272f05feff407c236300e8289f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

cd604db5fa3861f64aa6c6e7815b774b6d6eb1047b5a48517f26c40e3dd1e9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-95c831272f05feff407c236300e8289f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 57
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:37:35 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
etag: W/"b0632f9d1f9085f906d9466c9c958707"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: Jeg5KZF_PzwmYLI9YzAlulcRGyzvobebAYtuP2ngCe56jxhDEQLdTw==

GET
H2 200 payment-request-inner-browser-68f02848c1ee0c1fd96647176a6b3608.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9EED 12 KB
5 KB 14ms
14ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-68f02848c1ee0c1fd96647176a6b3608.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-95c831272f05feff407c236300e8289f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9fbd0e0a2695ed3b76a92490df70ed2a152492204c2b2ee753c5f0e16d609f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-95c831272f05feff407c236300e8289f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 57
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:37:35 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
etag: W/"e05740f3970ec44bb2bc2e9183c28bc8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: A-wG59el4i9dl6iLNBsBXtWIJEYsLKkAXB8pULTtOXWYxMKll5KEDw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 3359ms
3358ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2107703475&t=pageview&_s=1&dl=https%3A%2F%2Fapp.hellobonsai.com%2Fi%2F3911b48fa81eea0%3Futm_campaign%3Dauto_remind_client_invoice_unpaid%26utm_content%3Dprimary-btn%26utm_medium%3Demail%26utm_source%3Dinvoice&ul=en-us&de=UTF-8&dt=Boldface%20Branding%20Corp.%20-%20LVN%20Retreat%20%2722%20Logo%20Invoice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1089988947&gjid=1655397055&cid=937451473.1659530313&tid=UA-64681547-1&_gid=272807521.1659530313&_r=1&_slc=1&z=45688052

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 12:38:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.hellobonsai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 439ms
254ms Ping
application/json 2600:1f18:24e6:b900:ced3:8b66:1073:c601
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aproduction&dd-api-key=pub1c977e2af62d7b729f3cdfe8440cf32c&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=ea8bd6ce-b290-424d-a239-492428e976fe&batch_time=1659530312913
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/9326-19abfb492c5c5ac3de13.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:ced3:8b66:1073:c601 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 csp-report
q.stripe.com/ Frame B7B6 0
571 B 779ms
499ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 59
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B7B6 0
571 B 652ms
372ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 38
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
t.hellobonsai.com/analytics-next/bundles/ 2 KB
1 KB 15ms
14ms Script
application/javascript 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 22:16:16 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2989336
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 22:08:20 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: _bVAvSb.zO94VlQCaQI95B27Iepz9jXA
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5, FRA60-P2
content-type: application/javascript
x-amz-cf-id: mcC_TmspZ29gn1PcFUX-f_BPDz8B4kCLjrNLq_9tK4iF3TkDNjieUw==

GET
H2 200 m-outer-613f8ee1abc1602a543fee9327eab032.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B7B6 526 B
1021 B 8ms
8ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-613f8ee1abc1602a543fee9327eab032.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-e38946e804432be68f641f02ebc1364f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-e38946e804432be68f641f02ebc1364f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 24
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:09 GMT
content-length: 526
last-modified: Fri, 29 Jul 2022 21:27:51 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Ob3YgXNNIvxHorDFQbw0houAvxiIOLgpxATRgqcFWKc7yhuqchzEjg==

GET
H2 200 countryRanges-2362ae52e66bb2e80a8043e5add253fa.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 1420 143 KB
36 KB 25ms
10ms Fetch
application/json 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/countryRanges-2362ae52e66bb2e80a8043e5add253fa.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6de48c97b08bca88630c7a68fe36fe18a43010ed4d33add156a505fb84176694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-83ba27ad154004a1d007fd22f26113f1.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 1
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:33 GMT
via: 1.1 da4de4427d18bee1d3254f1bbdad25f2.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:43 GMT
server: Cloudfront
etag: W/"2362ae52e66bb2e80a8043e5add253fa"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: J3PJ05mmeA1oMvEH2Wq0Q-u9MEQqHNu3-I3pSvHXCiMQ36cQ_2xEGg==

GET
H2 200 1489-423d1329423fd360f27316019b22a0c7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B26C 231 KB
47 KB 9ms
9ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/1489-423d1329423fd360f27316019b22a0c7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-0be2bf2be72a1c381cfe4070f2f391a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ce3dc891c88609c872bc8f424a458d92980c0d34f97641b3869206bcab568f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 39
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:37:53 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:49 GMT
server: Cloudfront
etag: W/"e6ae44448e6759cb629b27f1c4896477"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: 6MkK7bHhdkxtEXQrLRXDDIG1D6NcNkyM9inGvNGqfbdvg_tTYdaOfA==

GET
H2 200 phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B26C 2 KB
1 KB 10ms
10ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-0be2bf2be72a1c381cfe4070f2f391a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 11
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:23 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
etag: W/"f1717e2e478c68d16ccd7b37768700be"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: OSHRecj07SpeDwgtYCIn4p-Eof13cltCjyqiKEY55Lp-tFl06TrQLw==

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 704ms
329ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 1489-423d1329423fd360f27316019b22a0c7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 69BA 231 KB
47 KB 9ms
9ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/1489-423d1329423fd360f27316019b22a0c7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-0be2bf2be72a1c381cfe4070f2f391a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ce3dc891c88609c872bc8f424a458d92980c0d34f97641b3869206bcab568f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 39
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:37:53 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:49 GMT
server: Cloudfront
etag: W/"e6ae44448e6759cb629b27f1c4896477"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: ABs0i7BhrHvj3VtMT_xtcd2rih7g9WXSl9zYPF8IV4L_BR4p9z0_fA==

GET
H2 200 phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 69BA 2 KB
1 KB 10ms
10ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-0be2bf2be72a1c381cfe4070f2f391a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-0ceda78a026ab57ff30ad8d7e4790a6a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 11
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:23 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
etag: W/"f1717e2e478c68d16ccd7b37768700be"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: osCSkXzq6pNy4YZ3iUVRTr2OUIkG3NiS_L-TyjdHFPkUkG4gff5SGA==

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
128 B 689ms
328ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 168F 930 B
1 KB 46ms
9ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-613f8ee1abc1602a543fee9327eab032.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 280
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 12:38:33 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 301
x-content-type-options: nosniff
x-request-id: 3282a5d0-f557-4357-8da3-d2e7e113d69a
x-served-by: cache-fra19128-FRA
x-timer: S1659530313.081832,VS0,VE0

GET
H2 200 customerio.dynamic.js.gz Show response
t.hellobonsai.com/next-integrations/integrations/customerio/2.2.3/ 3 KB
2 KB 19ms
16ms Script
application/javascript 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/next-integrations/integrations/customerio/2.2.3/customerio.dynamic.js.gz
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3691b83d5b7d1bb2a8d737e8db3fa9d17286f47e967e70fe596126a81434d367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 20:37:25 GMT
content-encoding: gzip
age: 9302469
x-cache: Miss from cloudfront
content-length: 1475
access-control-allow-origin: *
last-modified: Tue, 12 Apr 2022 23:48:25 GMT
server: AmazonS3
etag: "936f0597e41e7272238e1dff1b6c4c4e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: E.o0uhmvgGJUyZPvYPEdr2egEhQtLCLI
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5, FRA60-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: wuMzFSCogcmX6SsUWY-6d2CCCkxJm6fFSyy0muRMQ5kECFvQZWjxxw==

GET
H2 200 facebook-pixel.dynamic.js.gz Show response
t.hellobonsai.com/next-integrations/integrations/facebook-pixel/2.11.4/ 10 KB
4 KB 20ms
17ms Script
application/javascript 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/next-integrations/integrations/facebook-pixel/2.11.4/facebook-pixel.dynamic.js.gz
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a606f215a29b0916df97dcca69b90e43128fca3bc8f237c3f56d58f4cf800ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 23:12:37 GMT
content-encoding: gzip
age: 393957
x-cache: Miss from cloudfront
content-length: 3271
access-control-allow-origin: *
last-modified: Wed, 27 Jul 2022 23:49:23 GMT
server: AmazonS3
etag: "11d09c60390d4846b90b372bd58cf329"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: CGkJW6q98gBzn6rQId781tfOj5NjRYPS
via: 1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1, FRA60-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: XcQznmkKyMWLxfgocFYF5U9PliAaNB6X-ihB0iL23Ml2LWC6fvMQaQ==

GET
H2 200 google-tag-manager.dynamic.js.gz Show response
t.hellobonsai.com/next-integrations/integrations/google-tag-manager/2.5.1/ 3 KB
2 KB 28ms
26ms Script
application/javascript 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61e30021b4f5466e1a6c9d4599b100c1e72f4c6162dc3d656bc3ed7dae00bb89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 25 Jul 2022 12:16:10 GMT
content-encoding: gzip
age: 778944
x-cache: Miss from cloudfront
content-length: 1344
access-control-allow-origin: *
last-modified: Fri, 22 Jul 2022 23:48:15 GMT
server: AmazonS3
etag: "e0f5b8ec276a05ac7b57aac9ddb79cdc"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 4IQJ2jYTIqRMutpV.Ybomcjd34RcAiXO
via: 1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA6-C1, FRA60-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: OmxxRRJ8sLmGjlTB7pLCWzQpvSYqQjYmvcfUZ5Mbj7fAA0k7bB7xpg==

GET
H2 200 appcues.dynamic.js.gz Show response
t.hellobonsai.com/next-integrations/integrations/appcues/2.3.0/ 3 KB
2 KB 29ms
27ms Script
application/javascript 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/next-integrations/integrations/appcues/2.3.0/appcues.dynamic.js.gz
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dccafd57e3aa5cb1c0b3ef434752d3c5603a04db6814672fe2404f7fee7700f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 19 May 2022 22:24:21 GMT
content-encoding: gzip
age: 6531253
x-cache: Miss from cloudfront
content-length: 1180
access-control-allow-origin: *
last-modified: Tue, 17 May 2022 00:03:02 GMT
server: AmazonS3
etag: "f58d0ed19cdeb36e11a535c07d25d6d1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: lnaiJnZM_oLg4RsPOhMD_115p4Tt8uaA
via: 1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5, FRA60-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: p7fWJH3E6x-FLs82Fffgn8_U_vZkDFtMCKE0k12PHb4nwLbIkbFpGw==

GET
H2 200 intercom.dynamic.js.gz Show response
t.hellobonsai.com/next-integrations/integrations/intercom/3.0.2/ 4 KB
2 KB 26ms
24ms Script
application/javascript 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/next-integrations/integrations/intercom/3.0.2/intercom.dynamic.js.gz
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d1830c2339818ab302f9407a3f9ed0494fffbaf20ba45437fc41577212254cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 19 May 2022 00:33:24 GMT
content-encoding: gzip
age: 6609910
x-cache: Miss from cloudfront
content-length: 1858
access-control-allow-origin: *
last-modified: Tue, 17 May 2022 00:03:02 GMT
server: AmazonS3
etag: "cceddead2afa3948c7727ea24bd54aed"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: VTbrPYLzlLYhdCym1upYcmDfBuDh8RIU
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5, FRA60-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Ww6Bo5EEUeUEzCgV6kEHIgOUVTueM8XH3DigRmummkIcUODXK4Eang==

