urlscan.io logo urlscan.io
SecurityTrails logo

clientportal.hecticapp.com Open in urlscan Pro
2600:9000:214f:9200:15:3ba4:c4c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.hctc.app/977b67ba-fbb4-4eac-b535-aa4657c38eef
Effective URL: https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEua...
Submission: On March 31 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 13 domains to perform 45 HTTP transactions. The main IP is 2600:9000:214f:9200:15:3ba4:c4c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is clientportal.hecticapp.com.
TLS certificate: Issued by Amazon on December 4th 2021. Valid for: a year.
This is the only time clientportal.hecticapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:206f:7c00:2:fe48:ed40:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.hctc.app
10    2600:9000:214f:9200:15:3ba4:c4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
clientportal.hecticapp.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    65.9.66.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-101.fra56.r.cloudfront.net
cdn.plaid.com
3    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    3.18.134.42 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-134-42.us-east-2.compute.amazonaws.com
auth.hecticapp.com
2    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
2    2600:9000:2057:7600:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    44.228.63.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-63-192.us-west-2.compute.amazonaws.com
m.stripe.com
4    3.137.96.173 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-137-96-173.us-east-2.compute.amazonaws.com
pod01.hecticapp.com
1    35.157.63.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-63-228.eu-central-1.compute.amazonaws.com
ps19.pndsn.com
1    2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)
images.unsplash.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.219.107.26 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
hctc-pod01.s3.us-east-2.amazonaws.com
8    2600:9000:206f:4800:4:8ff3:780:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.tiny.cloud
4    65.9.66.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-96.fra56.r.cloudfront.net
sp.tinymce.com
Apex Domain
Subdomains		 Transfer
15 hecticapp.com
clientportal.hecticapp.com
auth.hecticapp.com
pod01.hecticapp.com
959 KB
8 tiny.cloud
cdn.tiny.cloud — Cisco Umbrella Rank: 26846
362 KB
6 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1188
q.stripe.com — Cisco Umbrella Rank: 7309
m.stripe.com — Cisco Umbrella Rank: 1132
71 KB
4 tinymce.com
sp.tinymce.com — Cisco Umbrella Rank: 25753
1 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
6 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1245
16 KB
2 plaid.com
cdn.plaid.com — Cisco Umbrella Rank: 17118
71 KB
1 amazonaws.com
hctc-pod01.s3.us-east-2.amazonaws.com
478 KB
1 gstatic.com
fonts.gstatic.com
37 KB
1 unsplash.com
images.unsplash.com — Cisco Umbrella Rank: 4525
13 KB
1 pndsn.com
ps19.pndsn.com — Cisco Umbrella Rank: 19943
285 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 431
37 KB
1 hctc.app
www.hctc.app
403 B
45 13
Domain Requested by
10 clientportal.hecticapp.com clientportal.hecticapp.com
8 cdn.tiny.cloud 1 redirects cdn.tiny.cloud
4 sp.tinymce.com
4 pod01.hecticapp.com clientportal.hecticapp.com
3 fonts.googleapis.com clientportal.hecticapp.com
3 js.stripe.com clientportal.hecticapp.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 q.stripe.com clientportal.hecticapp.com
2 cdn.plaid.com clientportal.hecticapp.com
cdn.plaid.com
1 hctc-pod01.s3.us-east-2.amazonaws.com
1 fonts.gstatic.com fonts.googleapis.com
1 images.unsplash.com
1 ps19.pndsn.com clientportal.hecticapp.com
1 m.stripe.com m.stripe.network
1 auth.hecticapp.com clientportal.hecticapp.com
1 cdn.jsdelivr.net clientportal.hecticapp.com
1 www.hctc.app 1 redirects
45 17

This site contains links to these domains. Also see Links.

Domain
excel-5.on.fleek.co
Subject Issuer Validity Valid
*.hecticapp.com
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
secure.plaid.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-08 -
2023-04-08		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-01-26 -
2022-05-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2022-06-09		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-11 -
2022-05-04		 4 months crt.sh
*.pndsn.com
Amazon		 2021-09-21 -
2022-10-19		 a year crt.sh
*.camp-fire.jp
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-20 -
2022-06-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.s3.us-east-2.amazonaws.com
Amazon		 2021-12-17 -
2022-12-16		 a year crt.sh
tinymce.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
tiny.cloud
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh

This page contains 3 frames:

Primary Page: https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Frame ID: 43E563911BCC4AE44436A1A23E40EE0A
Requests: 37 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
Frame ID: 183943B9B1FDB7F67084E7A92822B58B
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 2F71D709CF119FF8134ACA893CE79794
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PROPOSAL AGREEMENT

Page URL History Show full URLs

  1. https://www.hctc.app/977b67ba-fbb4-4eac-b535-aa4657c38eef HTTP 301
    https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6I... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /tiny_?mce(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

45
Requests

96 %
HTTPS

47 %
IPv6

13
Domains

17
Subdomains

17
IPs

2
Countries

2052 kB
Transfer

6279 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.hctc.app/977b67ba-fbb4-4eac-b535-aa4657c38eef HTTP 301
    https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://cdn.tiny.cloud/1/no-api-key/tinymce/5/tinymce.min.js HTTP 307
  • https://cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/tinymce.min.js

