urlscan.io logo urlscan.io
SecurityTrails logo

staging.challenges-dev.holi.social Open in urlscan Pro
2607:f8b0:4006:81c::2013  Public Scan

Go To Rescan Add Verdict Report
URL: https://staging.challenges-dev.holi.social/
Submission: On April 06 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 2607:f8b0:4006:81c::2013, located in United States and belongs to GOOGLE, US. The main domain is staging.challenges-dev.holi.social.
TLS certificate: Issued by GTS CA 1D4 on April 3rd 2024. Valid for: 3 months.
This is the only time staging.challenges-dev.holi.social was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2607:f8b0:400... 15169 (GOOGLE)
3 6 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a04:4e42::485 54113 (FASTLY)
1 108.138.106.101 16509 (AMAZON-02)
2 18.164.96.90 16509 (AMAZON-02)
1 52.19.95.102 16509 (AMAZON-02)
1 54.228.31.133 ()
25 7
14    2607:f8b0:4006:81c::2013 (United States)

ASN15169 (GOOGLE, US)
staging.challenges-dev.holi.social
6    2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    108.138.106.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-101.jfk50.r.cloudfront.net
static.hotjar.com
2    18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net
script.hotjar.com
1    52.19.95.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-95-102.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    54.228.31.133 (None, )

ASN- ()
metrics.hotjar.io
Apex Domain
Subdomains		 Transfer
14 holi.social
staging.challenges-dev.holi.social
293 KB
6 unpkg.com
unpkg.com — Cisco Umbrella Rank: 750
5 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 780
script.hotjar.com — Cisco Umbrella Rank: 1035
62 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 332
53 KB
2 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6464
metrics.hotjar.io
231 B
25 5
Domain Requested by
14 staging.challenges-dev.holi.social staging.challenges-dev.holi.social
6 unpkg.com 3 redirects staging.challenges-dev.holi.social
3 cdn.jsdelivr.net staging.challenges-dev.holi.social
2 script.hotjar.com static.hotjar.com
script.hotjar.com
1 metrics.hotjar.io static.hotjar.com
1 content.hotjar.io script.hotjar.com
1 static.hotjar.com staging.challenges-dev.holi.social
25 7

This site contains no links.

Subject Issuer Validity Valid
staging.challenges-dev.holi.social
GTS CA 1D4		 2024-04-03 -
2024-07-02		 3 months crt.sh
unpkg.com
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-01-31 -
2025-03-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://staging.challenges-dev.holi.social/
Frame ID: 5D05A9CFEA001EF2FB30694C6D49F843
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Holi Challenge