GET
H2 200 amplitude.dynamic.js.gz Show response
t.hellobonsai.com/next-integrations/integrations/amplitude/3.3.3/ 9 KB
4 KB 24ms
23ms Script
application/javascript 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/next-integrations/integrations/amplitude/3.3.3/amplitude.dynamic.js.gz
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdf49508346acd9ea140cd09bce9dfde1e2c7ba5527d96ad6f15c65cafe63de1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:30:36 GMT
content-encoding: gzip
age: 14605678
x-cache: Miss from cloudfront
content-length: 3183
access-control-allow-origin: *
last-modified: Wed, 09 Feb 2022 22:20:43 GMT
server: AmazonS3
etag: "d83179c25dde0340502b9078dff72c63"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: XnVHF4CSH7tRaWgAv3_9TtiDhrcuPS3a
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1, FRA60-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 7Kdj2h-KviQkTpCBUAoPOzq_xLeFK8P1bvQKBI68fP3PGikqVY3xAQ==

GET
H2 200 hotjar.dynamic.js.gz Show response
t.hellobonsai.com/next-integrations/integrations/hotjar/1.4.0/ 3 KB
2 KB 17ms
16ms Script
application/javascript 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/next-integrations/integrations/hotjar/1.4.0/hotjar.dynamic.js.gz
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6da9ff2ca86294c7ab6f45ac2a48efab2d427f84915426cd8b888197ad39a7b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 18:01:17 GMT
content-encoding: gzip
age: 5251036
x-cache: Miss from cloudfront
content-length: 1337
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 20:08:19 GMT
server: AmazonS3
etag: "445a758f4c70468aed676b62151fff1f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: T_UqtgTmKKFALX49RqFts15mskE5mhOV
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5, FRA60-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: S8fN9IldJifBeXae9_vekhUlLFn4VjSDNoXYC8L_dO9JEtmXdj8aTw==

GET
H2 200 google-adwords-new.dynamic.js.gz Show response
t.hellobonsai.com/next-integrations/integrations/google-adwords-new/1.2.1/ 4 KB
2 KB 25ms
24ms Script
application/javascript 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/next-integrations/integrations/google-adwords-new/1.2.1/google-adwords-new.dynamic.js.gz
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c861edac7f4f16c26218d1901867f8d51a57d66c4bdf98a2328e6aa064c3ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 18 May 2022 00:34:44 GMT
content-encoding: gzip
age: 6696230
x-cache: Miss from cloudfront
content-length: 1637
access-control-allow-origin: *
last-modified: Tue, 17 May 2022 00:03:02 GMT
server: AmazonS3
etag: "42d5be27ccbd8a0a8aafd8ba7a7470c7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: T_ZvcSyag1gM.fo5ApJa8LHqUnnHtEy8
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5, FRA60-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: I9QhhRuWsoY8l-4dOYp0lSGxdCm2ns63s6hYTAyAhrq4E-z9qnVUwQ==

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 665ms
330ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 666ms
331ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 674ms
340ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 665ms
332ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 673ms
340ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 672ms
340ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 817ms
489ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 817ms
489ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 663ms
337ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 816ms
491ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 661ms
337ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 812ms
490ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 653ms
331ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 661ms
339ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 661ms
339ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 811ms
490ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 812ms
490ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 809ms
488ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 809ms
489ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 650ms
330ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 648ms
329ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 657ms
338ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 650ms
339ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 648ms
338ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 792ms
490ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame 168F 0
344 B 442ms
341ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 12:38:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 8
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 342ms
340ms Ping
application/json 2600:1f18:24e6:b900:ced3:8b66:1073:c601
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aproduction&dd-api-key=pub1c977e2af62d7b729f3cdfe8440cf32c&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=55f8e88f-6844-4af9-a8dd-8d99aac1fa67&batch_time=1659530313109
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/9326-19abfb492c5c5ac3de13.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:ced3:8b66:1073:c601 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 commons.54701049fd6fb8497e9e.js.gz Show response
t.hellobonsai.com/next-integrations/integrations/vendor/ 73 KB
22 KB 15ms
15ms Script
application/javascript 2600:9000:2250:8000:6:9b9d:3240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.hellobonsai.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:8000:6:9b9d:3240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 22 May 2022 06:32:08 GMT
content-encoding: gzip
age: 6329186
x-cache: Miss from cloudfront
content-length: 22174
access-control-allow-origin: *
last-modified: Tue, 17 May 2022 00:03:00 GMT
server: AmazonS3
etag: "7741fd16ad2418cd17ab981f8207b106"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: SbH57kq0iL04.JDZiX5MWfYyPNRXJEVt
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront), 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5, FRA60-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: IUp9TKSxWg3VmO4SXdUVZeiMtlDJlgLxQ1hz2MFW89qPjJxnSrf9Uw==

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 612ms
338ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 763ms
491ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 168F 86 KB
16 KB 8ms
8ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 135
x-cache: HIT
content-length: 16031
x-request-id: 4bdab53e-ca4c-41c6-ac02-0edb6b9a700f
x-served-by: cache-fra19128-FRA
server: Fastly
x-timer: S1659530313.127529,VS0,VE0
date: Wed, 03 Aug 2022 12:38:33 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 136

GET
H2 200 hotjar-943616.js Show response
static.hotjar.com/c/ 5 KB
3 KB 71ms
39ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-943616.js?sv=6

Requested by

Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/next-integrations/integrations/hotjar/1.4.0/hotjar.dynamic.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

737421f9bdc9f786634a6346810146a6b3294f40796b0d9854591b7544676eda

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/609d5fd9e740420f055c4280ba7cbf7d
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: aY3LyBTsXzvoap5fGUQYtrm0PNHDQqo_bOc02d50fZmKWZzQcvy_BA==
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)

GET
H2 200 link.html Show response
cdn.plaid.com/link/v2/stable/ Frame 2ED3 2 KB
1 KB 452ms
451ms Document
text/html 108.138.36.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/v2/stable/link.html?isHostedTrustedAuth=false&isLinkInitialize=true&origin=https%3A%2F%2Fapp.hellobonsai.com&token=link-production-b72bcec5-80ec-48d6-a485-4801fa8da7b1&uniqueId=1&version=2.0.1357
Requested by: Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-26.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8f050d0e2baa018fa2b85081857674d69241818c3611a9b3e7081cc3226c1b8

Request headers

Referer: https://app.hellobonsai.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17052
cache-control: no-cache,must-revalidate,max-age=0
content-encoding: gzip
content-type: text/html
date: Wed, 03 Aug 2022 07:54:22 GMT
etag: W/"9549e3699b6ba339d212e08891986d58"
last-modified: Wed, 03 Aug 2022 07:28:11 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-cf-id: p155ePc1_rY7IA4vZX2t1zZ1d-lolVjkfU-8N56sTm79D04wAp3q7g==
x-amz-cf-pop: MUC50-P2
x-amz-id-2: g5CCj3gcNIQZ0SPt8V5AEXwe2T7UIksjQl5sWV7IwgraGuLcg7km2Nt2RqX9dRo8l8B0I/GGTiI=
x-amz-replication-status: COMPLETED
x-amz-request-id: HHMKVNNPHT2FEB9N
x-amz-server-side-encryption: AES256
x-amz-version-id: e8RUPEWFsDweShme87Jqa2vKvPb7S7ih
x-cache: Hit from cloudfront

GET
H2 200 track.js Show response
assets.customer.io/assets/ 5 KB
2 KB 93ms
18ms Script
application/javascript 2600:9000:211a:9000:11:9cfd:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.customer.io/assets/track.js
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211a:9000:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 765618d1667ba791f2d492d121d2da42ff7d7e079a4773462a381ac9aceab0c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:08:17 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 23:16:41 GMT
server: AmazonS3
age: 27018
etag: W/"15e89eedddf82c193d5c3574b756f5a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: EyysAg4aa7coG_JPZYSfH5PeVAYDUQO92XunnfiyYvQGCKc7_fAp5w==

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ 54 KB
18 KB 66ms
8ms Script
application/javascript 52.222.206.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-178.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 23:28:42 GMT
content-encoding: gzip
age: 16204192
x-cache: Hit from cloudfront
content-length: 17889
access-control-allow-origin: *
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
via: 1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: pJ47EUC2wDC4fXhXe5tcevJXon-iIh_qSQTdAbTteO9XSpR1kCOHhA==

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/vu2ry3p0
https://js.intercomcdn.com/shim.latest.js

18 KB
6 KB

64ms
7ms

Script
application/javascript

18.66.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Protocol: H2
Server: 18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-67.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57f2ac3aae4e3ec962798f2a2bc60cdb72f53ca4014f6824d8192d32adc5e190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:37:29 GMT
content-encoding: gzip
age: 65
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6169
last-modified: Wed, 03 Aug 2022 10:12:19 GMT
server: AmazonS3
etag: "f4c817c3fe55913e822062bc1dfed694"
x-amz-version-id: jeJyVx9sF5sI_1tlmS.KVYD6jNJrvcoB
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
x-amz-cf-id: _9iBKnhs4HYWHd8zri-h2biFjC0A5-VVuINwi0fXKpZuSDZKSlUNVg==

Redirect headers

date: Thu, 02 Jun 2022 20:20:33 GMT
via: 1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
server: AmazonS3
age: 5329081
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: FRA56-P7
content-length: 0
x-amz-cf-id: LjyudmRXbLPrnUE9OgMEtaxYbvrU5leYgaTa-ra8SSrDFbATUl9wGQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 169 KB
62 KB 569ms
282ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-946032984

Requested by

Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33fc94d281960261fcc6ce6ed347179ddece87119ed96309a5886c3ac996e9df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62484
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Aug 2022 12:38:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
37 KB 597ms
310ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P6RMTD5&l=dataLayer

Requested by

Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d0240e107b92947ccc11124e11633ccd7ba1f462d5bc530d17a993e41c2ee61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37508
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Aug 2022 12:38:33 GMT

GET
H2 200 41761.js Show response
fast.appcues.com/ 21 KB
5 KB 243ms
181ms Script
text/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/41761.js
Requested by: Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 7f9b4109b228c91936e892ffc04f42caacee7b416494ba17c478636b6e300936