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request proposal
clientportal.hecticapp.com/
Redirect Chain
  • https://www.hctc.app/977b67ba-fbb4-4eac-b535-aa4657c38eef
  • https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc...
1 KB
935 B 		Document
General
Check archive.org
Download Go to
Full URL
https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:15:3ba4:c4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
616de5ad1ee31eacfd159971ad25db2049398bdc3f4680511500cb09e80f81c4

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Thu, 31 Mar 2022 18:46:03 GMT
etag
W/"2117b3a9396cc5071a719fbd526cdd56"
last-modified
Thu, 31 Mar 2022 00:47:21 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
x-amz-cf-id
K1JsugAsorBuoZc7J5T0aLlInqztL74aorzyiHHK6isBO0nwMs4TYQ==
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

age
6204
content-length
0
date
Thu, 31 Mar 2022 17:02:39 GMT
location
https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
server
AmazonS3
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-cf-id
8s0h0EISmD7_Es9-XH1IcNccj7YmZCj-WdyiiA-MoiEiz2JLauV8Ow==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.x/css/ 		218 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.x/css/materialdesignicons.min.css
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b84598b7408a49f572ff743dc5886bddd5390c78b40416037da19c13f8d0ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 18:46:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
33521
x-jsd-version
4.9.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19171-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"3690d-+C8LymUllOTB/eRBaefREVF0ZzU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6f4b3eda2d5501db-ZRH
link-initialize.js
cdn.plaid.com/link/v2/stable/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e727d0ba369ebcba0b788658327371bb1b96d495ed99b3ea7caed8684391002e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 15:36:09 GMT
content-encoding
gzip
age
11394
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-request-id
E7BD4C6T54362CPX
x-amz-id-2
zYjYBEUXYv7untKtAfLlgmUC0FCUE0DVv+LGdCqLyu28bnhKNWlto1Wlc8COg+ANxLAV/zna/sc=
last-modified
Thu, 31 Mar 2022 15:03:02 GMT
server
AmazonS3
etag
W/"37b6e84da6f0376253c252639844d9b1"
vary
Accept-Encoding
x-amz-version-id
Z5LS6uwLw2ZlzBVSIBSXFFsaURPhqiW2
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
cache-control
no-cache,must-revalidate,max-age=0
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
TLdrBpPWQ_ca8grhd8Rn4cjUE7ukpH0oEjeLSK6ajIwQ45w5V7eczg==
/
js.stripe.com/v3/ 		290 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d21553a716a5210921050dbc5e4ef269068fae93574e931f64d96e095fb098f9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
37
x-cache
HIT
content-length
70392
etag
"5604166597ebc6e36072d48eac071553"
x-request-id
3e885f4d-7361-42a6-a8a7-6f7ac38206ad
x-served-by
cache-hhn4036-HHN
access-control-allow-origin
*
last-modified
Thu, 31 Mar 2022 18:28:23 GMT
server
Fastly
date
Thu, 31 Mar 2022 18:46:02 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
34
app.1ed8129f.css
clientportal.hecticapp.com/css/ 		69 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clientportal.hecticapp.com/css/app.1ed8129f.css
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:15:3ba4:c4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a56dd81915888e9ca45c149fa4c871d64e9ad71704144c796be101c2046a98d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 18:46:03 GMT
content-encoding
gzip
etag
W/"ba432a2427b68ba4db2915b91bb8b28b"
last-modified
Thu, 31 Mar 2022 00:47:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
6b-0viqGzb_lm52l_3gyYaxKeZhZadt_MsBoBwCMqTBstgCpRaamcQ==
chunk-vendors.3a3b6d1f.css
clientportal.hecticapp.com/css/ 		700 KB
85 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clientportal.hecticapp.com/css/chunk-vendors.3a3b6d1f.css
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:15:3ba4:c4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bba1bbc85cfa2582fcd4360066b5d3f0f32026b6392d4912572568fe066a647

