www.sqreen.com Open in urlscan Pro
2a05:d014:275:cb00:1953:33c3:785c:f9da Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cto-security-checklist.sqreen.com/
Effective URL:
https://www.sqreen.com/checklists/saas-cto-security-checklist
Submission: On December 24 via automatic, source certstream-suspicious (December 24th 2020, 2:13:38 am UTC)

Summary HTTP 147 Redirects Links 110 Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 31 domains to perform 147 HTTP transactions. The main IP is 2a05:d014:275:cb00:1953:33c3:785c:f9da, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.sqreen.com.
TLS certificate: Issued by R3 on December 18th 2020. Valid for: 3 months.

This is the only time www.sqreen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2600:9000:220... 2600:9000:2204:b600:4:2d4c:7b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 16	2a05:d014:275... 2a05:d014:275:cb00:1953:33c3:785c:f9da	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	54.240.168.55 54.240.168.55	16509 (AMAZON-02) (AMAZON-02)
7	104.17.74.206 104.17.74.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	65.9.96.131 65.9.96.131	16509 (AMAZON-02) (AMAZON-02)
1	13.32.240.51 13.32.240.51	16509 (AMAZON-02) (AMAZON-02)
18	2a00:f48:2000... 2a00:f48:2000:1023::3	47447 (TTM) (TTM)
1	13.32.240.67 13.32.240.67	16509 (AMAZON-02) (AMAZON-02)
1	65.9.96.128 65.9.96.128	16509 (AMAZON-02) (AMAZON-02)
2	54.200.110.219 54.200.110.219	16509 (AMAZON-02) (AMAZON-02)
1	3.210.194.123 3.210.194.123	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.96.45 65.9.96.45	16509 (AMAZON-02) (AMAZON-02)
1 1	13.32.240.108 13.32.240.108	16509 (AMAZON-02) (AMAZON-02)
3	65.9.96.16 65.9.96.16	16509 (AMAZON-02) (AMAZON-02)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	104.109.95.62 104.109.95.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	34.248.170.27 34.248.170.27	16509 (AMAZON-02) (AMAZON-02)
3	104.109.70.122 104.109.70.122	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2 6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
2	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.203.1.140 18.203.1.140	16509 (AMAZON-02) (AMAZON-02)
1	65.9.96.53 65.9.96.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
2	99.83.219.81 99.83.219.81	16509 (AMAZON-02) (AMAZON-02)
7	52.38.14.212 52.38.14.212	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
147	41

3 2600:9000:2204:b600:4:2d4c:7b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cto-security-checklist.sqreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a05:d014:275:cb00:1953:33c3:785c:f9da (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

www.sqreen.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.sqreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.240.168.55 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-240-168-55.ams54.r.cloudfront.net

d33wubrfki0l68.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.74.206 (United States)

ASN13335 (CLOUDFLARENET, US)

go.sqreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.131 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.240.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-240-51.ams50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)

load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.240.67 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-240-67.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.200.110.219 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-110-219.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.194.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-194-123.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.45 (Seattle, United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.240.108 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.96.16 (Seattle, United States)

ASN16509 (AMAZON-02, US)

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.95.62 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.248.170.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-170-27.eu-west-1.compute.amazonaws.com

reports-api.sqreen.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.109.70.122 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-70-122.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

544-mid-880.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.1.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-1-140.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.88 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.219.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.38.14.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-14-212.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients6.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	sumo.com load.sumo.com sumo.com	629 KB
25	sqreen.com cto-security-checklist.sqreen.com www.sqreen.com go.sqreen.com	639 KB
18	cloudfront.net d33wubrfki0l68.cloudfront.net	59 KB
6	google.com 2 redirects www.google.com clients6.google.com	2 KB
6	sqreen.io 1 redirects www.sqreen.io reports-api.sqreen.io	4 KB
5	google.de www.google.de	1 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	6 KB
5	google-analytics.com www.google-analytics.com	20 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	61 KB
4	googleapis.com fonts.googleapis.com	4 KB
3	facebook.com www.facebook.com	465 B
3	6sc.co j.6sc.co c.6sc.co b.6sc.co	8 KB
3	facebook.net connect.facebook.net	98 KB
3	googleadservices.com www.googleadservices.com	15 KB
3	intercomcdn.com js.intercomcdn.com	109 KB
3	intercom.io 1 redirects widget.intercom.io api-iam.intercom.io	6 KB
2	twitter.com analytics.twitter.com	888 B
2	mktoresp.com 544-mid-880.mktoresp.com	622 B
2	t.co t.co	573 B
2	marketo.net munchkin.marketo.net	7 KB
2	licdn.com snap.licdn.com	3 KB
2	segment.io api.segment.io	283 B
2	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	40 KB
2	jquery.com code.jquery.com	96 KB
1	adnxs.com secure.adnxs.com	703 B
1	hotjar.io vc.hotjar.io	256 B
1	linkedin.com px.ads.linkedin.com	679 B
1	googletagmanager.com www.googletagmanager.com	44 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	segment.com cdn.segment.com	83 KB
1	cloudflare.com cdnjs.cloudflare.com	3 KB
147	31