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 4854
x-request-id: FwfWBwmi6R0_yTG4hmcj
x-served-by: cache-fra19130-FRA
access-control-allow-origin: *
server: Cowboy
x-timer: S1659530313.333976,VS0,VE174
vary: accept-encoding, Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=120,public
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
27 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97d2d7795d8696da8f15abfbc4ed528f5d97767966a23ad602f276c8d6680de9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26222
x-xss-protection: 0
pragma: public
x-fb-debug: JTSeEYUhShx8ODQWhMMGU6zYzeIpZNIFT8rNBvL/rLOrW3YrW91bienPKd8zwVXIdWBwd0mvDykgOscaLDy6Pw==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 03 Aug 2022 12:38:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 168F 156 B
522 B 549ms
174ms XHR
application/json 52.43.93.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.93.136 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-93-136.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

c4191577415124ca93de4a8cd328e2c8b7becb8fd44a8239f970a9a19f51d7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 p Show response
sgmt.hellobonsai.com/v1/ 21 B
330 B 584ms
481ms Fetch
application/json 2600:9000:211a:e200:10:7ddc:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sgmt.hellobonsai.com/v1/p

Requested by

Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:e200:10:7ddc:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
via: 1.1 c8710a117c1dfdaea4e9dfc4d41970d2.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://app.hellobonsai.com
strict-transport-security: max-age=31536000
content-length: 21
x-amz-cf-id: ou_qnYQt_wf6UElrT-feLdVSFINr0FRrZgGElOYz0wkmikpEjR2eJA==

POST
H2 200 t Show response
sgmt.hellobonsai.com/v1/ 21 B
331 B 577ms
479ms Fetch
application/json 2600:9000:211a:e200:10:7ddc:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sgmt.hellobonsai.com/v1/t

Requested by

Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:e200:10:7ddc:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
via: 1.1 c8710a117c1dfdaea4e9dfc4d41970d2.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://app.hellobonsai.com
strict-transport-security: max-age=31536000
content-length: 21
x-amz-cf-id: EqwMP9wr93tfzorzNJFwuN78Ijl20vrLfOcjBzLvIFn0aHTHfJdXyw==

POST
H2 200 t Show response
sgmt.hellobonsai.com/v1/ 21 B
330 B 573ms
478ms Fetch
application/json 2600:9000:211a:e200:10:7ddc:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sgmt.hellobonsai.com/v1/t

Requested by

Host: t.hellobonsai.com
URL: https://t.hellobonsai.com/analytics.js/v1/MtNXhZi4H25OyhDlNUe7XK4C7pWt5HMJ/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211a:e200:10:7ddc:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
via: 1.1 c8710a117c1dfdaea4e9dfc4d41970d2.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://app.hellobonsai.com
strict-transport-security: max-age=31536000
content-length: 21
x-amz-cf-id: ytxZXOXm-jaMWWFbixOz23v5eUnuu1JDre2iKhQhJaNvK5ItQaakSw==

GET
H2 200 modules.5d050be37fa3fcc28f90.js Show response
script.hotjar.com/ 248 KB
64 KB 74ms
22ms Script
application/javascript 18.66.15.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5d050be37fa3fcc28f90.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-943616.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-120.vie50.r.cloudfront.net

Software

Resource Hash

9594ff4a7989d3edaad4239be043a1dec33d992b4e547cdeec5041e894548041

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 11:39:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3567
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64718
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 11:38:57 GMT
etag: "e1db1e6d1bcb7ee08b73da806fd913ab"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: zIJ-ukUkAMRgAPgDnV-JojkK298D86DFDYZSBe66nnCXVq-_rNnuUg==

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.70

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: RnfZ6lhmkGUATO769j+iURhA8i6n+699eRPTJRvKBlTlDwQPjZTXSDTufEHSRDBJLNrIpyVjuAKfAivHXh5i4Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 03 Aug 2022 12:38:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 740252973613625 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 68ms
59ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/740252973613625?v=2.9.70&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

411195013efde9947c4d35f130bc55cef035576ce6e9c576f83cb57a4e1477cc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: es3sS0t0MyxR/2J2JfmMabPZX3k7D6mwxr7nLeikJCqIgYwKWnU1+rEf34Uk9EEIfFuzFY7fPPH6MNTIw3PivA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 03 Aug 2022 12:38:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1659530313383
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 545ms
170ms XHR
text/html 44.239.247.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.247.156 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-247-156.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 03 Aug 2022 12:38:33 GMT
trace-id: Root=1-62ea6c49-3a02644e709229f735ef5961
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 box-54d18b2ccd1c7fa42c71f18525ba4ad0.html Show response
vars.hotjar.com/ Frame 66F1 2 KB
1 KB 40ms
9ms Document
text/html 18.66.139.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-54d18b2ccd1c7fa42c71f18525ba4ad0.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-943616.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.28 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-28.fra60.r.cloudfront.net

Software

Resource Hash

3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://app.hellobonsai.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 168626
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 01 Aug 2022 13:48:07 GMT
etag: "b310868fbdb4c8ee7d37e1b85ae269fa"
last-modified: Mon, 01 Aug 2022 13:47:35 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-id: bD9O1A8T9TV64mSX6g2r2aRnsU3keU1W73iRQyAmuLt7gVp-DYgFrg==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 frame-modern.c0368ce5.js Show response
js.intercomcdn.com/ Frame B882 333 KB
89 KB 9ms
8ms Script
application/javascript 18.66.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.c0368ce5.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/vu2ry3p0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-67.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91a43805bf1a6bcfd115f56c6f166c0fe894000a93c5226ec4adca8024c6b25a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: WjlPI_DGUvyrCqwkqI58ovTSdkL4i_5Q
content-encoding: gzip
etag: "0eac9d0081cf3aae16d5f52c9aaa45a4"
age: 1565
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 90687
last-modified: Wed, 03 Aug 2022 10:10:49 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 12:12:29 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: CJFU5oCcukFjiI4fxu08poS26nMU-DJunC0ieJP-0XAazUZIfSvS8w==

GET
H2 200 vendor-modern.fc3879eb.js Show response
js.intercomcdn.com/ Frame B882 190 KB
58 KB 21ms
21ms Script
application/javascript 18.66.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.fc3879eb.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/vu2ry3p0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-67.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6245cfb6837200afad7d1e996318074e0703f1bc7b399d1d40df8474bc575e96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: L9IiAO3WttARUL9zUiKtoieijpeB8sN4
content-encoding: gzip
etag: "5c6190540e1f16a37bbe4d3ad4a3ac43"
age: 1219
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59305
last-modified: Fri, 29 Jul 2022 13:21:26 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 12:18:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: h_2uUeNzItXW0Zcpij0AO3B40lKJ21E0X9zMRhYytEN9lrcNshqkvQ==

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 26ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=740252973613625&ev=PageView&dl=https%3A%2F%2Fapp.hellobonsai.com%2Fi%2F3911b48fa81eea0%3Futm_campaign%3Dauto_remind_client_invoice_unpaid%26utm_content%3Dprimary-btn%26utm_medium%3Demail%26utm_source%3Dinvoice&rl=&if=false&ts=1659530313473&sw=1600&sh=1200&ud[external_id]=447a62eae4a0537215137d7b651aa4448191f4f9758a363f39713e34e17d2a1f&v=2.9.70&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1659530313473.500011556&it=1659530313317&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 03 Aug 2022 12:38:33 GMT

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame B882 4 KB
2 KB 735ms
533ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.c0368ce5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

1c39f7258969348e3aef25efe85bdbe8b62ebe8765a913ee3466e36bb303c630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 03 Aug 2022 12:38:34 GMT
content-encoding: gzip
x-ami-version: ami-0cfceb8998f250748
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept,Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 0003ra2kuo0v2qgkkba0
x-runtime: 0.428190
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1c39f7258969348e3aef25efe85bdbe8"
x-ratelimit-remaining: 13332
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.hellobonsai.com
x-intercom-version: 97014d00ed07263951c1e3c6742f5d9575d77385
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1659530320
x-ratelimit-limit: 13333
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-content-type-options: nosniff

GET
H2 200 appcues.main.45031d4f7f9295098127a82b02c0c8ac93f9decc.js Show response
fast.appcues.com/generic/main/4.39.12/ 411 KB
116 KB 24ms
7ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.39.12/appcues.main.45031d4f7f9295098127a82b02c0c8ac93f9decc.js
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/41761.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 980d4ee669cdd21603d6cbcf66f06e23676e656d4fc51b015eb3368db8ba476f

Request headers

Referer: https://app.hellobonsai.com/
Origin: https://app.hellobonsai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
content-encoding: gzip
age: 152689
via: 1.1 varnish
x-cache: HIT
content-length: 117856
x-amz-id-2: AuEuvXhqIRmhdrnSuyCjdJ0vIR4FvmC4MqqDZFp6UL0QRN6v066gwfe/iOowHRyn6UKwtUuzx/g=
x-served-by: cache-fra19141-FRA
timing-allow-origin: *
last-modified: Mon, 01 Aug 2022 18:03:15 GMT
server: AmazonS3
x-timer: S1659530314.580765,VS0,VE0
etag: "6d575deacee27ac97eb5ea7672ef6ec3"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id: 9W92P7HXP1MZKT9P
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 10700

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame E28D 18 KB
8 KB 391ms
89ms Document
text/html 173.194.76.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f92.1e100.net

Software

ESF /

Resource Hash

ff4313a0274c7d3c6948fa2a2ed5571a12a28b9867310e38f0ea86fce0b1a9d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2FTOtFEhYuJObD9BXi4HLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-2FTOtFEhYuJObD9BXi4HLg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2FTOtFEhYuJObD9BXi4HLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-2FTOtFEhYuJObD9BXi4HLg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 03 Aug 2022 12:38:33 GMT
expires: Wed, 03 Aug 2022 12:38:33 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 153ms
153ms Ping
application/json 2600:1f18:24e6:b900:ced3:8b66:1073:c601
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aproduction&dd-api-key=pub1c977e2af62d7b729f3cdfe8440cf32c&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=6ca5aaa8-dd54-4745-8eac-41d189631ceb&batch_time=1659530313603
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/9326-19abfb492c5c5ac3de13.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:ced3:8b66:1073:c601 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 container.45031d4f7f9295098127a82b02c0c8ac93f9decc.css
fast.appcues.com/generic/main/4.39.12/ 15 KB
2 KB 7ms
7ms Stylesheet
text/css 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.39.12/container.45031d4f7f9295098127a82b02c0c8ac93f9decc.css
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.39.12/appcues.main.45031d4f7f9295098127a82b02c0c8ac93f9decc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25ea0f4739d446723b41952f762e1c9e7914cf5672c570f67ce3b44fcbb9afa0

Request headers

Referer: https://app.hellobonsai.com/
Origin: https://app.hellobonsai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
content-encoding: gzip
age: 152729
via: 1.1 varnish
x-cache: HIT
content-length: 1953
x-amz-id-2: I/+JVrZvfcE7F18HvVtjewipgC9sCF6/rUiosEJyjHXJx4a6OGPmsAkwG7+IVlr6tDMS1V1TtEU=
x-served-by: cache-fra19141-FRA
timing-allow-origin: *
last-modified: Mon, 01 Aug 2022 18:03:15 GMT
server: AmazonS3
x-timer: S1659530314.670298,VS0,VE0
etag: "c74c3a0f0689ea16a43198e246fbcc29"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id: 3TP2W7NVZ5TWVBRR
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
content-type: text/css; charset=utf-8;
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 10539