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 18:46:03 GMT
content-encoding
gzip
etag
W/"fc8bcd56db340df1c2b74efc5dabf00a"
last-modified
Thu, 31 Mar 2022 00:47:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
25nMmTtDgdU_EBYJrH7R47ZWSWCvEoYjn8nCGK3UiOu6kYHGgtxyfg==
app.909e7156.js
clientportal.hecticapp.com/js/ 		451 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientportal.hecticapp.com/js/app.909e7156.js
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:15:3ba4:c4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
948c3fd601bd2c34fab03f09e8ee866c3877ae709c17e84d9eea99217dfa3f30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 18:46:03 GMT
content-encoding
gzip
etag
W/"9cdf08491d1671edb883dd054fac0a15"
last-modified
Thu, 31 Mar 2022 00:47:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
lqUs-2W9RCk_3TeWeg777J8HdYpYuzan-RAqn0ifnTBCgNK3nUoc8Q==
chunk-vendors.535d89b4.js
clientportal.hecticapp.com/js/ 		2 MB
677 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientportal.hecticapp.com/js/chunk-vendors.535d89b4.js
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:15:3ba4:c4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ea5608bbc8ca4393ed2c686808da8113684a036b7c12739592d7c37e92f21ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 18:46:03 GMT
content-encoding
gzip
etag
W/"500cc62b011ec9d97289853ff706d68e"
last-modified
Thu, 31 Mar 2022 00:47:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
3mzOidyfmfRvzopfzO6GIR0rZAFqa3wzguxN4Z9qKZG4RczqnOifyg==
link-dynamic-loader.js
cdn.plaid.com/link/2.0.1304/ 		0
41 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/2.0.1304/link-dynamic-loader.js
Requested by
Host: cdn.plaid.com
URL: https://cdn.plaid.com/link/v2/stable/link-initialize.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-101.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 15:36:10 GMT
content-encoding
gzip
age
11393
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 31 Mar 2022 15:03:02 GMT
server
AmazonS3
etag
W/"9fd116a880e25c2b98d880fc6b978f70"
vary
Accept-Encoding
x-amz-version-id
jkVt28Wo2OSXyZtEIlyPEzpuVyGkPrbG
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
cache-control
max-age=10800
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
RQfOFqdD8jr7r6TMUWwrRM6TFnrxrGlvCN0oPV89IcfQeaZZOm3nhA==
tinymce.ad61d29e.js
clientportal.hecticapp.com/js/ 		0
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://clientportal.hecticapp.com/js/tinymce.ad61d29e.js
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:15:3ba4:c4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 18:46:03 GMT
content-encoding
gzip
etag
W/"49d4b3c851a177d3fc3d2318906323ea"
last-modified
Thu, 31 Mar 2022 00:47:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
ao_X0DoFof-Boj132bWTL15GRFsg--Kg-2ZpizQwpA7HS_B0j-uNPA==
css2
fonts.googleapis.com/ 		87 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Archivo:wght@400;700&family=Caveat:wght@400;700&family=Arvo:wght@400;700&family=BioRhyme:wght@400;700&family=Cormorant:wght@400;700&family=Crimson+Text:wght@400;700&family=Exo+2:wght@400;700&family=Fira+Sans:wght@400;700&family=Frank+Ruhl+Libre:wght@400;700&family=IBM+Plex+Sans:wght@400;700&family=Inter:wght@300;400;500;600;700&family=Karla:wght@400;700&family=Lora:wght@400;700&family=Merriweather:wght@400;700&family=Montserrat:wght@400;700&family=Noto+Sans:wght@400;700&family=Nunito:wght@400;700&family=Old+Standard+TT:wght@400;700&family=Oswald:wght@400;700&family=Playfair+Display:wght@400;700&family=Poppins:wght@400;700&family=Roboto:wght@400;700&family=Rubik:wght@400;700&family=Space+Mono:wght@400;700&family=Spectral:wght@400;700&family=Titillium+Web:wght@400;700&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700&display=swap
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/css/app.1ed8129f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
da62656320bacbe1ed48f0d32d7538960921651fbe042fcee98cb5672d0085a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 18:46:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 31 Mar 2022 18:46:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Mar 2022 18:46:02 GMT
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Arizonia&family=Charmonman&family=Herr+Von+Muellerhoff&family=Reenie+Beanie&display=swap
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/css/app.1ed8129f.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc3509ea244ae46c2c4168032e418e7570f476f7a2aae294624eb1a5df2db79b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 18:46:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 31 Mar 2022 18:46:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Mar 2022 18:46:02 GMT
domains
auth.hecticapp.com/api/v1/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.hecticapp.com/api/v1/domains?domain=clientportal.hecticapp.com
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/js/chunk-vendors.535d89b4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.18.134.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-18-134-42.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://clientportal.hecticapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 18:46:03 GMT
x-content-type-options
nosniff
x-frame-options
DENY
access-control-allow-origin
https://clientportal.hecticapp.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length
0
x-xss-protection
1; mode=block
expires
0
m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
js.stripe.com/v3/ Frame 1839 		240 B
569 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
1dda2cecb8f0322c2b59a817ac9d9fa234b3792ff094b1a401b3862d3cf157dc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
6594
cache-control
max-age=31536000
content-encoding
br
content-length
140
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 31 Mar 2022 18:46:03 GMT
etag
"9fe86c29346daf61dc2cc0586b4fad18"
last-modified
Fri, 11 Mar 2022 19:55:40 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
7248
x-content-type-options
nosniff
x-request-id
115ed161-a7d6-444d-8006-0832664115c7
x-served-by
cache-hhn4036-HHN
csp-report
q.stripe.com/ Frame 1839 		0
356 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 31 Mar 2022 18:46:03 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
1
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
m-outer-7345858512d328389831b5c353d30a99.js
js.stripe.com/v3/fingerprinted/js/ Frame 1839 		1 KB
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-9fe86c29346daf61dc2cc0586b4fad18.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
fastly-original-body-size
1495
age
42
x-cache
HIT
content-length
645
etag
"d0c7e21ec457b6a134a496f107c3ca93"
x-request-id
f39ee192-f56e-45d2-b830-4682300ded38
x-served-by
cache-hhn4036-HHN
access-control-allow-origin
*
last-modified
Mon, 07 Mar 2022 20:10:26 GMT
server
Fastly
date
Thu, 31 Mar 2022 18:46:03 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
80
inner.html
m.stripe.network/ Frame 2F71 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-7345858512d328389831b5c353d30a99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
252
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 31 Mar 2022 18:41:55 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-id
O1bQDhN1mKn2Kgc1UcD2ko5aH-f2_PaH3wX6ne03w6_ZIRmoQOrFMw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 2F71 		0
131 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 31 Mar 2022 18:46:03 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
out-4.5.42.js
m.stripe.network/ Frame 2F71 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
139
x-cache
Hit from cloudfront
date
Thu, 31 Mar 2022 18:43:46 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
n_5nDQXaUMXeONUZ2SMusn-ShI8eVaAtAOOM0JmgOFPKtWn89cnMwg==
6
m.stripe.com/ Frame 2F71 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.63.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-63-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
c4fda03d7c13bfa06bf0195422302257195463d4a67952f15cb52afd8423959d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 31 Mar 2022 18:46:03 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
symbol-defs.svg
clientportal.hecticapp.com/ 		133 KB
35 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://clientportal.hecticapp.com/symbol-defs.svg
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/js/chunk-vendors.535d89b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:15:3ba4:c4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fac04e79d1ba887d0ead4d31c2910de8c2a9a23ee01606194401516d2fa13d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 18:46:04 GMT
content-encoding
gzip
etag
W/"09aa102ac02270b85c18cab731ddf2d9"
last-modified
Thu, 31 Mar 2022 00:47:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/svg+xml
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
U8aRc5coJjS4U4F1oLpAsDPHnXp-vUZ5eh1DK0e4ZgusViJ5RR62zA==
proposal
pod01.hecticapp.com/api/docs/ 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pod01.hecticapp.com/api/docs/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/js/chunk-vendors.535d89b4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.137.96.173 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-137-96-173.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
2aa7ecdc4c4d603aca83a4c325614a38d622c119c592e77ed7bf665880ed0c9a