Detected technologies

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

25
Requests

92 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

412 kB
Transfer

711 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://unpkg.com/htmx.org/dist/ext/response-targets.js HTTP 302
  • https://unpkg.com/htmx.org@1.9.11/dist/ext/response-targets.js
Request Chain 16
  • https://unpkg.com/default-passive-events HTTP 302
  • https://unpkg.com/default-passive-events@2.0.0 HTTP 302
  • https://unpkg.com/default-passive-events@2.0.0/dist/index.umd.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
staging.challenges-dev.holi.social/ 		14 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
539f7f199e64acd0496b04fd25fec5ee4297ef5d8ed4af7da329fedfeaa6d142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
private,max-age=2,s-maxage=2
content-language
en-US
content-type
text/html;charset=UTF-8
date
Sat, 06 Apr 2024 11:37:09 GMT
expires
Sat, 06 Apr 2024 11:37:09 GMT
hx-push-url
/
server
Google Frontend
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0
config.js
staging.challenges-dev.holi.social/js/ 		443 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/js/config.js?v=b29fea119c74af8712c16324bd7268e8e0c700d3
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
56e6720df1d5cfb086423a096f2f64057aaceb5344640c6be1252a9d1e001e06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 06 Apr 2024 11:37:09 GMT
x-content-type-options
nosniff
server
Google Frontend
x-frame-options
DENY
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/javascript;charset=ISO-8859-1
x-cloud-trace-context
b84f2268e293084953653054df4a133b
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
443
x-xss-protection
0
expires
0
cookie.js
staging.challenges-dev.holi.social/js/ 		740 B
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/js/cookie.js?v=b29fea119c74af8712c16324bd7268e8e0c700d3
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f9f91ad2a9bee2f32765503377818e9714f4f421516dcdfd60a181326ad2dcce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 06 Apr 2024 11:37:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 16:20:34 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/javascript
x-cloud-trace-context
716f0999fa772be6fb131e15e3836aee
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
740
x-xss-protection
0
expires
0
player.js
staging.challenges-dev.holi.social/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/js/player.js?v=b29fea119c74af8712c16324bd7268e8e0c700d3
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
654d87c2c0730e5555fec958268715642ce23a5900d03adbb88c452f82ab23e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 06 Apr 2024 11:37:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 16:20:34 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/javascript
x-cloud-trace-context
0063ad87f4450a07f88e76c0e668c3fe
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
2612
x-xss-protection
0
expires
0
playerComments.js
staging.challenges-dev.holi.social/js/ 		635 B
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/js/playerComments.js?v=b29fea119c74af8712c16324bd7268e8e0c700d3
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0d49051f5379fc0fe5d2fde01acefc7a7a014cabf9da3b909d0a3482a07a42d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 06 Apr 2024 11:37:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 16:20:34 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/javascript
x-cloud-trace-context
63a3b44f5f51b813049d0e9cd21a83fc
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
635
x-xss-protection
0
expires
0
playerAcceptButton.js
staging.challenges-dev.holi.social/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/js/playerAcceptButton.js?v=b29fea119c74af8712c16324bd7268e8e0c700d3
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
6b257adad6cc5cadab4d0258b93298f2965cfdc76f4c2edd1acd5baa6e17b28a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 06 Apr 2024 11:37:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 16:20:34 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/javascript
x-cloud-trace-context
b53ebe8fc0b20746d7487a3bfe67347b
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
1903
x-xss-protection
0
expires
0
webpush.js
staging.challenges-dev.holi.social/js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/js/webpush.js?v=b29fea119c74af8712c16324bd7268e8e0c700d3
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d56d9739968c0d5b2ba009d7754894a90463932b1bc6e98b6edb71fcf8cb280a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 06 Apr 2024 11:37:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 16:20:34 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/javascript
x-cloud-trace-context
3f8de9f7437f5c82cd82e05cba40672c
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
5754
x-xss-protection
0
expires
0
htmx.min.js
staging.challenges-dev.holi.social/webjars/github-com-bigskysoftware-htmx/1.9.10/ 		47 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/webjars/github-com-bigskysoftware-htmx/1.9.10/htmx.min.js
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
b3bdcf5c741897a53648b1207fff0469a0d61901429ba1f6e88f98ebd84e669e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 06 Apr 2024 11:37:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 16:20:34 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/javascript
x-cloud-trace-context
8a44b77d45a77c824119aa2d3fd45435
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
47755
x-xss-protection
0
expires
0
preload.js
unpkg.com/htmx.org@1.9.10/dist/ext/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/htmx.org@1.9.10/dist/ext/preload.js
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a1c0b17b1139d0aed897998ae2af96e30887a91e03a27672d355b06ed953530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 11:37:09 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
516
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HTSJNPKSXNAQWC991DNF52H6-chi
server
cloudflare
etag
"1290-fcuZDbYxkvxPzDS7VJ5JsX3IrVw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
87017bf9f9984bd3-BUF
response-targets.js
unpkg.com/htmx.org@1.9.11/dist/ext/
Redirect Chain
  • https://unpkg.com/htmx.org/dist/ext/response-targets.js
  • https://unpkg.com/htmx.org@1.9.11/dist/ext/response-targets.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/htmx.org@1.9.11/dist/ext/response-targets.js
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3139d2f737ab246b07e89651d342b4c7ab31c0a0979517459b9f2b7266a7b950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.challenges-dev.holi.social/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 11:37:09 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1002941
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HSVPP3DV26K30A38YJ61HJR7-chi
server
cloudflare
etag
"112b-R2iaXeQv1KlhacTBinbAmyY2/X0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
87017bfa29d14bd3-BUF