GET
H2 200 flink.css
cdn.plaid.com/link/2.0.1357/ Frame 2ED3 71 KB
10 KB 17ms
16ms Stylesheet
text/css 108.138.36.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1357/flink.css
Requested by: Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link.html?isHostedTrustedAuth=false&isLinkInitialize=true&origin=https%3A%2F%2Fapp.hellobonsai.com&token=link-production-b72bcec5-80ec-48d6-a485-4801fa8da7b1&uniqueId=1&version=2.0.1357
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-26.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad8e0f0f6dde6adb30a815024574ada049b79ba462762c9e8fa7a582a63f29ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 07:54:22 GMT
content-encoding: gzip
age: 17052
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 03 Aug 2022 07:28:11 GMT
server: AmazonS3
etag: W/"af821dfe21f0913dc90fa4765ff58a59"
vary: Accept-Encoding
x-amz-version-id: kpG3p8LwDR_dhP1lbfWJOgNecu9Uwapg
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: MUC50-P2
content-type: text/css
x-amz-cf-id: AjYIcAJgVbvqgANqrEcVn3D-t_LhE6wTL_iJThFvLJlDtMrOGSNfBw==

GET
H2 200 vendor.js Show response
cdn.plaid.com/link/2.0.1357/ Frame 2ED3 11 KB
5 KB 15ms
14ms Script
application/javascript 108.138.36.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1357/vendor.js
Requested by: Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link.html?isHostedTrustedAuth=false&isLinkInitialize=true&origin=https%3A%2F%2Fapp.hellobonsai.com&token=link-production-b72bcec5-80ec-48d6-a485-4801fa8da7b1&uniqueId=1&version=2.0.1357
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-26.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93237d6415ec6ba99edbfad891b6fc920b032153c96764cfb9d5570d6a96b701

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 07:54:22 GMT
content-encoding: gzip
age: 17052
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 03 Aug 2022 07:28:13 GMT
server: AmazonS3
etag: W/"866cd5dffe099ac8db6c5a33f0839539"
vary: Accept-Encoding
x-amz-version-id: u3U.6gw1YzK4SFQukJaO39shtOruihdy
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: MUC50-P2
content-type: application/javascript
x-amz-cf-id: xvCZXie9LJDrHywhWtN4jwgnHn_MtRbFQWhMGp_Oz6xyCHQWzS-fbw==

GET
H2 200 flink.js Show response
cdn.plaid.com/link/2.0.1357/ Frame 2ED3 1 MB
340 KB 18ms
18ms Script
application/javascript 108.138.36.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.plaid.com/link/2.0.1357/flink.js
Requested by: Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link.html?isHostedTrustedAuth=false&isLinkInitialize=true&origin=https%3A%2F%2Fapp.hellobonsai.com&token=link-production-b72bcec5-80ec-48d6-a485-4801fa8da7b1&uniqueId=1&version=2.0.1357
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-26.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e54e6c5424dfc316a83cc1e08a1ba4a2bc89961e104f8ebe9370ab69efdd47b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 07:54:22 GMT
content-encoding: gzip
age: 17052
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 03 Aug 2022 07:28:11 GMT
server: AmazonS3
etag: W/"a8b7c3ce14d02e46c594bf88aa277009"
vary: Accept-Encoding
x-amz-version-id: V2Et97bkps.PjVBg5YvLaQO.1eb3rnA7
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
cache-control: max-age=10800
x-amz-cf-pop: MUC50-P2
content-type: application/javascript
x-amz-cf-id: 0NM4kjrjHgG2JqlkOGpwnQa517p0QBi7L3y7pQCY8CHg28O_Rj4mlQ==

POST
H2 200 / Show response
api.amplitude.com/ 7 B
204 B 172ms
172ms XHR
text/html 44.239.247.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.247.156 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-247-156.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 03 Aug 2022 12:38:34 GMT
trace-id: Root=1-62ea6c4a-0d809f754341dbe5209cd48e
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 381ms
95ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-946032984

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15160
x-xss-protection: 0
server: cafe
etag: 9823212955285023900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:38:34 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame E28D 2 KB
2 KB 38ms
38ms Other
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:34 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrg... Frame E28D 151 KB
54 KB 1014ms
722ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSplnFz99wTyNI66c0-WIn8o4RPA/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3a7d352c23dbef586f03476f8afcf5191c6858cc19142efb2dff275d7554b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 16:29:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54055
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 10:25:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Aug 2023 16:29:16 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=740252973613625&ev=Microdata&dl=https%3A%2F%2Fapp.hellobonsai.com%2Fi%2F3911b48fa81eea0%3Futm_campaign%3Dauto_remind_client_invoice_unpaid%26utm_content%3Dprimary-btn%26utm_medium%3Demail%26utm_source%3Dinvoice&rl=&if=false&ts=1659530313980&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Boldface%20Branding%20Corp.%20-%20LVN%20Retreat%20%2722%20Logo%20Invoice%22%2C%22meta%3Adescription%22%3A%22Bonsai%20is%20a%20freelancer%27s%20best%20friend%3A%20automated%20proposals%2C%20contracts%2C%20time%20tracking%2C%20and%20invoices.%20Get%20peace%20of%20mind%20%26%20get%20on%20with%20your%20work.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Boldface%20Branding%20Corp.%20-%20LVN%20Retreat%20%2722%20Logo%20Invoice%22%2C%22og%3Adescription%22%3A%22Bonsai%20is%20a%20freelancer%27s%20best%20friend%3A%20automated%20proposals%2C%20contracts%2C%20time%20tracking%2C%20and%20invoices.%20Get%20peace%20of%20mind%20%26%20get%20on%20with%20your%20work.%22%2C%22og%3Aimage%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[external_id]=447a62eae4a0537215137d7b651aa4448191f4f9758a363f39713e34e17d2a1f&v=2.9.70&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1659530313473.500011556&it=1659530313317&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 03 Aug 2022 12:38:33 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=740252973613625&ev=View%20invoice%20-%20client&dl=https%3A%2F%2Fapp.hellobonsai.com%2Fi%2F3911b48fa81eea0%3Futm_campaign%3Dauto_remind_client_invoice_unpaid%26utm_content%3Dprimary-btn%26utm_medium%3Demail%26utm_source%3Dinvoice&rl=&if=false&ts=1659530314027&cd[OS]=Windows&cd[Invoice%20Status]=outstanding&sw=1600&sh=1200&ud[external_id]=447a62eae4a0537215137d7b651aa4448191f4f9758a363f39713e34e17d2a1f&v=2.9.70&r=stable&a=seg&ec=2&o=30&fbp=fb.1.1659530313473.500011556&it=1659530313317&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-cfd383c08a4197e59d432b946f6a1fc9&tm=2&rqm=GET

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 03 Aug 2022 12:38:34 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=740252973613625&ev=View%20Banking%20Setup%20Page&dl=https%3A%2F%2Fapp.hellobonsai.com%2Fi%2F3911b48fa81eea0%3Futm_campaign%3Dauto_remind_client_invoice_unpaid%26utm_content%3Dprimary-btn%26utm_medium%3Demail%26utm_source%3Dinvoice&rl=&if=false&ts=1659530314029&cd[OS]=Windows&sw=1600&sh=1200&ud[external_id]=447a62eae4a0537215137d7b651aa4448191f4f9758a363f39713e34e17d2a1f&v=2.9.70&r=stable&a=seg&ec=3&o=30&fbp=fb.1.1659530313473.500011556&it=1659530313317&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=ajs-next-d47031c35672b07672f302c1e11200e3&tm=2&rqm=GET

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 03 Aug 2022 12:38:34 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/946032984/ 3 KB
2 KB 784ms
732ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/946032984/?random=1659530314340&cv=9&fst=1659530314340&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.hellobonsai.com%2Fi%2F3911b48fa81eea0%3Futm_campaign%3Dauto_remind_client_invoice_unpaid%26utm_content%3Dprimary-btn%26utm_medium%3Demail%26utm_source%3Dinvoice&tiba=Boldface%20Branding%20Corp.%20-%20LVN%20Retreat%20%2722%20Logo%20Invoice&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b131509dbf83f2e8e286d5f323a4c7846deba24f4c85901f73fe22b087507ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 12:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1151
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40... Frame E28D 78 KB
28 KB 1211ms
910ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40dIAOFshM.L.B1.O/am=BoA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfril6bOip7zlAnz-IXStVqjFtiCUKQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSplnFz99wTyNI66c0-WIn8o4RPA/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aded5226038cb32ca8dc9553623fc93a6f0e1f65c826140fd37c9eac05f90a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 16:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29055
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 01:24:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Aug 2023 16:36:12 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/946032984/ 42 B
548 B 121ms
72ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/946032984/?random=1659530314340&cv=9&fst=1659528000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.hellobonsai.com%2Fi%2F3911b48fa81eea0%3Futm_campaign%3Dauto_remind_client_invoice_unpaid%26utm_content%3Dprimary-btn%26utm_medium%3Demail%26utm_source%3Dinvoice&tiba=Boldface%20Branding%20Corp.%20-%20LVN%20Retreat%20%2722%20Logo%20Invoice&async=1&fmt=3&is_vtc=1&random=4121126866&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 12:38:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/946032984/ 42 B
548 B 989ms
734ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/946032984/?random=1659530314340&cv=9&fst=1659528000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.hellobonsai.com%2Fi%2F3911b48fa81eea0%3Futm_campaign%3Dauto_remind_client_invoice_unpaid%26utm_content%3Dprimary-btn%26utm_medium%3Demail%26utm_source%3Dinvoice&tiba=Boldface%20Branding%20Corp.%20-%20LVN%20Retreat%20%2722%20Logo%20Invoice&async=1&fmt=3&is_vtc=1&random=4121126866&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 12:38:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 257ms
256ms Ping
application/json 2600:1f18:24e6:b900:ced3:8b66:1073:c601
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aproduction&dd-api-key=pub1c977e2af62d7b729f3cdfe8440cf32c&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=235210f6-e48c-4b61-a8fe-256c7d5f4c5d&batch_time=1659530316120
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/9326-19abfb492c5c5ac3de13.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:ced3:8b66:1073:c601 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 / Show response
api.amplitude.com/ 7 B
204 B 171ms
171ms XHR
text/html 44.239.247.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.247.156 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-247-156.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 03 Aug 2022 12:38:36 GMT
trace-id: Root=1-62ea6c4c-5d616c276abfe0451d904155
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame E28D 49 KB
20 KB 17ms
17ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40dIAOFshM.L.B1.O/am=BoA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfril6bOip7zlAnz-IXStVqjFtiCUKQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3050
date: Wed, 03 Aug 2022 11:47:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 03 Aug 2022 13:47:46 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame E28D 1 MB
350 KB 237ms
236ms XHR
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSplnFz99wTyNI66c0-WIn8o4RPA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c757bcedb01c54ce722ad357054e7fb99a637b6e10b59a106bec33af88f438a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-igs4uhHwwm9sCcm9a-HwDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-igs4uhHwwm9sCcm9a-HwDA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Wed, 03 Aug 2022 12:38:36 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-igs4uhHwwm9sCcm9a-HwDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-igs4uhHwwm9sCcm9a-HwDA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Wed, 03 Aug 2022 12:38:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 795ms
752ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-64681547-1&cid=937451473.1659530313&jid=1089988947&gjid=1655397055&_gid=272807521.1659530313&_u=IEBAAAAAAAAAAC~&z=1374171111