Request headers

Accept
application/json, text/plain, */*
Referer
https://clientportal.hecticapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://clientportal.hecticapp.com
date
Thu, 31 Mar 2022 18:46:04 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-type
application/json;charset=UTF-8
viewed
pod01.hecticapp.com/api/docs/proposal/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pod01.hecticapp.com/api/docs/proposal/viewed?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.137.96.173 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-137-96-173.us-east-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://clientportal.hecticapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://clientportal.hecticapp.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Thu, 31 Mar 2022 18:46:04 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
viewed
pod01.hecticapp.com/api/docs/proposal/ 		0
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pod01.hecticapp.com/api/docs/proposal/viewed?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/js/chunk-vendors.535d89b4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.137.96.173 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-137-96-173.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://clientportal.hecticapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://clientportal.hecticapp.com
date
Thu, 31 Mar 2022 18:46:04 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
0
ps19.pndsn.com/v2/subscribe/sub-c-a24e1616-4c54-11eb-9ec5-221b84410db5/c-12852.p-6244a94946e6ec0001f2d54d/ 		45 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ps19.pndsn.com/v2/subscribe/sub-c-a24e1616-4c54-11eb-9ec5-221b84410db5/c-12852.p-6244a94946e6ec0001f2d54d/0?heartbeat=300&uuid=6244ac1a46e6ec0001f2d553&pnsdk=PubNub-JS-Web%2F4.29.10&auth=6244ac1a46e6ec0001f2d553
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/js/chunk-vendors.535d89b4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.63.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-63-228.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e02bf00c70e535f05107c7c178b764f6206abd598a7775951ca7306bb47df2fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 31 Mar 2022 18:46:04 GMT
Cache-Control
no-cache
Connection
keep-alive
Content-Length
45
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset="UTF-8"
symbol-defs.svg
clientportal.hecticapp.com/ 		133 KB
35 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://clientportal.hecticapp.com/symbol-defs.svg
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/js/chunk-vendors.535d89b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:15:3ba4:c4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fac04e79d1ba887d0ead4d31c2910de8c2a9a23ee01606194401516d2fa13d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 31 Mar 2022 18:46:05 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 00:47:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"09aa102ac02270b85c18cab731ddf2d9"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/svg+xml
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
KmhXZdiwvRjxpSPWZZjy51_omrCjDJcDmqQJdjBPT1yoRhRBaZXTJg==
tinymce.ad61d29e.js
clientportal.hecticapp.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clientportal.hecticapp.com/js/tinymce.ad61d29e.js
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/js/app.909e7156.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:15:3ba4:c4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73e1d87c4e94a9011c633bf5291ec1d9b5a21487ce331ec396efbe4d1835e578