Redirect headers

date
Sat, 06 Apr 2024 11:37:09 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HTSJNPKQD242P4SY4X5S6CHJ-chi
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
516
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/htmx.org@1.9.11/dist/ext/response-targets.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
87017bf9f9994bd3-BUF
_hyperscript.min.js
staging.challenges-dev.holi.social/webjars/hyperscript.org/0.9.12/dist/ 		98 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/webjars/hyperscript.org/0.9.12/dist/_hyperscript.min.js
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
cd737e9904a7eed1ee9639b75eb07915baad92961586d0a1fd6d998d24179de6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 06 Apr 2024 11:37:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 16:20:34 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/javascript
x-cloud-trace-context
dc724f8c10c84005b7edbdaa576a1edb
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
100369
x-xss-protection
0
expires
0
Catalogue-Book.woff
staging.challenges-dev.holi.social/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/fonts/Catalogue-Book.woff
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8e521ac64fabae6a3ee0a0d9ce3cb7c7e1db3bf478abe4d139dcf5f0920c3643
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
Origin
https://staging.challenges-dev.holi.social
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 06 Apr 2024 11:37:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 16:20:34 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
font/woff
x-cloud-trace-context
841c3de956cc6642f6dc846f91338c75
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
26288
x-xss-protection
0
expires
0
Catalogue-Light.woff
staging.challenges-dev.holi.social/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/fonts/Catalogue-Light.woff
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e0886866456e22893c1c3dc99af97d433ec9e6846cb48494759761962267ea71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
Origin
https://staging.challenges-dev.holi.social
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 06 Apr 2024 11:37:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 16:20:34 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
font/woff
x-cloud-trace-context
d580b1389df9bdd4ac51a8a95c5a9005
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
26192
x-xss-protection
0
expires
0
Catalogue-Medium.woff
staging.challenges-dev.holi.social/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/fonts/Catalogue-Medium.woff
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
11cdae4d25619b0058fa9b2f36062eb420d9b7f149c3678533a91efd028a7057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
Origin
https://staging.challenges-dev.holi.social
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 06 Apr 2024 11:37:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 16:20:34 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
font/woff
x-cloud-trace-context
21e805aab37e017859ae42bdc551edd4
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
26436
x-xss-protection
0
expires
0
swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@11/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.css
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fc9cc926368944db8f6a48d24a89968c35c1bd659eabe7040d8bf8081619c9a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 06 Apr 2024 11:37:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
2524
x-jsd-version
11.1.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
5101
x-served-by
cache-fra-eddf8230090-FRA, cache-nyc-kteb1890052-NYC
x-jsd-version-type
version
etag
W/"4801-3QMQ7KS0bJBr69rddyQ1OYNpFKw"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
swiper-bundle.min.js
cdn.jsdelivr.net/npm/swiper@11/ 		146 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.js
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3444ae492a5500c9c803a93b7977a540fb136fb32e8f1676f3131a19f47f43ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 06 Apr 2024 11:37:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
30006
x-jsd-version
11.1.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43655
x-served-by
cache-fra-etou8220075-FRA, cache-nyc-kteb1890052-NYC
x-jsd-version-type
version
etag
W/"248f4-UbKgCErTdO/FBJ9XWCSBOZmacxw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
confetti.browser.min.js
cdn.jsdelivr.net/npm/canvas-confetti@1.9.2/dist/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/canvas-confetti@1.9.2/dist/confetti.browser.min.js
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7adf91532522581d4bbe70f8a8eea92881bd439edfc8b6bda4554ee4ac9fd14b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 06 Apr 2024 11:37:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
42959
x-jsd-version
1.9.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4619
x-served-by
cache-fra-eddf8230064-FRA, cache-nyc-kteb1890052-NYC
x-jsd-version-type
version
etag
W/"2a1d-xkEUOeeT8oMNPeuiOOFta45k36U"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
index.umd.js
unpkg.com/default-passive-events@2.0.0/dist/
Redirect Chain
  • https://unpkg.com/default-passive-events
  • https://unpkg.com/default-passive-events@2.0.0
  • https://unpkg.com/default-passive-events@2.0.0/dist/index.umd.js
947 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/default-passive-events@2.0.0/dist/index.umd.js
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10bcc81da88bb60d7f0b8df32d4bc7953268fb4d44e9a9d8aca98c020c579c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://staging.challenges-dev.holi.social/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Apr 2024 11:37:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1849210
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HS2FM0X62YP09K9PAAR7PQ4R-lga
server
cloudflare
etag
W/"3b3-54EGb0sww7FhRg0xHqrYtqdqln4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
87017bfaaad74bd3-BUF