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Aug 2022 12:38:37 GMT
content-type: text/plain
access-control-allow-origin: https://app.hellobonsai.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 43ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id: KBVH2PMAKMG74HWE
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: c40g0/PEOypibNZhpK4f4SlPZCSnAXuxKGtJ+LI/kKMS0hiuLcfL6ykVCP/ylzTky574I1FuVPM=
x-served-by: cache-fra19135-FRA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1659530316.335144,VS0,VE0
date: Wed, 03 Aug 2022 12:38:36 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3313

GET
H2 200 event.gif
track.customer.io/events/ 35 B
97 B 436ms
134ms Image
image/gif 35.227.225.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/event.gif?name=View+invoice+-+client&data%5BOS%5D=Windows&data%5BInvoice+Status%5D=outstanding&c=&s=4c3fb795-23bc-41ab-9fac-ee01723f738c&site_id=53527ce52f3050b71098&timestamp=1659530316302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:36 GMT
via: 1.1 google
access-control-allow-origin: *
content-type: image/gif
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 event.gif
track.customer.io/events/ 35 B
242 B 429ms
130ms Image
image/gif 35.227.225.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/event.gif?name=View+Banking+Setup+Page&data%5BOS%5D=Windows&c=&s=4c3fb795-23bc-41ab-9fac-ee01723f738c&site_id=53527ce52f3050b71098&timestamp=1659530316304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:36 GMT
via: 1.1 google
access-control-allow-origin: *
content-type: image/gif
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2 200 page.gif
track.customer.io/events/ 35 B
97 B 430ms
132ms Image
image/gif 35.227.225.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/page.gif?name=https%3A%2F%2Fapp.hellobonsai.com%2Fi%2F3911b48fa81eea0%3Futm_campaign%3Dauto_remind_client_invoice_unpaid%26utm_content%3Dprimary-btn%26utm_medium%3Demail%26utm_source%3Dinvoice&data%5Butm_campaign%5D=auto_remind_client_invoice_unpaid&data%5Butm_content%5D=primary-btn&data%5Butm_medium%5D=email&data%5Butm_source%5D=invoice&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=4c3fb795-23bc-41ab-9fac-ee01723f738c&site_id=53527ce52f3050b71098&timestamp=1659530316306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:36 GMT
via: 1.1 google
access-control-allow-origin: *
content-type: image/gif
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40... Frame E28D 18 KB
7 KB 832ms
832ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40dIAOFshM.L.B1.O/am=BoA/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfril6bOip7zlAnz-IXStVqjFtiCUKQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSplnFz99wTyNI66c0-WIn8o4RPA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36d0a19a142b17f3e9d1d92359f8f3fe7b114432dc3d4e97a30e87f342f5c6d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 16:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7492
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 01:24:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Aug 2023 16:36:13 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40... Frame E28D 37 KB
14 KB 833ms
832ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.W40dIAOFshM.L.B1.O/am=BoA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfril6bOip7zlAnz-IXStVqjFtiCUKQ/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSplnFz99wTyNI66c0-WIn8o4RPA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b6d3393aa2303340f7efd76a35b7d07e5cd75741827cfc31e5fb25c4bcb33ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 16:36:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 158544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14151
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 01:24:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Aug 2023 16:36:13 GMT

GET
H2 200 page.gif
track.customer.io/events/ 35 B
97 B 423ms
131ms Image
image/gif 35.227.225.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/page.gif?name=Boldface+Branding+Corp.+-+LVN+Retreat+%2722+Logo+Invoice&data%5Butm_campaign%5D=auto_remind_client_invoice_unpaid&data%5Butm_content%5D=primary-btn&data%5Butm_medium%5D=email&data%5Butm_source%5D=invoice&data%5Bpath%5D=%2Fi%2F3911b48fa81eea0&data%5Breferrer%5D=&data%5Bsearch%5D=%3Futm_campaign%3Dauto_remind_client_invoice_unpaid%26utm_content%3Dprimary-btn%26utm_medium%3Demail%26utm_source%3Dinvoice&data%5Btitle%5D=Boldface+Branding+Corp.+-+LVN+Retreat+%2722+Logo+Invoice&data%5Burl%5D=https%3A%2F%2Fapp.hellobonsai.com%2Fi%2F3911b48fa81eea0%3Futm_campaign%3Dauto_remind_client_invoice_unpaid%26utm_content%3Dprimary-btn%26utm_medium%3Demail%26utm_source%3Dinvoice&data%5Bname%5D=Boldface+Branding+Corp.+-+LVN+Retreat+%2722+Logo+Invoice&c=&s=4c3fb795-23bc-41ab-9fac-ee01723f738c&site_id=53527ce52f3050b71098&timestamp=1659530316311
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 12:38:36 GMT
via: 1.1 google
access-control-allow-origin: *
content-type: image/gif
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

POST
H3 200 log Show response
play.google.com/ Frame E28D 131 B
155 B 94ms
64ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSplnFz99wTyNI66c0-WIn8o4RPA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 12:38:36 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 03 Aug 2022 12:38:36 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 119ms
36ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 03 Aug 2022 12:38:36 GMT
expires: Wed, 03 Aug 2022 12:38:36 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame E28D 131 B
155 B 25ms
24ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSplnFz99wTyNI66c0-WIn8o4RPA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 12:38:38 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 03 Aug 2022 12:38:38 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 1708ms
1634ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 03 Aug 2022 12:38:38 GMT
expires: Wed, 03 Aug 2022 12:38:38 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame E28D 131 B
581 B 70ms
54ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSplnFz99wTyNI66c0-WIn8o4RPA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 12:38:36 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 03 Aug 2022 12:38:36 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 114ms
50ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 03 Aug 2022 12:38:36 GMT
expires: Wed, 03 Aug 2022 12:38:36 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame E28D 131 B
155 B 94ms
65ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSplnFz99wTyNI66c0-WIn8o4RPA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 12:38:36 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 03 Aug 2022 12:38:36 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 95ms
36ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 03 Aug 2022 12:38:36 GMT
expires: Wed, 03 Aug 2022 12:38:36 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame E28D 131 B
581 B 81ms
53ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSplnFz99wTyNI66c0-WIn8o4RPA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 12:38:36 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 03 Aug 2022 12:38:36 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 89ms
37ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 03 Aug 2022 12:38:36 GMT
expires: Wed, 03 Aug 2022 12:38:36 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 168ms
168ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:36 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 / Show response
api.amplitude.com/ 7 B
204 B 170ms
170ms XHR
text/html 44.239.247.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/8423-ee960e138c7ee21c8a68.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.247.156 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-247-156.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 03 Aug 2022 12:38:36 GMT
trace-id: Root=1-62ea6c4c-02e56a9058ea61cb69e51f7a
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H3 200 log Show response
play.google.com/ Frame E28D 131 B
581 B 69ms
53ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSplnFz99wTyNI66c0-WIn8o4RPA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 12:38:36 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 03 Aug 2022 12:38:36 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 88ms
49ms Preflight
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 03 Aug 2022 12:38:36 GMT
expires: Wed, 03 Aug 2022 12:38:36 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 167ms
167ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:36 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 167ms
167ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:36 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK 2c583aa6b7 Show response
bam.nr-data.net/1/ 49 B
721 B 267ms
241ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/2c583aa6b7?a=196915889&v=1216.487a282&to=dVxfQUdeCl9SRBZTVV9WX0FqWAhFWF9aVUoZQFlaQg%3D%3D&rst=5477&ck=1&ref=https://app.hellobonsai.com/i/3911b48fa81eea0&qt=2&ap=293&be=850&fe=5394&dc=1965&perf=%7B%22timing%22:%7B%22of%22:1659530310900,%22n%22:0,%22f%22:0,%22dn%22:3,%22dne%22:117,%22c%22:117,%22s%22:123,%22ce%22:144,%22rq%22:149,%22rp%22:761,%22rpe%22:934,%22dl%22:772,%22di%22:1294,%22ds%22:1964,%22de%22:1989,%22dc%22:5393,%22l%22:5393,%22le%22:5398%7D,%22navigation%22:%7B%7D%7D&fp=1153&fcp=1153&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Wed, 03 Aug 2022 12:38:36 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 734f1c7d8dc85c32-FRA

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 167ms
167ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:36 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 304ms
304ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:36 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 elements-inner-payment-request-3889d1e0b894c5b2088f7bfeb143b1a4.html Show response
js.stripe.com/v3/ Frame C2BB 832 B
2 KB 9ms
8ms Document
text/html 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-3889d1e0b894c5b2088f7bfeb143b1a4.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0e051fe911f0344a8ca4c30b0f8d95f81eb98deef34739b2bf55e68f4c0051db

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.hellobonsai.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 106
cache-control: max-age=31536000
content-length: 832
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 03 Aug 2022 12:36:51 GMT
etag: "3889d1e0b894c5b2088f7bfeb143b1a4"
last-modified: Fri, 29 Jul 2022 21:27:42 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-amz-cf-id: jVyAAZkOoMDNC_T_Kt6dIG4xA1_jpIpXhQhmag1HrJKWaRqxY2eo8g==
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 298ms
298ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:36 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 296ms
295ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:36 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 292ms
291ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:36 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame C2BB 0
570 B 177ms
174ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:36 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 7
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C2BB 0
570 B 172ms
170ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 03 Aug 2022 12:38:36 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 ui-shared-1104b2481ba0bac028499b76824b8032.css
js.stripe.com/v3/fingerprinted/css/ Frame C2BB 19 KB
3 KB 11ms
9ms Stylesheet
text/css 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1104b2481ba0bac028499b76824b8032.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-3889d1e0b894c5b2088f7bfeb143b1a4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-3889d1e0b894c5b2088f7bfeb143b1a4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 29
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:23 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:43 GMT
server: Cloudfront
etag: W/"ac79e433d75898d8e3712ae684cf6c65"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: h4-KjgL3rxQkHzW4bcdIJuKHTDPB4Od9Dtw13W3PjCOCPSRmmoLpkQ==