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 31 Mar 2022 18:46:05 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 00:47:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"49d4b3c851a177d3fc3d2318906323ea"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
SdGv78X80Ta1Hf-pCwXxBG_ugnOfcmvMESm7Q9e0p8NiiXXcreNmCg==
css
fonts.googleapis.com/ 		12 KB
851 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter:200,300,400,500,600,700%7CInter:200,300,400,500,600,700
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/js/chunk-vendors.535d89b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
200a62534f58d5c1557739c1f470091570d602509ebe4821d504e8368e71de0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 18:46:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 31 Mar 2022 18:46:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Mar 2022 18:46:04 GMT
files
pod01.hecticapp.com/api/docs/proposal/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pod01.hecticapp.com/api/docs/proposal/files?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c&clientId=6244a89146e6ec0001f2d507&proposalId=6244a94946e6ec0001f2d54d&fileName=Blurr-1.PNG
Requested by
Host: clientportal.hecticapp.com
URL: https://clientportal.hecticapp.com/js/chunk-vendors.535d89b4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.137.96.173 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-137-96-173.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
9a14f951533cfd76807cb9985b015e9261a408c00344a4077729ca4c66d95e6b

Request headers

Accept
application/json, text/plain, */*
Referer
https://clientportal.hecticapp.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin
https://clientportal.hecticapp.com
date
Thu, 31 Mar 2022 18:46:04 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
content-type
application/json;charset=UTF-8
photo-1444927714506-8492d94b4e3d
images.unsplash.com/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.unsplash.com/photo-1444927714506-8492d94b4e3d?ixlib=rb-1.2.1&ixid=eyJhcHBfaWQiOjEzODE4OX0&q=50&h=400&w=918&crop=edges&fit=crop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
36fc8529afd666ad9cba3822b4c67d499756bead818ca9eb069f931ca3c60b6f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 18:46:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Mar 2022 13:57:01 GMT
server
imgix
age
1226943
x-cache
HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=315360000
x-imgix-id
28c3a1b8151e89964d7bf2c32e1fbf2aa7c8c480
fastly-original-body-size
13228
accept-ranges
bytes
content-length
13228
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10071-SJC, cache-hhn4080-HHN
null
clientportal.hecticapp.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clientportal.hecticapp.com/null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9200:15:3ba4:c4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/proposal?token=eyJkb2NJZCI6IjYyNDRhYzFhNDZlNmVjMDAwMWYyZDU1MyIsInBvZFVybCI6Imh0dHBzOi8vcG9kMDEuaGVjdGljYXBwLmNvbS8iLCJjb250YWN0SWQiOm51bGx9.cfed0795cd261d80219cbc6e5a0c997d21c095af11f9831d41ab63b31ccd838c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 31 Mar 2022 18:46:05 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 00:47:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"2117b3a9396cc5071a719fbd526cdd56"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
UpE2U2e7QhSuGHVqOjypkqa0kygevyq8wZ9aVxXcI1MnWwWdU2SdNw==
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v8/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v8/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo:wght@400;700&family=Caveat:wght@400;700&family=Arvo:wght@400;700&family=BioRhyme:wght@400;700&family=Cormorant:wght@400;700&family=Crimson+Text:wght@400;700&family=Exo+2:wght@400;700&family=Fira+Sans:wght@400;700&family=Frank+Ruhl+Libre:wght@400;700&family=IBM+Plex+Sans:wght@400;700&family=Inter:wght@300;400;500;600;700&family=Karla:wght@400;700&family=Lora:wght@400;700&family=Merriweather:wght@400;700&family=Montserrat:wght@400;700&family=Noto+Sans:wght@400;700&family=Nunito:wght@400;700&family=Old+Standard+TT:wght@400;700&family=Oswald:wght@400;700&family=Playfair+Display:wght@400;700&family=Poppins:wght@400;700&family=Roboto:wght@400;700&family=Rubik:wght@400;700&family=Space+Mono:wght@400;700&family=Spectral:wght@400;700&family=Titillium+Web:wght@400;700&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://clientportal.hecticapp.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 18:02:08 GMT
x-content-type-options
nosniff
age
89036
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37716
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:42:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 18:02:08 GMT
0
ps19.pndsn.com/v2/subscribe/sub-c-a24e1616-4c54-11eb-9ec5-221b84410db5/c-12852.p-6244a94946e6ec0001f2d54d/ 		0
0
Blurr-1.PNG
hctc-pod01.s3.us-east-2.amazonaws.com/12852/clients/6244a89146e6ec0001f2d507/proposals/6244a94946e6ec0001f2d54d/ 		478 KB
478 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hctc-pod01.s3.us-east-2.amazonaws.com/12852/clients/6244a89146e6ec0001f2d507/proposals/6244a94946e6ec0001f2d54d/Blurr-1.PNG?X-Amz-Security-Token=IQoJb3JpZ2luX2VjEID%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMiJIMEYCIQC68IyWgDR6QIvluIhC4mzO0%2B1dW3nb2P2%2FyN6TV9V6NgIhAJkviXA6JRy6yGlTy7ddVhkVv4UfLMxGnsTQPQFt2sd5KvMDCBkQARoMNzczMTg0MTMzMjAyIgw%2BQLGvW7wKqfOVpOoq0AOgo9nXABkJ9kD%2BchJ3GStX%2F%2Fghg%2BARKpzt7N9N2pCFrWGSDzm74DeO8Eu828MLHFO8WVPGNjg2%2F93AszTKQ6rmQA9cSTlSMD1afDSr59SQZruZyxyoYJvMBESbs3foMBDGhccZxuu7wCutqvH71crCTQavV5VFD6fUMRFHjZOmaRtNEE4PU7%2FxyLnqTWp%2Fc8cQflHSIweMDAFWDBBzBl2Lks0CYJ6qMV6qAzQpX%2BzlY52WDkZ8hvzxzJvsmRcyNrrAx0Z0JHab5CO63rdg6uOAMppS13W4kHKWLmNmS%2F40nm54UNm3AzN%2Fk6oKcBbsr%2Fd65TVmoscYUaryoijUeNPajIqq8e4M3Um7jCFxykmfvcJQV7vtJe%2F2SB9%2FponlJOwiKNgn4jS4j6aIq5roQXNYJEwZuzMpOzAb3Ku73OgZkswTO3mfajBs73UupoTDo%2FI6iZL5AaVL5OiMDOxSL4T8M9qfqGyEPsW%2FU3QjBGA6m%2B5UX2CfCOePGREJroO%2BuJjQeYLQ16R9N7zFGwRMF9cpGLETj5plnDv%2BFi362Tddn40Z%2BuYMZvFK4DylUPYDEz0iyUy7fXIx5k%2BuTg5vpVWqFmP6UIW%2BYVk9%2Fz%2Bg6GcB3DC%2BpZeSBjqkAfbbHKOyh8Z8DoF33e0HCKo5tRVt21H1dmeiuMigFlgwmQA8G2CCcxTn3VcVTcOTs5zV49Tcj6N2K04j32HTu7CrWZoMFFJ18eRsJcqxezoQ%2F3N%2Bk9dquLsS3OTYamtDSAIlSSfZnzCjIcgRwY6nsuyvQZV0SGI5%2Bo1e9O3um%2Bm8KkF0rsiO9GhdYG%2BBG5keLy7XaOSNTvKyJN7Ftm15cagcyRVI&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20220331T184604Z&X-Amz-SignedHeaders=host&X-Amz-Expires=900&X-Amz-Credential=ASIA3IBK5TBJDXMODWME%2F20220331%2Fus-east-2%2Fs3%2Faws4_request&X-Amz-Signature=2a1a37d2c2ca553b1290de2a2ceb4e49787ae0f5c8b527f540c2a7ac1513cec1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.107.26 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
be0b56c599629e5e4588e7a2d5a11232fd50803162b77764913e2eabc929c328