	Domain	Requested by
18	load.sumo.com	www.sqreen.com load.sumo.com
18	d33wubrfki0l68.cloudfront.net	www.sqreen.com
15	www.sqreen.com	cto-security-checklist.sqreen.com www.sqreen.com
7	sumo.com	load.sumo.com
7	go.sqreen.com	www.sqreen.com go.sqreen.com
5	www.google.de	www.sqreen.com
5	www.google.com	2 redirects www.sqreen.com
5	reports-api.sqreen.io	cto-security-checklist.sqreen.com script.hotjar.com j.6sc.co www.sqreen.com
5	www.google-analytics.com	cdn.segment.com www.google-analytics.com www.sqreen.com
4	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
4	fonts.googleapis.com	www.sqreen.com
3	www.facebook.com	www.sqreen.com
3	connect.facebook.net	cdn.segment.com connect.facebook.net
3	www.googleadservices.com	cdn.segment.com www.googleadservices.com
3	js.intercomcdn.com	www.sqreen.com widget.intercom.io
3	cto-security-checklist.sqreen.com	cto-security-checklist.sqreen.com
2	analytics.twitter.com	static.ads-twitter.com
2	api-iam.intercom.io	js.intercomcdn.com
2	544-mid-880.mktoresp.com	munchkin.marketo.net
2	t.co	www.sqreen.com
2	munchkin.marketo.net	cdn.segment.com munchkin.marketo.net
2	snap.licdn.com	cdn.segment.com snap.licdn.com
2	api.segment.io	cdn.segment.com
2	code.jquery.com	www.sqreen.com
1	clients6.google.com	load.sumo.com
1	b.6sc.co	www.sqreen.com
1	secure.adnxs.com	j.6sc.co
1	c.6sc.co	j.6sc.co
1	stats.g.doubleclick.net	www.google-analytics.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	px.ads.linkedin.com	www.sqreen.com
1	j.6sc.co	cto-security-checklist.sqreen.com
1	www.googletagmanager.com	cdn.segment.com
1	static.ads-twitter.com	cdn.segment.com
1	widget.intercom.io	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	heapanalytics.com	www.sqreen.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.sqreen.com
1	cdn.heapanalytics.com	www.sqreen.com
1	cdn.segment.com	www.sqreen.com
1	cdnjs.cloudflare.com	www.sqreen.com
1	www.sqreen.io	1 redirects
147	44

This site contains links to these domains. Also see Links.

Domain
my.sqreen.com
blog.sqreen.com
docs.sqreen.com
www.facebook.com
twitter.com
www.linkedin.com
www.secureworks.com
resources.infosecinstitute.com
sudo.pagerduty.com
www.cnet.com
support.apple.com
wiki.archlinux.org
support.microsoft.com
github.com
www.rippling.com
medium.com
www.darkreading.com
www.stormshield.com
www.microsoft.com
en.wikipedia.org
support.google.com
get.slack.help
www.yubico.com
www.dashlane.com
lastpass.com
onelogin.com
www.owasp.org
www.infosecurity-magazine.com
www.digitalocean.com
www.vaultproject.io
nacl.cr.yp.to
safecode.org
find-sec-bugs.github.io
techbeacon.com
www.softwaretestinghelp.com
help.github.com
sqreen.com
snyk.io
www8.hp.com
aws.amazon.com
www.loggly.com
www.elastic.co
securityheaders.com
www.ssllabs.com
docs.aws.amazon.com
spacewalkproject.github.io
cloud.google.com
intruder.io
www.tenable.com
www.cloudflare.com
letsencrypt.org
newrelic.com
www.sysdig.com
hbr.org
www.enterpriseready.io
securitycultureframework.net
i.blackhat.com
magoo.github.io
www.icann.org
www.eurodns.com
www.airbnb.com
www.apple.com
zeltser.com
security.openstack.org
www.amazon.com
blog.trailofbits.com
codex.wordpress.org
ayeks.de
www.yeswehack.com
hackerone.com
cobalt.io
auth0.com
www.okta.com
www.digicert.com
castle.io
changelog.sqreen.com
sqreen.status.io