GET
H2 200 elements-inner-payment-request-5dc11dda67ea2aa1d4bb9edd33f076ee.css
js.stripe.com/v3/fingerprinted/css/ Frame C2BB 7 KB
2 KB 12ms
10ms Stylesheet
text/css 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-5dc11dda67ea2aa1d4bb9edd33f076ee.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-3889d1e0b894c5b2088f7bfeb143b1a4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ae4534ddf6813360cb413daf108742ec67a6d3edca6297ce8a7774b4f64e5c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-3889d1e0b894c5b2088f7bfeb143b1a4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 37
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:00 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:42 GMT
server: Cloudfront
etag: W/"648d1966967cd19b2fec8ac2aaec6575"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: Ootq996yf7skO3Tuydlm9583h-3NT7H9uSqogKKa6aXY2yC9SRT5Zw==

GET
H2 200 shared-ee7c56bb43e4457408e31edc9af1e80b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C2BB 249 KB
59 KB 204ms
202ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-3889d1e0b894c5b2088f7bfeb143b1a4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

cd604db5fa3861f64aa6c6e7815b774b6d6eb1047b5a48517f26c40e3dd1e9da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-3889d1e0b894c5b2088f7bfeb143b1a4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:37 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
etag: W/"b0632f9d1f9085f906d9466c9c958707"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: -CXWj9PUlx-pDQBl4uqPs8EflYWTRjTVtCaj2N2PRAK9bQ8stGswRg==

GET
H2 200 ui-shared-664c910ea218b6ed7d421642b668883a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C2BB 208 KB
60 KB 13ms
11ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-664c910ea218b6ed7d421642b668883a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-3889d1e0b894c5b2088f7bfeb143b1a4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b9f8781586b5327f18c191fea82e9d84dfe9761ccc932d0559bdfff7fee28201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-3889d1e0b894c5b2088f7bfeb143b1a4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 31
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:23 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:52 GMT
server: Cloudfront
etag: W/"0a136310929ac2a9576fcc2cbcbb93ac"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: 0OvsCsEP1SeC0KE_wXm_FMrdVPuIrx_oexJfL0-kZcDZen2m3ljDqg==

GET
H2 200 elements-inner-payment-request-d6b11d8db6fbdaf84168e20ccaaeb4b3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C2BB 43 KB
14 KB 14ms
12ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-d6b11d8db6fbdaf84168e20ccaaeb4b3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-3889d1e0b894c5b2088f7bfeb143b1a4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

dea579c0082e8a48bb93198473a236fb83beaa850fd6be58a2dc78272c8b5d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-3889d1e0b894c5b2088f7bfeb143b1a4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 28
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:08 GMT
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
last-modified: Fri, 29 Jul 2022 21:27:51 GMT
server: Cloudfront
etag: W/"7f3593bf6e755435bb01cf2a9fc367df"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: Js_f8Bt71ACouwMHX4RGqcEpnccFigrSwvW9L2eoIWD8TgzUwZRgNQ==

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 168ms
168ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:36 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 168ms
168ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:36 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 69BA 0
127 B 168ms
168ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:36 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET ga-audiences
www.google.com/ads/ 0
0

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 195ms
164ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64681547-1&cid=937451473.1659530313&jid=1089988947&_u=IEBAAAAAAAAAAC~&z=2134176408

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 12:38:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame E28D 131 B
155 B 26ms
25ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.QdpRLLZUN7g.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgSplnFz99wTyNI66c0-WIn8o4RPA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 03 Aug 2022 12:38:37 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 03 Aug 2022 12:38:37 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/11/intl/de_ALL/ 245 KB
68 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/11/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAHwtnzqqHHvQn4-UKnz-oMzpydAvnv7ik&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01e0a3615aa1e6b0f6ba60525672dcef90436379fedd6ec16c19c623d49b693d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 17:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69050
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 22:34:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 17:15:50 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/11/intl/de_ALL/ 157 KB
58 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/11/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAHwtnzqqHHvQn4-UKnz-oMzpydAvnv7ik&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13d5c936edaf491f97537706bfc1aeeb3b91c1de291eca78e1ca0c4fa5a8bce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 17:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59014
x-xss-protection: 0
last-modified: Mon, 25 Jul 2022 22:34:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 17:15:50 GMT

GET
H2 200 vendors~app~tooltips-modern.776d25e6.js Show response
js.intercomcdn.com/ Frame B882 544 KB
110 KB 9ms
8ms Script
application/javascript 18.66.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app~tooltips-modern.776d25e6.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.c0368ce5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-67.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cca088bb4584f4e344c0644c7d435530f2df6c68547a2c6ab97f86219d7bfd4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: ir0_8ynDxXeVd.vLDWMo76lC99VsCzlN
content-encoding: gzip
etag: "9ad4ac5eba4d114c7a6de62889b0a4c1"
age: 1571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 112530
last-modified: Wed, 03 Aug 2022 10:10:49 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 12:12:30 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: 1sg40nlF1uz2hX5dIBZJSzNXkm0Xl1x4evADZsGrPSzKof1jtgd14A==

GET
H2 200 vendors~app-modern.a3b36c3e.js Show response
js.intercomcdn.com/ Frame B882 45 KB
13 KB 12ms
12ms Script
application/javascript 18.66.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendors~app-modern.a3b36c3e.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.c0368ce5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-67.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 741efce11d89bd6685fe1bf51453a32d3ae34e826258c772ab14e01bb34fd889

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: DVfw54nnzm9Jz5b.JMY35k7O1rNjdBv_
content-encoding: gzip
etag: "a0f79f8d88be8e42f881eaeb0324f731"
age: 2121
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12978
last-modified: Wed, 03 Aug 2022 10:01:54 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 12:03:20 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: LPVzLV8tWa6gT-yCQ37Nwh3dZWkXGskBYvwjy1yjyvg1i9eXWfy1OA==

GET
H2 200 app~tooltips-modern.e35108e0.js Show response
js.intercomcdn.com/ Frame B882 250 KB
67 KB 13ms
13ms Script
application/javascript 18.66.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app~tooltips-modern.e35108e0.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.c0368ce5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-67.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18a3327fad2e554ec2b25d6a7bd5bd8887466dea95903e08f8fecfc3edd0bfa5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: v6M5wLOYUUS8g4w5QwUY8_9rzGrQS6tC
content-encoding: gzip
etag: "89540b72cb978790ca6a637044d14967"
age: 1571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 68026
last-modified: Wed, 03 Aug 2022 10:10:49 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 12:12:30 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: 7bxLbFsan7KwL_syA-b9Lq2ZDUE15iD2LalU5DPLZsZoahOIZjtnKg==

GET
H2 200 app-modern.bfb1e280.js Show response
js.intercomcdn.com/ Frame B882 489 KB
124 KB 15ms
15ms Script
application/javascript 18.66.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/app-modern.bfb1e280.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.c0368ce5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-67.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d21d9855a3922584dbe49803f7342c7e21ec44c9076af1abacf77f683f2aa89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: uTRLNsb8_ItXypyq05dc_vnCuNcGvZ0K
content-encoding: gzip
etag: "c52d5e797b415b9250786b4f54fc1a7b"
age: 1571
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 126349
last-modified: Wed, 03 Aug 2022 10:10:49 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 12:12:30 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: cydfZFW4hFoIGEoQX_NKL96_ZUMYVOcyCq7Xbhbjh9SIFdPH3IMgVQ==

GET
H2 200 launcher-discovery-modern.cf670d86.js Show response
js.intercomcdn.com/ Frame B882 6 KB
2 KB 8ms
8ms Script
application/javascript 18.66.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/launcher-discovery-modern.cf670d86.js
Requested by: Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.c0368ce5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-67.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ec3579569265aaf8e2aec10e013770786c9bf0b7d0390d96b45dc498645ef567

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: 3h_uqyMIkPwCFUuFDXwTR0rzbTD7Fyme
content-encoding: gzip
etag: "56b003d0c67f995027bba2e073f42c24"
age: 5520
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2018
last-modified: Fri, 29 Jul 2022 13:21:26 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 11:06:41 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: IOHdTW4mfcAuLikjqtWkm53lIOMKeqQWBT4kHfkc5KNX21nTdqm9sw==

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 252ms
251ms Ping
application/json 2600:1f18:24e6:b900:ced3:8b66:1073:c601
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aproduction&dd-api-key=pub1c977e2af62d7b729f3cdfe8440cf32c&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=9a73c72d-acc0-4fc6-a05d-c4b18a4164a0&batch_time=1659530320631
Requested by: Host: app.hellobonsai.com
URL: https://app.hellobonsai.com/packs/js/9326-19abfb492c5c5ac3de13.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:ced3:8b66:1073:c601 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.hellobonsai.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame 7458 28 KB
29 KB 29ms
12ms Font
font/woff 18.66.139.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-67.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

Referer
Origin: https://app.hellobonsai.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: U8CfH_PpGtFrKz7LA17C5aqZbfq26zpg
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
etag: "a7942249ca925ef356c0f2b1dab17ef3"
age: 2035
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 28960
last-modified: Fri, 29 Jul 2022 13:21:27 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 12:38:40 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: KmLEEi7Vwt8JhwoCLwMLQKCQDeZwSz5wqt9PwQxrnru-kKm5yNyzmQ==

GET
H2 200 5-1658418393.jpg
static.intercomassets.com/avatars/4584842/square_128/ Frame 7458 12 KB
12 KB 86ms
11ms Image
image/jpeg 18.66.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/4584842/square_128/5-1658418393.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b1f4cac3985cae457a341facbdb6a5bc8383a8a3c951b8937518958372227fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
etag: "1553968a9bcb10952db719a5d7ec6efb"
age: 1541
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12210
last-modified: Thu, 21 Jul 2022 15:46:34 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 12:38:40 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: 9EPbCBgY7BMDpoFfHq7By08tZzy-KD9m8ArwZOP8bWqQ0m6XjldHog==

GET
H2 200 2-1658417694.jpg
static.intercomassets.com/avatars/4275790/square_128/ Frame 7458 13 KB
13 KB 88ms
13ms Image
image/jpeg 18.66.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.intercomassets.com/avatars/4275790/square_128/2-1658417694.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-67.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6791c59585f786f184af1b8dd7265e150431bbbb37e1dd33c8bff4f799960c5a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
etag: "36cc2c85dba13b069038fdec4686694e"
age: 2035
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 13309
last-modified: Thu, 21 Jul 2022 15:34:56 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 12:38:40 GMT
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
x-amz-cf-id: djrh_oT-8Lb4j1TshUlXrP89m5vJL-ekaK3f4TR2QmQKq9qvqqbeAg==

GET
H2 200 trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js Show response
js.stripe.com/v3/fingerprinted/js/ 174 B
669 B 9ms
8ms Script
text/javascript 18.66.122.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-50.fra60.r.cloudfront.net

Software

Cloudfront /

Resource Hash

79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hellobonsai.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
via: 1.1 d71acb203a3e8fc7db2c1cf9725d51da.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 21
x-cache: Hit from cloudfront
date: Wed, 03 Aug 2022 12:38:23 GMT
content-length: 174
last-modified: Fri, 22 Jul 2022 20:19:07 GMT
server: Cloudfront
etag: "5cbd8f0579eb735eea933bbd78b29553"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: TUbvTl-xs_gYs7EmgQk3Gc39Ey3tdHCyFzlmiR7UVGDCXeZsgG591w==