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Thu, 31 Mar 2022 18:46:05 GMT
Last-Modified
Wed, 30 Mar 2022 19:10:03 GMT
Server
AmazonS3
x-amz-request-id
M6939G27SRBXZGQ7
ETag
"5553b75caee6e31f148528b41da14d57"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
489271
x-amz-id-2
6eS1QSS7tLFpsJzfUW8NiMNZQkU/8V1MRJijFK/ejw3GdqALqm+eHbPdj0qMFtD5EB/MKMoLgOw=
tinymce.min.js
cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/
Redirect Chain
  • https://cdn.tiny.cloud/1/no-api-key/tinymce/5/tinymce.min.js
  • https://cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/tinymce.min.js
393 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/tinymce.min.js
Protocol
H2
Server
2600:9000:206f:4800:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
021a6e80ae99371adee1c24009384da95fa52fb8d1a7eadc582ff1f40ee8658e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 18:20:37 GMT
content-encoding
gzip
vary
Origin
age
1527
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
nginx/1.16.0
etag
W/"JbCrd7j/70NcJmmFaJ46zLNsJ+6NuiSXSe6y8SXMmSM="
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
KQ0J0dcCbbdZIsh33wRN3d9Hrq6FTdnm6xQ-v03aOWGsQ_R_kccdrA==

Redirect headers

date
Thu, 31 Mar 2022 18:46:04 GMT
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
vary
Origin
age
16
x-cache
Miss from cloudfront
content-length
0
access-control-allow-origin
*
server
nginx/1.16.0
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
location
https://cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/tinymce.min.js
cache-control
public, s-maxage=300, max-age=600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
DPiMLQojwiUUYSLajVi_gvRasnoYoyWGB4oh2t9idWfTOJp9rwm9Ww==
i
sp.tinymce.com/ 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.tinymce.com/i?aid=no-api-key&tna=tinymce_cloud&p=web&dtm=1648752364459&stm=1648752364459&tz=Etc%2FUnknown&e=se&se_ca=script_load
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-96.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:15:28 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2017 05:55:26 GMT
server
AmazonS3
age
84637
etag
"fb02f374b8f73825415db1bccd4bd76d"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
K5iaVY0V3k2CpzOMMNpFGxKZg0wwWbLdAjJ-onorRyWuGEG7s_NGCw==
theme.min.js
cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/themes/silver/ 		394 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/themes/silver/theme.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/no-api-key/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4800:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
cbb2c691e4677b5940e3af57313d81b5de469fe99c3845a044f42df36a13e292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 17:02:50 GMT
content-encoding
gzip
vary
Origin
age
6194
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
nginx/1.16.0
etag
W/"5143b3d5ac61249c6d9e34454faa60f9"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cache-control
public, s-maxage=604800, max-age=14400
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
jiaTapenZ_vVFH4ggtlRpzFNl68AqE3nWHiUIDfQ-ojs4m_vujaDxw==
icons.min.js
cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/icons/default/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/icons/default/icons.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/no-api-key/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4800:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6c5a69c090aa1418082e7ad5e707bbe6c531269607e080821a7089a16e0f2b61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 17:02:51 GMT
content-encoding
gzip
vary
Origin
age
6193
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
nginx/1.16.0
etag
W/"18db240f0fcf5635332dbadd948cc500"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cache-control
public, s-maxage=604800, max-age=14400
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
xC02NbI4m6NysYVu-L5KS17agxOc0EbUPtqJ6uBSR-fa4ir99OH8SA==
plugin.min.js
cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/plugins/paste/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/plugins/paste/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/no-api-key/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4800:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
40861ac471981367ecdbbb2480bd8fc8959be844514bdde0de9ccdd4a0742577