Subject Issuer	Validity	Valid
cto-security-checklist.sqreen.com Amazon	`2020-01-21` - `2021-02-21`	a year	crt.sh
disrupt.sqreen.io R3	`2020-12-18` - `2021-03-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
go.sqreen.com Cloudflare Inc ECC CA-3	`2020-05-25` - `2021-05-25`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2021-07-27`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2020-09-24` - `2021-10-26`	a year	crt.sh
*.sumo.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
heapanalytics.com Amazon	`2020-01-21` - `2021-02-21`	a year	crt.sh
*.intercomcdn.com Amazon	`2020-03-29` - `2021-04-29`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
reports-api.sqreen.com Amazon	`2020-12-16` - `2022-01-14`	a year	crt.sh
*.6sc.co DigiCert SHA2 Secure Server CA	`2020-01-07` - `2021-04-07`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.hotjar.io Amazon	`2020-09-15` - `2021-10-15`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.intercom.com Amazon	`2020-05-13` - `2021-06-13`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.sqreen.com/checklists/saas-cto-security-checklist
Frame ID: 8FFF9B46D2A866BF2E7572ED5560DD5D
Requests: 142 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: BAF436316DC67212FF2D5FFB8F077507
Requests: 1 HTTP requests in this frame

Frame: https://go.sqreen.com/rs/544-MID-880/images/marketo-xdframe-relative.html
Frame ID: B092026BB2517F87AC338CBDDCFD06EF
Requests: 2 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.3651b008.js
Frame ID: 11E0AFD40FC76AEEC9B66CC15EFFCA14
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cto-security-checklist.sqreen.com/ Page URL
https://www.sqreen.io/checklists/saas-cto-security-checklist HTTP 301
https://www.sqreen.com/checklists/saas-cto-security-checklist Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

147
Requests

94 %
HTTPS

41 %
IPv6

31
Domains

44
Subdomains

41
IPs

6
Countries

1935 kB
Transfer

7319 kB
Size

23
Cookies

110 Outgoing links

These are links going to different origins than the main page.

URL: https://my.sqreen.com/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://blog.sqreen.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://docs.sqreen.com/
Title: Docs

Search URL Search Domain Scan URL

URL: https://my.sqreen.com/signup
Title: Free Trial

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&text=SaaS+CTO+Security+Checklist&via=SqreenIO&related=SqreenIO
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist
Title:

Search URL Search Domain Scan URL

URL: https://www.secureworks.com/blog/cybersecurity-awareness-training-best-practices
Title: https://www.secureworks.com/blog/cybersecurity-awareness-training-best-practices

Search URL Search Domain Scan URL

URL: https://resources.infosecinstitute.com/top-10-security-awareness-training-topics-for-your-employees/
Title: https://resources.infosecinstitute.com/top-10-security-awareness-training-topics-for-your-employees/

Search URL Search Domain Scan URL

URL: https://sudo.pagerduty.com/
Title: https://sudo.pagerduty.com/

Search URL Search Domain Scan URL

URL: https://www.cnet.com/how-to/7-ways-to-lock-your-macbook
Title: https://www.cnet.com/how-to/7-ways-to-lock-your-macbook

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-us/HT204837
Title: https://support.apple.com/en-us/HT204837

Search URL Search Domain Scan URL

URL: https://wiki.archlinux.org/index.php/Dm-crypt
Title: https://wiki.archlinux.org/index.php/Dm-crypt

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/instantanswers/e7d75dd2-29c2-16ac-f03d-20cfdf54202f/turn-on-device-encryption
Title: https://support.microsoft.com/en-us/instantanswers/e7d75dd2-29c2-16ac-f03d-20cfdf54202f/turn-on-device-encryption

Search URL Search Domain Scan URL

URL: https://github.com/92bondstreet/awesome-onboarding
Title: https://github.com/92bondstreet/awesome-onboarding

Search URL Search Domain Scan URL

URL: https://www.rippling.com/
Title: https://www.rippling.com/

Search URL Search Domain Scan URL

URL: https://medium.com/starting-up-security/hiring-the-cso-b737c30e098f
Title: https://medium.com/starting-up-security/hiring-the-cso-b737c30e098f

Search URL Search Domain Scan URL

URL: https://www.darkreading.com/threat-intelligence/the--typical--security-engineer-hiring-myths-and-stereotypes/a/d-id/133334
Title: https://www.darkreading.com/threat-intelligence/the–typical–security-engineer-hiring-myths-and-stereotypes/a/d-id/133334

Search URL Search Domain Scan URL

URL: https://www.stormshield.com/
Title: https://www.stormshield.com/

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/windows/windows-defender/
Title: https://www.microsoft.com/en-us/windows/windows-defender/

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Multi-factor_authentication
Title: https://en.wikipedia.org/wiki/Multi-factor_authentication