POST
H2 200 0 Show response
r.stripe.com/ Frame B26C 0
127 B 168ms
168ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ee7c56bb43e4457408e31edc9af1e80b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Wed, 03 Aug 2022 12:38:41 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-64681547-1&cid=937451473.1659530313&jid=1089988947&_u=IEBAAAAAAAAAAC~&z=2134176408

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.hellobonsai.com/	1970-01-20 04:58:53	Name: oauth_redirect Value: %2Fi%2F3911b48fa81eea0%2Fconfirm_ach_payment
app.hellobonsai.com/	1970-01-20 04:58:53	Name: oauth_fail_redirect Value: %2Fi%2F3911b48fa81eea0
app.hellobonsai.com/	1970-01-20 04:58:53	Name: payment_provider Value: bonsai_payments
.hellobonsai.com/	1970-01-20 14:34:50	Name: _ga Value: GA1.2.937451473.1659530313
.hellobonsai.com/	1970-01-20 05:00:16	Name: _gid Value: GA1.2.272807521.1659530313
.hellobonsai.com/	1970-01-20 04:58:50	Name: _gat Value: 1
.hellobonsai.com/	1970-01-20 13:44:26	Name: ajs_anonymous_id Value: 4c3fb795-23bc-41ab-9fac-ee01723f738c
app.hellobonsai.com/	1969-12-31 23:59:59	Name: _bonsai_app_session Value: rijuX1BlARHgmbgnxw8XpOKHbDQJjAQCcCNvyhPrL49sU7hCupFH2ZVFZ7rPkghTs20U7kXKLSPDoRMb4pCggpL%2BtfRJ2WEy0urcGEzIu9vkU3VNm%2F08au3ako6JWV9om6FpseLBeh9IdyOcQkHJ5u41UUM0U2Y1%2FQrzIjL8iLvEt%2FAPhh3SW5%2B3HwmADGUZ1xoEc7EE7lYWjinGkpy9%2BvGIvGuuaVh9JYf0FttWIrO0Yhr05y0Og3bikbwXNHok3SGXQPZV%2F7oAISC4ctOjF2C9%2FV22Tbib2u%2Fw5oWb6uHSPQ5h6Cn%2FZkCVclU32lfFbQ8dZg2cK65LQzDDUzrWMBkYe0gNg0gaQtjTLNZuWRzRwTUBn1Ls1I2owdhW6jne41DxYzo6rckeYkMnDkb8iUa5SEn72KOMz%2BJR2LyRYQUTdi7rRH5kkOG%2FOcOqVUUZ7J4JokW%2BhzhTH9FbGZpPdU8UTdSl1KKVz9fGjSGHG1OtQTI%2BcargrOR4OGA2QVTDD4WXO12vQQ7h1lt4Cvz3ze8qvFqobsXqEF%2F%2Fm7dnxkZpOCQMiG7XxafvHCOZGk1V6O0uQdkshC1QMa7vvXQuZrSxXGqWsXgF%2F2fUTWpbYdZQLmrbqwMi8n5Pe3dwsHl8Vg38--k3tkiW%2Fbsyj2%2BNAH--mR9lysNLIka5%2Bvn8Up8eSA%3D%3D
.hellobonsai.com/	1969-12-31 23:59:59	Name: amplitude_idundefinedhellobonsai.com Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ==
.hellobonsai.com/	1970-01-20 07:08:26	Name: _fbp Value: fb.1.1659530313473.500011556
.hellobonsai.com/	1970-01-20 13:44:26	Name: _hjSessionUser_943616 Value: eyJpZCI6ImZmMTIzYzE2LTcyZWItNTVmNi04YmYwLTJiZDRlODkzODFhOCIsImNyZWF0ZWQiOjE2NTk1MzAzMTM0NTksImV4aXN0aW5nIjpmYWxzZX0=
.hellobonsai.com/	1970-01-20 04:58:52	Name: _hjFirstSeen Value: 1
app.hellobonsai.com/	1970-01-20 04:58:50	Name: _hjIncludedInSessionSample Value: 0
.hellobonsai.com/	1970-01-20 04:58:52	Name: _hjSession_943616 Value: eyJpZCI6IjRmZjRlMWE0LWI0ZjQtNDlhNS04MjRhLWM5ZTA1Y2U1YzIyZSIsImNyZWF0ZWQiOjE2NTk1MzAzMTM1MTIsImluU2FtcGxlIjpmYWxzZX0=
.hellobonsai.com/	1970-01-20 04:58:52	Name: _hjAbsoluteSessionInProgress Value: 0
.google.com/	1970-01-20 09:22:21	Name: NID Value: 511=FmIKgDlmzemZuWPuUgwzfmqN5tcbn2_Fxm6c9XjmwY3NmnZUUoWxt37WkLZtD2QhGy10CC-eOoNaU9Cbhq5x-FFEyrBp4pgBcBXFJDGEJrSIeW4G-cVGbgcxNu4wLygoQmSpx6YOg4n21RIcTOwO-dcXoZtBi-NYWrQc_UrYmoU
m.stripe.com/	1970-01-20 14:34:50	Name: m Value: 2a34ff0d-f8bf-4cd5-a02f-012e1d8e419f33ea49
.app.hellobonsai.com/	1970-01-20 13:44:26	Name: __stripe_mid Value: 8e187054-c33f-42e4-8964-ac25404d40a5cc4133
.app.hellobonsai.com/	1970-01-20 04:58:52	Name: __stripe_sid Value: 287e10e3-29fe-41f0-a28a-cd26204f319dc701fb
.hellobonsai.com/	1970-01-20 07:08:26	Name: _gcl_au Value: 1.1.668897000.1659530314
.hellobonsai.com/	1970-01-20 13:37:14	Name: bonsai_attribution_data Value: %7B%22landing_page_url%22%3A%20%22https%3A%2F%2Fapp.hellobonsai.com%2Fi%2F3911b48fa81eea0%3Futm_campaign%3Dauto_remind_client_invoice_unpaid%26utm_content%3Dprimary-btn%26utm_medium%3Demail%26utm_source%3Dinvoice%22%7D
.hellobonsai.com/	1970-01-20 11:27:40	Name: intercom-id-vu2ry3p0 Value: cc5702c0-537e-411f-bcec-e84adf6c681a
.hellobonsai.com/	1970-01-20 05:08:55	Name: intercom-session-vu2ry3p0 Value:
.doubleclick.net/	1970-01-20 04:58:51	Name: test_cookie Value: CheckForPermission
.hellobonsai.com/	1970-01-20 14:34:50	Name: amplitude_id_de1810a2d52564aa045bfb3cb9dc0cabhellobonsai.com Value: eyJkZXZpY2VJZCI6ImRmMTliZmY2LWU1ODMtNGE2Yi05OThiLTA3ZTNhOTIxMjg4MlIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY1OTUzMDMxMzM1OCwibGFzdEV2ZW50VGltZSI6MTY1OTUzMDMxNjE1MiwiZXZlbnRJZCI6MywiaWRlbnRpZnlJZCI6MSwic2VxdWVuY2VOdW1iZXIiOjR9
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 1390c5a017b46fea
app.hellobonsai.com/	1970-01-20 04:58:51	Name: _dd_s Value: rum=1&id=8651a5ea-f0ea-4893-804d-b6e91c95e615&created=1659530312315&expire=1659531212315