Redirect headers

date
Sat, 06 Apr 2024 11:37:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HS2FM0NXXTA1YMTWX2RZ9N4F-lga
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1849210
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/default-passive-events@2.0.0/dist/index.umd.js
cache-control
public, max-age=31536000
cf-ray
87017bfa7a4f4bd3-BUF
style.css
staging.challenges-dev.holi.social/ 		38 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/style.css
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8a603cfcc87cce1d69f1ae6e4ae951174791b9f5833634510a2d01b52b5693ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 06 Apr 2024 11:37:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 16:20:34 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
text/css
x-cloud-trace-context
a47dc5f509abea45868f45b29a658580
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
38646
x-xss-protection
0
expires
0
hotjar-3863047.js
static.hotjar.com/c/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3863047.js?sv=6
Requested by
Host: staging.challenges-dev.holi.social
URL: https://staging.challenges-dev.holi.social/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-101.jfk50.r.cloudfront.net
Software
/
Resource Hash
79a50ace19fc50be1538ee52cc6b69dd91f61be85ccf47694897eee3a56fd41e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 06 Apr 2024 11:37:10 GMT
via
1.1 f07e3fd03d3423bceb1c6083ab62cf8a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/016522c1e5385b6975984f99338f9d7e
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
pYU_rOcpJTbeSK0mm9GRWl1JVZoexjwKRR1uT8HL6kxEC_sOAh3cmg==
modules.429236d560f51d186b8b.js
script.hotjar.com/ 		221 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.429236d560f51d186b8b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3863047.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
/
Resource Hash
fa8cabe3021c19ba54e07d28a7722cd4bfdef39dea07207518113f7e161166bb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 10:18:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
91144
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55714
last-modified
Fri, 05 Apr 2024 10:17:11 GMT
etag
"f153d7cc62fba42a4a256996815cbb73"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
pCLbe880Jw-O2_ZwK5A2XR9rDh-9TEuzYXvGmu7PqtooHaHizGwdhw==
browser-perf.8417c6bba72228fa2e29.js
script.hotjar.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.429236d560f51d186b8b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
/
Resource Hash
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Jan 2024 14:32:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 bf8d7cb6fca5d51158e1109ca40fe242.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
6296703
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1782
last-modified
Wed, 24 Jan 2024 14:31:37 GMT
etag
"b83b61bc5871e9a23a0434e2c539f4f3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
lsAmBAtqYlfwsgPBlshFcT-3jhnK9NVzTwG5J8C_5QACmUi81_8kpg==
/
content.hotjar.io/ 		56 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?site_id=3863047&gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.429236d560f51d186b8b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.19.95.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-95-102.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4bdca43196a4288885adc602cc12be200b9ae29857d4f3dce90f61e0c484ddf8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 06 Apr 2024 11:37:10 GMT
content-length
56
vary
Origin
content-type
application/json
favicon-32x32.png
staging.challenges-dev.holi.social/ 		5 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://staging.challenges-dev.holi.social/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2013 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
fe162de3fcbff16bfd23004fd9e8467db7153c0195daa15ff487ad69004f7c7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 06 Apr 2024 11:37:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Apr 2024 16:20:34 GMT
server
Google Frontend
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
image/png
x-cloud-trace-context
dfe41daa83d7919cfdeca5a5136e6e67
cache-control
no-cache, no-store, max-age=0, must-revalidate
accept-ranges
bytes
content-length
4833
x-xss-protection
0
expires
0
/
metrics.hotjar.io/ 		0
70 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://metrics.hotjar.io/?v=6&site_id=3863047
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3863047.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.228.31.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://staging.challenges-dev.holi.social/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 06 Apr 2024 11:37:14 GMT
vary
Origin