Search URL Search Domain Scan URL

URL: https://support.google.com/a/answer/184711
Title: https://support.google.com/a/answer/184711

Search URL Search Domain Scan URL

URL: https://get.slack.help/hc/en-us/articles/212221668-Require-two-factor-authentication-for-your-team
Title: https://get.slack.help/hc/en-us/articles/212221668-Require-two-factor-authentication-for-your-team

Search URL Search Domain Scan URL

URL: https://www.yubico.com/why-yubico/how-yubikey-works/
Title: https://www.yubico.com/why-yubico/how-yubikey-works/

Search URL Search Domain Scan URL

URL: https://www.dashlane.com/
Title: https://www.dashlane.com

Search URL Search Domain Scan URL

URL: https://lastpass.com/
Title: https://lastpass.com

Search URL Search Domain Scan URL

URL: https://onelogin.com/
Title: https://onelogin.com

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-us/HT204085
Title: https://support.apple.com/en-us/HT204085

Search URL Search Domain Scan URL

URL: https://support.google.com/a/answer/6087519
Title: https://support.google.com/a/answer/6087519

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Systems_development_life_cycle
Title: https://en.wikipedia.org/wiki/Systems_development_life_cycle

Search URL Search Domain Scan URL

URL: https://github.com/devsecops/awesome-devsecops
Title: https://github.com/devsecops/awesome-devsecops

Search URL Search Domain Scan URL

URL: https://www.owasp.org/index.php/Top_10-2017_Top_10
Title: https://www.owasp.org/index.php/Top_10-2017_Top_10

Search URL Search Domain Scan URL

URL: https://www.infosecurity-magazine.com/opinions/comment-tips-for-private-key-management/
Title: https://www.infosecurity-magazine.com/opinions/comment-tips-for-private-key-management/

Search URL Search Domain Scan URL

URL: https://www.digitalocean.com/community/tutorials/an-introduction-to-managing-secrets-safely-with-version-control-systems
Title: https://www.digitalocean.com/community/tutorials/an-introduction-to-managing-secrets-safely-with-version-control-systems

Search URL Search Domain Scan URL

URL: https://www.vaultproject.io/
Title: https://www.vaultproject.io/

Search URL Search Domain Scan URL

URL: https://nacl.cr.yp.to/
Title: https://nacl.cr.yp.to/

Search URL Search Domain Scan URL

URL: https://safecode.org/
Title: https://safecode.org

Search URL Search Domain Scan URL

URL: https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
Title: https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project

Search URL Search Domain Scan URL

URL: https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
Title: https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents

Search URL Search Domain Scan URL

URL: https://www.owasp.org/index.php/Source_Code_Analysis_Tools
Title: https://www.owasp.org/index.php/Source_Code_Analysis_Tools

Search URL Search Domain Scan URL

URL: https://find-sec-bugs.github.io/
Title: Findbugs (Java)

Search URL Search Domain Scan URL

URL: https://github.com/presidentbeef/brakeman
Title: Brakeman (Ruby)

Search URL Search Domain Scan URL

URL: https://www.owasp.org/images/7/76/Jim_Manico_(Hamburg)_-_Securiing_the_SDLC.pdf
Title: https://www.owasp.org/images/7/76/Jim_Manico_(Hamburg)_-_Securiing_the_SDLC.pdf

Search URL Search Domain Scan URL

URL: https://docs.sqreen.com/security-automation/introduction-playbooks/
Title: https://docs.sqreen.com/security-automation/introduction-playbooks/

Search URL Search Domain Scan URL

URL: https://techbeacon.com/enterprise-it/how-lock-down-your-serverless-apps-five-steps
Title: https://techbeacon.com/enterprise-it/how-lock-down-your-serverless-apps-five-steps

Search URL Search Domain Scan URL

URL: https://www.softwaretestinghelp.com/penetration-testing-guide/
Title: https://www.softwaretestinghelp.com/penetration-testing-guide/

Search URL Search Domain Scan URL

URL: https://blog.sqreen.com/leverage-pentest/
Title: https://blog.sqreen.com/leverage-pentest/

Search URL Search Domain Scan URL

URL: https://help.github.com/en/articles/about-security-alerts-for-vulnerable-dependencies
Title: Github

Search URL Search Domain Scan URL

URL: https://sqreen.com/
Title: https://sqreen.com/

Search URL Search Domain Scan URL

URL: https://snyk.io/
Title: https://snyk.io/

Search URL Search Domain Scan URL

URL: http://www8.hp.com/us/en/software-solutions/appdefender-application-self-protection/
Title: http://www8.hp.com/us/en/software-solutions/appdefender-application-self-protection/

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/getting-started/backup-files-to-amazon-s3/
Title: https://aws.amazon.com/getting-started/backup-files-to-amazon-s3/