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://app.hellobonsai.com/t Message: Failed to load resource: the server responded with a status of 401 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript	warning	URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice Message: The resource https://app.hellobonsai.com/assets/ionicons-2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9.ttf was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice Message: The resource https://app.hellobonsai.com/assets/ionicons-a627d9068c1235d9b3c95c405eb6ecb64a290b159cf5e926c0d96d89b24cd5fc.svg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://app.hellobonsai.com/i/3911b48fa81eea0?utm_campaign=auto_remind_client_invoice_unpaid&utm_content=primary-btn&utm_medium=email&utm_source=invoice Message: The resource https://app.hellobonsai.com/assets/ionicons-709f2789daaff440820ebb975d3ae409af45121bdec47e39e83523490b1bc0fc.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.amplitude.com
app.hellobonsai.com
assets.customer.io
bam.nr-data.net
bonsai-company-imgs.s3.us-west-1.amazonaws.com
bonsai-invoice-imgs.s3.us-west-1.amazonaws.com
cdn.amplitude.com
cdn.firstpromoter.com
cdn.headwayapp.co
cdn.plaid.com
connect.facebook.net
fast.appcues.com
googleads.g.doubleclick.net
js-agent.newrelic.com
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
o921014.ingest.sentry.io
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
rum.browser-intake-datadoghq.com
script.hotjar.com
sgmt.hellobonsai.com
static.hotjar.com
static.intercomassets.com
stats.g.doubleclick.net
t.hellobonsai.com
track.customer.io
vars.hotjar.com
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.google.com
108.138.17.98
108.138.36.26
142.250.184.194
151.101.128.176
151.101.2.137
162.247.241.14
172.217.16.138
173.194.76.92
18.66.112.67
18.66.122.50
18.66.139.28
18.66.139.67
18.66.15.120
18.66.97.49
2001:4860:4802:32::178
2600:1f18:24e6:b900:ced3:8b66:1073:c601
2600:9000:211a:9000:11:9cfd:9400:93a1
2600:9000:211a:e200:10:7ddc:ae40:93a1
2600:9000:2240:da00:1e:b6b6:9ac0:93a1
2600:9000:2250:8000:6:9b9d:3240:93a1
2606:4700:20::ac43:4b74
2a00:1450:4001:801::2008
2a00:1450:4001:803::2004
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a00:1450:400c:c07::5c
2a02:6ea0:cb00::2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42::622
34.120.195.249
35.227.225.220
44.239.247.156
52.219.112.185
52.222.206.178
52.43.93.136
54.187.159.182
99.83.219.81
01b5ccd7e20bce7a4b9b04832e12f0008711b7925b5627771cb36b6f4cba2183
01e0a3615aa1e6b0f6ba60525672dcef90436379fedd6ec16c19c623d49b693d
02ad1b0d71bae7477b58e1ec25a823f215d4158588f82a20454fdbadb286c2f0
038854c1db8658c2d0f918c047c4f335bd11c07c4ab2686ce1a780113e3591a3
0393dc9df69db9522a48431ae24fa4d59942ff1d6aa0054bef8f3161aedd9fb7
0a606f215a29b0916df97dcca69b90e43128fca3bc8f237c3f56d58f4cf800ab
0c861edac7f4f16c26218d1901867f8d51a57d66c4bdf98a2328e6aa064c3ba8
0e051fe911f0344a8ca4c30b0f8d95f81eb98deef34739b2bf55e68f4c0051db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13d5c936edaf491f97537706bfc1aeeb3b91c1de291eca78e1ca0c4fa5a8bce5
18a3327fad2e554ec2b25d6a7bd5bd8887466dea95903e08f8fecfc3edd0bfa5
1b1f4cac3985cae457a341facbdb6a5bc8383a8a3c951b8937518958372227fb
1c31c8f6d73eca87339232c3105faa5b8aa830f0fa5bace7ebcb3ee06aaf4e2b
1c39f7258969348e3aef25efe85bdbe8b62ebe8765a913ee3466e36bb303c630
1c7bf8e2542ddba042d514223c506dafca5918a64f178181b4b8f12db2567a05
1c9c5272136c7ebb6df65a9f5f7e30afe147971ec8d417412e7e5cbc3c51b77c
1cca088bb4584f4e344c0644c7d435530f2df6c68547a2c6ab97f86219d7bfd4
1f38dbb91c272c99107b81403ef5451e68690f27e9a8f3ee09e9eb3848dd9dd1
2018d4c905767c70037b9acc77686d6e3571c2c6e8c219343a4fc0efa76b02d6
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
243cdf9407941ae430325550156c6c2908b9af0fe2a1b6e7e32763fa9e531a58
25ea0f4739d446723b41952f762e1c9e7914cf5672c570f67ce3b44fcbb9afa0
29d9505b433e35bb6c623302be8fc54475667eb9009e932c202718b0c16dd249
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2d0240e107b92947ccc11124e11633ccd7ba1f462d5bc530d17a993e41c2ee61
32c28b89d3916748321efd8fb795e798fff52830491f50ea36c0ec72d6a3e346
33fc94d281960261fcc6ce6ed347179ddece87119ed96309a5886c3ac996e9df
3691b83d5b7d1bb2a8d737e8db3fa9d17286f47e967e70fe596126a81434d367
36d0a19a142b17f3e9d1d92359f8f3fe7b114432dc3d4e97a30e87f342f5c6d7
3b534eeaf216d2e54730d1c9bb15344f4b78712e6c781d31555585c51651e989
3b6f87e7eb7e27cb769f7552282850747393fd7d3d374ab20f28a3326d7280d0
3e54e6c5424dfc316a83cc1e08a1ba4a2bc89961e104f8ebe9370ab69efdd47b
406aee8e16677422cfdda788d097fec2bb6440a2aa9ce5e574bb7f9eb3fa024a
411195013efde9947c4d35f130bc55cef035576ce6e9c576f83cb57a4e1477cc
420b46168a05d5a2e76ea8dcbefe375d7340a5b1f0453c7a2a3e0b64e95fa49b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4528209a0fc402eb2752cba3a85021f3a6e83dde089097c9de7bc86e5b02e175
4754ad18ce90dd9f0180b9eea65807e52d00123eb98c277a80bb1ab8fec04f8d
4c5b15b382303417b514468864194c30d475c415f7efa58d23233aff9ca963a5
4d21d9855a3922584dbe49803f7342c7e21ec44c9076af1abacf77f683f2aa89
4f09834a8228cb5b59ed1ca6958f0765d71392d2a3bad0ac8caf13c850406f36
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
54e839da4741572f9ef2ac695e1bc0f60578b2cd6fe9baee012a7c7a5c7d0833
57f2ac3aae4e3ec962798f2a2bc60cdb72f53ca4014f6824d8192d32adc5e190
59dd3f86dd41ce8ac48da0e635f1dbfc1dfb0076b9fa1561028fb9f07ba755f3
5ae1a9f0dd33ed94b0cb5d33846940a5e17761f21cfee7aa5366caf7df763508
5b6d3393aa2303340f7efd76a35b7d07e5cd75741827cfc31e5fb25c4bcb33ab
61e30021b4f5466e1a6c9d4599b100c1e72f4c6162dc3d656bc3ed7dae00bb89
6245cfb6837200afad7d1e996318074e0703f1bc7b399d1d40df8474bc575e96
6553adf17d242b67abd05adae528fef2f8eeea39fa8cc2b529a35808d724780c
65d58d10d6dac34d4e018996fa21056fb12ecdb3704f614549423e9e34fbdece
677153baab37ea1b5fda3f510134c08654abbab2ea668b0f26ad3a66c9d6c9d2
6791c59585f786f184af1b8dd7265e150431bbbb37e1dd33c8bff4f799960c5a
6a7bb73bc3b47b6d1ad2951ef02260e0d2cf870f27ef5f27b42271f49195fc17
6da9ff2ca86294c7ab6f45ac2a48efab2d427f84915426cd8b888197ad39a7b5
6de48c97b08bca88630c7a68fe36fe18a43010ed4d33add156a505fb84176694
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
709f2789daaff440820ebb975d3ae409af45121bdec47e39e83523490b1bc0fc
737421f9bdc9f786634a6346810146a6b3294f40796b0d9854591b7544676eda
741efce11d89bd6685fe1bf51453a32d3ae34e826258c772ab14e01bb34fd889
765618d1667ba791f2d492d121d2da42ff7d7e079a4773462a381ac9aceab0c5
76a321a96fdb986afb09508c37d6c4eef93af2a1ba6e03d6d5aba34a410033e7
79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751
7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56
7d1830c2339818ab302f9407a3f9ed0494fffbaf20ba45437fc41577212254cf
7f9b4109b228c91936e892ffc04f42caacee7b416494ba17c478636b6e300936
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
890f0e2f5861e182ed585b12def67327c781eee2ef7a08f5618e8f2b84a1d299
8c71381cdb62fe36bfd78a7618b3fc33994eb8db82b9a6f64a9b66811a280350
910d42773de429538b60f2bd714ebd734dd66dea33fcd52845228ea0daa77fe1
911c15220f8f1819fd15e1672eb7f957396c33fbdf561be48c2ef81dffa853b3
91a43805bf1a6bcfd115f56c6f166c0fe894000a93c5226ec4adca8024c6b25a
93237d6415ec6ba99edbfad891b6fc920b032153c96764cfb9d5570d6a96b701
9594ff4a7989d3edaad4239be043a1dec33d992b4e547cdeec5041e894548041
97d2d7795d8696da8f15abfbc4ed528f5d97767966a23ad602f276c8d6680de9
980d4ee669cdd21603d6cbcf66f06e23676e656d4fc51b015eb3368db8ba476f
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
9c28add258ddddedb4a19488d09a3dbdd252bb37d8f9634018d71395cf680851
9d017ff22b281cd772b70d8b15af16bd6a8792f0e51b27e374f6a14a8647e260
9fbd0e0a2695ed3b76a92490df70ed2a152492204c2b2ee753c5f0e16d609f66
9fc1fbb9b073659cb057d6241dac61a3e407df07ecb3dbfabce79c9491203497
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3a7d352c23dbef586f03476f8afcf5191c6858cc19142efb2dff275d7554b2c
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a627d9068c1235d9b3c95c405eb6ecb64a290b159cf5e926c0d96d89b24cd5fc
a6b0ded502205d8f5044ac8ce461575b8d2d69422c028a02923fc3e2b0a98b03
ab38a795d4cdb06eb956fef8e325ca96d288edbfff0bf8509a07ade3c7ce1173
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
ad8e0f0f6dde6adb30a815024574ada049b79ba462762c9e8fa7a582a63f29ac
aded5226038cb32ca8dc9553623fc93a6f0e1f65c826140fd37c9eac05f90a58
ae4534ddf6813360cb413daf108742ec67a6d3edca6297ce8a7774b4f64e5c09
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b131509dbf83f2e8e286d5f323a4c7846deba24f4c85901f73fe22b087507ec3
b1cffb91031e9e9eaaf5d305544163d8320452f2fb8c9d3bb8d129f4b8048451
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
b9f8781586b5327f18c191fea82e9d84dfe9761ccc932d0559bdfff7fee28201
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c4191577415124ca93de4a8cd328e2c8b7becb8fd44a8239f970a9a19f51d7f5
c53820158b79be0e71d0d33ce80107248a807717aecf0d297ab7bff1d45200ac
c757bcedb01c54ce722ad357054e7fb99a637b6e10b59a106bec33af88f438a9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd604db5fa3861f64aa6c6e7815b774b6d6eb1047b5a48517f26c40e3dd1e9da
ce3dc891c88609c872bc8f424a458d92980c0d34f97641b3869206bcab568f39
d0a58cef2353163fc5f4c8b3ef68b7c28e99150cd98b0a793c43108a2434ba00
d4b914a89a418e4899f57ccf9525ea0783381915c7361b2da1de3c48b837caee
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dccafd57e3aa5cb1c0b3ef434752d3c5603a04db6814672fe2404f7fee7700f5
dea579c0082e8a48bb93198473a236fb83beaa850fd6be58a2dc78272c8b5d47
ded2432debc66221d8d501bf5e7075cd45f8b4d4ced7f3dc8bec35771febffc3
e0b0f145c7e2d4dc088034e19c6f9d802468f4bbae83df9b84129a19a5ceef9d
e18a3ff1a2cc69d11c23db2c64f838b48530befbb44592cbae6338e8a94afb7c
e327fbf68565faaecff805ca80d16f5ca3c99f71eef0cfadcd173458d5c41c6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47944ce8eea2607994a5fdc426a68a6456f61c62f49850f89e5706e440ac943
e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
ec3579569265aaf8e2aec10e013770786c9bf0b7d0390d96b45dc498645ef567
ed575f80189c08ab12dbac29d5c51249580b879bcae8ba0fd115255481fc7f84
ee98058dd681cae506370c7702819492f7d3f1fb0af8564acdcfa0e3b02e8b50
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7cec6494c4440776e1deb546fdfb609f8a37090294028ece94aa8cdb4cd78d
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f6be9784acf1f06734eae5551c5e5242a6d0c5a92f52a94faa85cad76eed63ad
f8f050d0e2baa018fa2b85081857674d69241818c3611a9b3e7081cc3226c1b8
fdf49508346acd9ea140cd09bce9dfde1e2c7ba5527d96ad6f15c65cafe63de1
ff4313a0274c7d3c6948fa2a2ed5571a12a28b9867310e38f0ea86fce0b1a9d8
ffe954e3a60585ee30365e41b381fde3afaa029c7aad24e66fb9588f94a8c663

app.hellobonsai.com Open in urlscan Pro 2606:4700:20::ac43:4b74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

238 Requests

99 %HTTPS

48 %IPv6

28 Domains

42 Subdomains

42 IPs

4 Countries

6506 kBTransfer

22432 kBSize

27 Cookies

4 Outgoing links

Redirected requests

238 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.hellobonsai.com Open in urlscan Pro
2606:4700:20::ac43:4b74 Public Scan

Screenshot
Live screenshot

Full Image

238
Requests

99 %
HTTPS

48 %
IPv6

28
Domains

42
Subdomains

42
IPs

4
Countries

6506 kB
Transfer

22432 kB
Size

27
Cookies

238 HTTP transactions
1 data transactions