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 17:02:51 GMT
content-encoding
gzip
vary
Origin
age
6193
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
nginx/1.16.0
etag
W/"1333847df551d4e5b4a5f74ecdeb73cd"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cache-control
public, s-maxage=604800, max-age=14400
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
2jw3Z-8tDKXZD7teEQJeHN_cYvxWAS3Ykz5aWjUxFjz9UZmtpwi3Jg==
plugin.min.js
cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/plugins/link/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/plugins/link/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/no-api-key/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4800:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c61bd77bcf08e7e2daba6af181c2bf75b191047eb6fd99cc2feb153e0c4dca63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 17:02:51 GMT
content-encoding
gzip
vary
Origin
age
6193
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
nginx/1.16.0
etag
W/"f235263dcdb5fd2a8fca69d69b8262c5"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cache-control
public, s-maxage=604800, max-age=14400
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
k76Cgc9RtwaHaWbkkQuPZFhCMLsqzeKPvgBRC1hvUFrvbdVjwCSAng==
skin.min.css
cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/skins/ui/oxide/ 		60 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/skins/ui/oxide/skin.min.css
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/no-api-key/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4800:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b6ddeda321b0c16d71654f094128fa909c01bef25198df00fb460ea814313c13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 17:02:51 GMT
content-encoding
gzip
vary
Origin
age
6193
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
nginx/1.16.0
etag
W/"ce9c50ea64463735f1191458bda4c98e"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cache-control
public, s-maxage=604800, max-age=14400
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
WSkJZa_Bw2gNpbtWF4DmBq04jBXEdIGhmPbdsJyOCl0GFJXPQhUVCA==
content.inline.min.css
cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/skins/ui/oxide/ 		21 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/no-api-key/tinymce/5.10.3-128/skins/ui/oxide/content.inline.min.css
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/no-api-key/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4800:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ed4d87abf613d58cbb1e0faf45ce536f6bcd2298858358f6e6af5d251a94dbe3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 17:02:52 GMT
content-encoding
gzip
vary
Origin
age
6192
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
nginx/1.16.0
etag
W/"6bd66a9c7dd4181ea823f75f4cee0941"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
cache-control
public, s-maxage=604800, max-age=14400
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
0BOa3AadvvyhSgGiiP4j7_LrvSPXyABzCGHnX1QKWVc4m1VJ2ua_zA==
i
sp.tinymce.com/ 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.tinymce.com/i?aid=no-api-key&tna=tinymce_cloud&p=web&dtm=1648752364596&stm=1648752364596&tz=Etc%2FUnknown&e=se&se_ca=init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-96.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:15:28 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2017 05:55:26 GMT
server
AmazonS3
age
84637
etag
"fb02f374b8f73825415db1bccd4bd76d"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
9BIKRQGXKyHmgiWdxH31mrxooikVwZVFCoPwUuv8ykJCYpQbfVp0mA==
i
sp.tinymce.com/ 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.tinymce.com/i?aid=no-api-key&tna=tinymce_cloud&p=web&dtm=1648752364604&stm=1648752364604&tz=Etc%2FUnknown&e=se&se_ca=init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-96.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:15:28 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2017 05:55:26 GMT
server
AmazonS3
age
84637
etag
"fb02f374b8f73825415db1bccd4bd76d"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
0peNR3ixH4S9yb72pE8AgkMyc-dybVGE-kOR3_8IQvTG130pLazufA==
i
sp.tinymce.com/ 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.tinymce.com/i?aid=no-api-key&tna=tinymce_cloud&p=web&dtm=1648752364607&stm=1648752364607&tz=Etc%2FUnknown&e=se&se_ca=init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-96.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://clientportal.hecticapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:15:28 GMT
via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2017 05:55:26 GMT
server
AmazonS3
age
84637
etag
"fb02f374b8f73825415db1bccd4bd76d"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
bChUPI4D1sN6mMTMGes6QtjrCIRyOpLmPz_1sOwmDQxL5gW9S2P_LA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ps19.pndsn.com
URL
https://ps19.pndsn.com/v2/subscribe/sub-c-a24e1616-4c54-11eb-9ec5-221b84410db5/c-12852.p-6244a94946e6ec0001f2d54d/0?heartbeat=300&tt=16487523640380039&tr=42&uuid=6244ac1a46e6ec0001f2d553&pnsdk=PubNub-JS-Web%2F4.29.10&auth=6244ac1a46e6ec0001f2d553