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Network_Time_Protocol
Title: https://en.wikipedia.org/wiki/Network_Time_Protocol

Search URL Search Domain Scan URL

URL: https://www.loggly.com/
Title: https://www.loggly.com/

Search URL Search Domain Scan URL

URL: https://www.elastic.co/products/kibana
Title: https://www.elastic.co/products/kibana

Search URL Search Domain Scan URL

URL: https://securityheaders.com/
Title: https://securityheaders.com

Search URL Search Domain Scan URL

URL: https://www.ssllabs.com/
Title: https://www.ssllabs.com/

Search URL Search Domain Scan URL

URL: https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html
Title: https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html

Search URL Search Domain Scan URL

URL: https://github.com/containrrr/watchtower
Title: https://github.com/containrrr/watchtower

Search URL Search Domain Scan URL

URL: https://spacewalkproject.github.io/
Title: https://spacewalkproject.github.io/

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/cloudformation/
Title: https://aws.amazon.com/cloudformation/

Search URL Search Domain Scan URL

URL: https://cloud.google.com/deployment-manager/
Title: https://cloud.google.com/deployment-manager/

Search URL Search Domain Scan URL

URL: https://intruder.io/
Title: https://intruder.io/

Search URL Search Domain Scan URL

URL: https://www.tenable.com/downloads/nessus
Title: https://www.tenable.com/downloads/nessus

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/
Title: https://www.cloudflare.com/

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/cloudfront/
Title: https://aws.amazon.com/cloudfront/

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/fr/blogs/security/securely-connect-to-linux-instances-running-in-a-private-amazon-vpc/
Title: https://aws.amazon.com/fr/blogs/security/securely-connect-to-linux-instances-running-in-a-private-amazon-vpc/

Search URL Search Domain Scan URL

URL: https://letsencrypt.org/
Title: https://letsencrypt.org/

Search URL Search Domain Scan URL

URL: https://support.google.com/webmasters/answer/6073543?hl=en
Title: https://support.google.com/webmasters/answer/6073543?hl=en

Search URL Search Domain Scan URL

URL: https://newrelic.com/server-monitoring
Title: https://newrelic.com/server-monitoring

Search URL Search Domain Scan URL

URL: https://www.sysdig.com/
Title: https://www.sysdig.com/

Search URL Search Domain Scan URL

URL: https://hbr.org/2015/05/customer-data-designing-for-transparency-and-trust
Title: https://hbr.org/2015/05/customer-data-designing-for-transparency-and-trust

Search URL Search Domain Scan URL

URL: https://www.enterpriseready.io/gdpr/preparing-for-gdpr/
Title: https://www.enterpriseready.io/gdpr/preparing-for-gdpr/#

Search URL Search Domain Scan URL

URL: https://github.com/privacyradius/gdpr-checklist
Title: https://github.com/privacyradius/gdpr-checklist

Search URL Search Domain Scan URL

URL: https://securitycultureframework.net/
Title: https://securitycultureframework.net/

Search URL Search Domain Scan URL

URL: https://i.blackhat.com/eu-18/Wed-Dec-5/eu-18-OBoyle-SDL-at-Scale-Growing-Security-Champions.pdf
Title: https://i.blackhat.com/eu-18/Wed-Dec-5/eu-18-OBoyle-SDL-at-Scale-Growing-Security-Champions.pdf

Search URL Search Domain Scan URL

URL: https://resources.infosecinstitute.com/asset-management-guide-information-security-professionals/
Title: https://resources.infosecinstitute.com/asset-management-guide-information-security-professionals/

Search URL Search Domain Scan URL

URL: https://magoo.github.io/simple-risk/
Title: https://magoo.github.io/simple-risk/

Search URL Search Domain Scan URL

URL: https://www.icann.org/news/blog/do-you-have-a-domain-name-here-s-what-you-need-to-know-part-4
Title: https://www.icann.org/news/blog/do-you-have-a-domain-name-here-s-what-you-need-to-know-part-4

Search URL Search Domain Scan URL

URL: https://www.eurodns.com/blog/domain-name-security-best-practices
Title: https://www.eurodns.com/blog/domain-name-security-best-practices

Search URL Search Domain Scan URL

URL: https://www.airbnb.com/security
Title: https://www.airbnb.com/security

Search URL Search Domain Scan URL

URL: https://www.apple.com/support/security/
Title: https://www.apple.com/support/security/

Search URL Search Domain Scan URL

URL: https://zeltser.com/security-incident-response-program-tips/
Title: https://zeltser.com/security-incident-response-program-tips/

Search URL Search Domain Scan URL

URL: https://github.com/meirwah/awesome-incident-response
Title: https://github.com/meirwah/awesome-incident-response