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| setCookie function| getCookie function| eraseCookie function| registerVideoPlayControls function| playVideo function| registerPlayer function| postlogClientError function| sendVideoImpression function| registerCommentControl function| registerConfettiButton function| registerForNotifications function| subscribe function| urlBase64ToUint8Array function| sendSubscriptionToServer function| unsubscribe function| isAppRegistered object| htmx function| _hyperscript function| Swiper function| confetti function| hj object| _hjSettings object| allChallengeSwiper object| userChallengeSwiper object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled

5 Cookies

Domain/Path Name / Value
staging.challenges-dev.holi.social/ Name: requireCameraPermission
Value: false
staging.challenges-dev.holi.social/ Name: lastDaySeenSubmissions
Value: 2024-04-06
staging.challenges-dev.holi.social/ Name: SESSION
Value: ZTBmMzQzM2ItOWJiZi00MjE4LWJiNzUtYWJiYjhjMjNmYTBi
.holi.social/ Name: _hjSessionUser_3863047
Value: eyJpZCI6Ijc1YjFjMzdkLTg5NGEtNThiZC05M2ViLWU4ZGNkMDMyODgxNiIsImNyZWF0ZWQiOjE3MTI0MDM0MzA2ODQsImV4aXN0aW5nIjp0cnVlfQ==
.holi.social/ Name: _hjSession_3863047
Value: eyJpZCI6ImIyYWNiMjQxLWM3ZGUtNDE2Mi05M2Q2LTgzNzFkZDFkNGE2NiIsImMiOjE3MTI0MDM0MzA2ODUsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
content.hotjar.io
metrics.hotjar.io
script.hotjar.com
staging.challenges-dev.holi.social
static.hotjar.com
unpkg.com
108.138.106.101
18.164.96.90
2606:4700::6811:f5cb
2607:f8b0:4006:81c::2013
2a04:4e42::485
52.19.95.102
54.228.31.133
0d49051f5379fc0fe5d2fde01acefc7a7a014cabf9da3b909d0a3482a07a42d1
10bcc81da88bb60d7f0b8df32d4bc7953268fb4d44e9a9d8aca98c020c579c10
11cdae4d25619b0058fa9b2f36062eb420d9b7f149c3678533a91efd028a7057
3139d2f737ab246b07e89651d342b4c7ab31c0a0979517459b9f2b7266a7b950
3444ae492a5500c9c803a93b7977a540fb136fb32e8f1676f3131a19f47f43ff
4bdca43196a4288885adc602cc12be200b9ae29857d4f3dce90f61e0c484ddf8
539f7f199e64acd0496b04fd25fec5ee4297ef5d8ed4af7da329fedfeaa6d142
56e6720df1d5cfb086423a096f2f64057aaceb5344640c6be1252a9d1e001e06
5a1c0b17b1139d0aed897998ae2af96e30887a91e03a27672d355b06ed953530
654d87c2c0730e5555fec958268715642ce23a5900d03adbb88c452f82ab23e3
6b257adad6cc5cadab4d0258b93298f2965cfdc76f4c2edd1acd5baa6e17b28a
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
79a50ace19fc50be1538ee52cc6b69dd91f61be85ccf47694897eee3a56fd41e
7adf91532522581d4bbe70f8a8eea92881bd439edfc8b6bda4554ee4ac9fd14b
8a603cfcc87cce1d69f1ae6e4ae951174791b9f5833634510a2d01b52b5693ee
8e521ac64fabae6a3ee0a0d9ce3cb7c7e1db3bf478abe4d139dcf5f0920c3643
b3bdcf5c741897a53648b1207fff0469a0d61901429ba1f6e88f98ebd84e669e
cd737e9904a7eed1ee9639b75eb07915baad92961586d0a1fd6d998d24179de6
d56d9739968c0d5b2ba009d7754894a90463932b1bc6e98b6edb71fcf8cb280a
e0886866456e22893c1c3dc99af97d433ec9e6846cb48494759761962267ea71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9f91ad2a9bee2f32765503377818e9714f4f421516dcdfd60a181326ad2dcce
fa8cabe3021c19ba54e07d28a7722cd4bfdef39dea07207518113f7e161166bb
fc9cc926368944db8f6a48d24a89968c35c1bd659eabe7040d8bf8081619c9a7
fe162de3fcbff16bfd23004fd9e8467db7153c0195daa15ff487ad69004f7c7f