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| Plaid object| __core-js_shared__ object| __webpackStripeJSv3Jsonp function| Stripe object| webpackJsonp object| regeneratorRuntime object| core function| iFrameResize function| _ function| Color function| Chart object| tinymce object| tinyMCE number| mce-data-1fvgkp2t3

4 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: 3344ae5e-364a-4221-93dd-855327a711fbcc92c4
.clientportal.hecticapp.com/ Name: __stripe_mid
Value: b5ab0f39-4e90-4687-8389-da082d25a24f11341a
.clientportal.hecticapp.com/ Name: __stripe_sid
Value: d6b65fe4-38ff-48f8-8f0a-815a4a46f6239f99ae
.unsplash.com/ Name: ugid
Value: 39c33e0b6fe2d9eec2961905336962385495841

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.hecticapp.com
cdn.jsdelivr.net
cdn.plaid.com
cdn.tiny.cloud
clientportal.hecticapp.com
fonts.googleapis.com
fonts.gstatic.com
hctc-pod01.s3.us-east-2.amazonaws.com
images.unsplash.com
js.stripe.com
m.stripe.com
m.stripe.network
pod01.hecticapp.com
ps19.pndsn.com
q.stripe.com
sp.tinymce.com
www.hctc.app
ps19.pndsn.com
151.101.128.176
2600:9000:2057:7600:19:7d10:bd80:93a1
2600:9000:206f:4800:4:8ff3:780:93a1
2600:9000:206f:7c00:2:fe48:ed40:93a1
2600:9000:214f:9200:15:3ba4:c4c0:93a1
2606:4700::6810:5714
2a00:1450:4001:827::2003
2a00:1450:4001:82b::200a
2a04:4e42:1b::720
3.137.96.173
3.18.134.42
35.157.63.228
44.228.63.192
52.219.107.26
54.187.159.182
65.9.66.101
65.9.66.96
021a6e80ae99371adee1c24009384da95fa52fb8d1a7eadc582ff1f40ee8658e
1bba1bbc85cfa2582fcd4360066b5d3f0f32026b6392d4912572568fe066a647
1dda2cecb8f0322c2b59a817ac9d9fa234b3792ff094b1a401b3862d3cf157dc
200a62534f58d5c1557739c1f470091570d602509ebe4821d504e8368e71de0f
2aa7ecdc4c4d603aca83a4c325614a38d622c119c592e77ed7bf665880ed0c9a
2fac04e79d1ba887d0ead4d31c2910de8c2a9a23ee01606194401516d2fa13d7
36fc8529afd666ad9cba3822b4c67d499756bead818ca9eb069f931ca3c60b6f
40861ac471981367ecdbbb2480bd8fc8959be844514bdde0de9ccdd4a0742577
4a56dd81915888e9ca45c149fa4c871d64e9ad71704144c796be101c2046a98d
5ea5608bbc8ca4393ed2c686808da8113684a036b7c12739592d7c37e92f21ea
616de5ad1ee31eacfd159971ad25db2049398bdc3f4680511500cb09e80f81c4
6c5a69c090aa1418082e7ad5e707bbe6c531269607e080821a7089a16e0f2b61
73e1d87c4e94a9011c633bf5291ec1d9b5a21487ce331ec396efbe4d1835e578
948c3fd601bd2c34fab03f09e8ee866c3877ae709c17e84d9eea99217dfa3f30
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
9a14f951533cfd76807cb9985b015e9261a408c00344a4077729ca4c66d95e6b
a2b84598b7408a49f572ff743dc5886bddd5390c78b40416037da19c13f8d0ce
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b6ddeda321b0c16d71654f094128fa909c01bef25198df00fb460ea814313c13
b97c99a69a6275c8f90703cd4c0864089a74fd08383a1cc75a8a4d0c2cb60cce
bc3509ea244ae46c2c4168032e418e7570f476f7a2aae294624eb1a5df2db79b
be0b56c599629e5e4588e7a2d5a11232fd50803162b77764913e2eabc929c328
c4fda03d7c13bfa06bf0195422302257195463d4a67952f15cb52afd8423959d
c61bd77bcf08e7e2daba6af181c2bf75b191047eb6fd99cc2feb153e0c4dca63
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbb2c691e4677b5940e3af57313d81b5de469fe99c3845a044f42df36a13e292
d21553a716a5210921050dbc5e4ef269068fae93574e931f64d96e095fb098f9
da62656320bacbe1ed48f0d32d7538960921651fbe042fcee98cb5672d0085a6
e02bf00c70e535f05107c7c178b764f6206abd598a7775951ca7306bb47df2fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e727d0ba369ebcba0b788658327371bb1b96d495ed99b3ea7caed8684391002e
ed4d87abf613d58cbb1e0faf45ce536f6bcd2298858358f6e6af5d251a94dbe3
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083