Search URL Search Domain Scan URL

URL: https://security.openstack.org/vmt-process.html
Title: https://security.openstack.org/vmt-process.html

Search URL Search Domain Scan URL

URL: https://medium.com/@magoo/incident-response-writing-a-playbook-773e7920f171
Title: https://medium.com/@magoo/incident-response-writing-a-playbook-773e7920f171

Search URL Search Domain Scan URL

URL: https://www.amazon.com/How-Measure-Anything-Cybersecurity-Risk/dp/1536669741
Title: https://www.amazon.com/How-Measure-Anything-Cybersecurity-Risk/dp/1536669741

Search URL Search Domain Scan URL

URL: https://hbr.org/2017/11/the-key-to-better-cybersecurity-keep-employee-rules-simple
Title: https://hbr.org/2017/11/the-key-to-better-cybersecurity-keep-employee-rules-simple

Search URL Search Domain Scan URL

URL: https://medium.com/starting-up-security/starting-up-security-policy-104261d5438a
Title: https://medium.com/starting-up-security/starting-up-security-policy-104261d5438a

Search URL Search Domain Scan URL

URL: https://aws.amazon.com/premiumsupport/technology/trusted-advisor/
Title: https://aws.amazon.com/premiumsupport/technology/trusted-advisor/

Search URL Search Domain Scan URL

URL: https://blog.trailofbits.com/2015/07/07/how-to-harden-your-google-apps/
Title: https://blog.trailofbits.com/2015/07/07/how-to-harden-your-google-apps/

Search URL Search Domain Scan URL

URL: https://support.google.com/a/answer/7587183?hl=en
Title: https://support.google.com/a/answer/7587183?hl=en

Search URL Search Domain Scan URL

URL: https://codex.wordpress.org/Hardening_WordPress
Title: https://codex.wordpress.org/Hardening_WordPress

Search URL Search Domain Scan URL

URL: https://medium.com/@longtermsec/more-tips-for-securing-your-g-suite-4d617bd04bc8
Title: https://medium.com/@longtermsec/more-tips-for-securing-your-g-suite-4d617bd04bc8

Search URL Search Domain Scan URL

URL: https://get.slack.help/hc/en-us/articles/115004155306-Security-tips-to-protect-your-workspace
Title: https://get.slack.help/hc/en-us/articles/115004155306-Security-tips-to-protect-your-workspace

Search URL Search Domain Scan URL

URL: https://ayeks.de/post/2018-06-11-automating_and_scaling_security/
Title: https://ayeks.de/post/2018-06-11-automating_and_scaling_security/

Search URL Search Domain Scan URL

URL: https://www.yeswehack.com/en/index.html
Title: https://www.yeswehack.com/en/index.html

Search URL Search Domain Scan URL

URL: https://hackerone.com/
Title: https://hackerone.com/

Search URL Search Domain Scan URL

URL: https://cobalt.io/
Title: https://cobalt.io

Search URL Search Domain Scan URL

URL: https://resources.infosecinstitute.com/5-best-practices-for-ensuring-data-privacy/
Title: https://resources.infosecinstitute.com/5-best-practices-for-ensuring-data-privacy/

Search URL Search Domain Scan URL

URL: https://auth0.com/
Title: https://auth0.com/

Search URL Search Domain Scan URL

URL: https://www.okta.com/
Title: https://www.okta.com/

Search URL Search Domain Scan URL

URL: https://www.digicert.com/blog/creating-password-policy-best-practices/
Title: https://www.digicert.com/blog/creating-password-policy-best-practices/

Search URL Search Domain Scan URL

URL: https://castle.io/
Title: https://castle.io

Search URL Search Domain Scan URL

URL: https://changelog.sqreen.com/
Title: Change Log

Search URL Search Domain Scan URL

URL: https://sqreen.status.io/
Title: Service Status

Search URL Search Domain Scan URL

URL: https://github.com/Sqreen
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/SqreenIO
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/sqreen
Title:

Search URL Search Domain Scan URL

URL: https://docs.sqreen.com/faq/sqreen-badges/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cto-security-checklist.sqreen.com/ Page URL
https://www.sqreen.io/checklists/saas-cto-security-checklist HTTP 301
https://www.sqreen.com/checklists/saas-cto-security-checklist Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://widget.intercom.io/widget/ev3k1dfl HTTP 302
https://js.intercomcdn.com/shim.latest.js

Request Chain 103

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945086973/?random=1436499408&cv=9&fst=1608776002351&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QvnjX5XSF7-i7_UPgLq5aA&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/945086973/?random=1436499408&cv=9&fst=1608776002351&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QvnjX5XSF7-i7_UPgLq5aA&cid=CAQSKQCNIrLM45M23afg3k-p0r7vpKBtevyY0Ihnl_jn3Uberw_phwBVkQao&random=43169512&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/945086973/?random=1436499408&cv=9&fst=1608776002351&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QvnjX5XSF7-i7_UPgLq5aA&cid=CAQSKQCNIrLM45M23afg3k-p0r7vpKBtevyY0Ihnl_jn3Uberw_phwBVkQao&random=43169512&resp=GooglemKTybQhCsO&ipr=y

Request Chain 104

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945086973/?random=508575130&cv=9&fst=1608776002357&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QvnjX8DTF5qZ7_UPpLeMsAk&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/945086973/?random=508575130&cv=9&fst=1608776002357&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QvnjX8DTF5qZ7_UPpLeMsAk&cid=CAQSKQCNIrLMHc7aH6bnCAzT7GeSqPEMq7J3QHnIBULALtexE4KBzfhGJMKd&random=2889947599&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/945086973/?random=508575130&cv=9&fst=1608776002357&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QvnjX8DTF5qZ7_UPpLeMsAk&cid=CAQSKQCNIrLMHc7aH6bnCAzT7GeSqPEMq7J3QHnIBULALtexE4KBzfhGJMKd&random=2889947599&resp=GooglemKTybQhCsO&ipr=y

147 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
cto-security-checklist.sqreen.com/ 89 KB
16 KB 466ms
432ms Document
text/html 2600:9000:2204:b600:4:2d4c:7b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cto-security-checklist.sqreen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:b600:4:2d4c:7b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c65d5f03bb2e19294396faa0b9c630a79b33c961b6773cde5d0e8c9ad7e4daea

Request headers

:method: GET
:authority: cto-security-checklist.sqreen.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html
last-modified: Tue, 30 Apr 2019 21:53:05 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 24 Dec 2020 02:13:21 GMT
etag: "a366a384b9ebfebcd02c0259d6dbe647"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 14ece26b907b2b297edda8cd1de9a9b4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: _53AkLZol0hkAq2fTEbERm7c6r7GO8xrQ5mwlwSE_7OE2e321vntNg==

GET
H2 200 style.min.css
cto-security-checklist.sqreen.com/css/ 18 KB
4 KB 402ms
401ms Stylesheet
text/css 2600:9000:2204:b600:4:2d4c:7b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cto-security-checklist.sqreen.com/css/style.min.css
Requested by: Host: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:b600:4:2d4c:7b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2af26a6f7017e387ab6460d6ed668d84234619cd748343a169c50716e582191

Request headers

Referer: https://cto-security-checklist.sqreen.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
last-modified: Tue, 30 Apr 2019 21:53:05 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
etag: "8b0aaeaa6d73c09b64ffd055f4aff00b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
via: 1.1 14ece26b907b2b297edda8cd1de9a9b4.cloudfront.net (CloudFront)
x-amz-cf-id: Q6GssNcyvmRnrpNndVkd_K45310eUYFtvQziWoCa-VXdOpYvBalqUw==

GET
H2 200 cross.svg
cto-security-checklist.sqreen.com/images/ 202 B
518 B 465ms
464ms Image
image/svg+xml 2600:9000:2204:b600:4:2d4c:7b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cto-security-checklist.sqreen.com/images/cross.svg
Requested by: Host: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2204:b600:4:2d4c:7b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://cto-security-checklist.sqreen.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
via: 1.1 14ece26b907b2b297edda8cd1de9a9b4.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2019 21:53:03 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
etag: "76fb4c49319a9528a3d8cf539814a077"
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 202
x-amz-cf-id: RsOdmXUDdxelYa_lF-Qqmzpfb66NBwubo1OlHctgBdSAt3323AvnyQ==

GET burger.svg
cto-security-checklist.sqreen.com/images/ 0
0

GET scsc-logo.svg
cto-security-checklist.sqreen.com/images/ 0
0

GET arrow-bottom.svg
cto-security-checklist.sqreen.com/images/ 0
0

GET sqreen-logo.svg
cto-security-checklist.sqreen.com/images/ 0
0

GET icon-twitter-white.svg
cto-security-checklist.sqreen.com/images/ 0
0

GET jquery-3.1.1.min.js
cto-security-checklist.sqreen.com/js/vendors/ 0
0

GET isotope.pkgd.min.js
cto-security-checklist.sqreen.com/js/vendors/ 0
0

GET main.js
cto-security-checklist.sqreen.com/js/ 0
0

GET
H2

200

Primary Request saas-cto-security-checklist Show response
www.sqreen.com/checklists/
Redirect Chain

https://www.sqreen.io/checklists/saas-cto-security-checklist
https://www.sqreen.com/checklists/saas-cto-security-checklist

166 KB
29 KB

15ms
8ms

Document
text/html

2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/checklists/saas-cto-security-checklist

Requested by

Host: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

ab36a512210b0f75aacf3ed1860bfd5cab5abefaddf34dd30a932bee87bea85f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.sqreen.com
:scheme: https
:path: /checklists/saas-cto-security-checklist
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cto-security-checklist.sqreen.com/

Response headers

cache-control: public, max-age=0, must-revalidate
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
content-type: text/html; charset=UTF-8
date: Wed, 23 Dec 2020 11:12:26 GMT
etag: "7b4347d733c198a7d7154397d6d4d8ff-ssl-df"
referrer-policy: same-origin
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-protected-by: Sqreen
x-xss-protection: 1; mode=block
content-encoding: br
age: 54055
content-length: 29044
server: Netlify
vary: Accept-Encoding
x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633372

Redirect headers

cache-control: public, max-age=0, must-revalidate
content-length: 77
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
content-type: text/plain; charset=utf-8
date: Thu, 24 Dec 2020 02:13:21 GMT
location: https://www.sqreen.com/checklists/saas-cto-security-checklist
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: DENY
x-protected-by: Sqreen
x-xss-protection: 1; mode=block
age: 0
server: Netlify
x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633367

GET
H2 200 style.css
www.sqreen.com/css/ 408 KB
52 KB 7ms
6ms Stylesheet
text/css 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/css/style.css

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

460a49f2067962dd6a8de35096cb273ddd2a6b33c3dc2ad69fd1e31cb0ae7ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sqreen.com/checklists/saas-cto-security-checklist
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633373
date: Tue, 22 Dec 2020 15:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 123423
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
vary: Accept-Encoding
content-length: 52789
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "daec4e493ce94f0a3119abd6bed6e0a0-ssl-df"
strict-transport-security: max-age=31536000
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 purser.js Show response
www.sqreen.com/assets/js/ 2 KB
831 B 8ms
7ms Script
application/javascript 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/js/purser.js

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

5e7cc919d6aad76a106d34dfa95d2b87d6cd925eb8e19fcfbc98a7c79e4b3ed9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sqreen.com/checklists/saas-cto-security-checklist
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633374
date: Tue, 22 Dec 2020 16:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122763
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
vary: Accept-Encoding
content-length: 669
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "b3e1a451a49b44d73ba1755ce28f70c2-ssl-df"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 qs.min.js Show response
cdnjs.cloudflare.com/ajax/libs/qs/6.5.0/ 8 KB
3 KB 24ms
10ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/qs/6.5.0/qs.min.js

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4976bdfa792eaeec191f6b9a88beb27c2d7a15c2c2670fab634eed012f4567e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1861384
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 2765
cf-request-id: 07341ec03600004a5592124000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fad-201f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fTAA7Xw9Df3eBEqK6Pb6mDt6tpMDlK8kq7z34fN%2Bh16Y%2FVAXHJvy9sMzfnNJwU8WhMKoShWgzEPMdc8CqYtTX88XF2VrKFW9z3fou7GrDCCNud49kqjXyBjiLjmrRdjvnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6066cd79fb244a55-FRA
expires: Tue, 14 Dec 2021 02:13:21 GMT

GET
H2 200 sqreen-platform.svg
d33wubrfki0l68.cloudfront.net/1ab41b78e5ad4f7ccd8776745ed30bb6f8f7704e/fc56e/assets/img/icons/ 1 KB
1 KB 55ms
17ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/1ab41b78e5ad4f7ccd8776745ed30bb6f8f7704e/fc56e/assets/img/icons/sqreen-platform.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: d65008cad89b9d9dbb20b1579634ba3e90708160ae1838ca4c1d38fe2e3fd84c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: bf2eaae6-9047-4689-a8af-309a640ebc71-16221834
date: Tue, 24 Nov 2020 06:55:16 GMT
content-encoding: gzip
age: 2575085
x-cache: Hit from cloudfront
content-length: 606
access-control-allow-origin: *
server: Netlify
etag: 4811d7d4b447e85ba016eb5ee68813abefe6a5cf-df
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
x-amz-cf-id: 2Uj-SfR-Jy-Y_Qmg_awJ5O0U6mbugJNyiwRVpE-ppMjqKn7xVyGYhw==

GET
H2 200 protection.svg
d33wubrfki0l68.cloudfront.net/ad8d22c89980455f6709d24c8538b72968159487/dc53c/assets/img/icons/ 330 B
729 B 55ms
17ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/ad8d22c89980455f6709d24c8538b72968159487/dc53c/assets/img/icons/protection.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: 655270ae95f9a7b35ec7557a5d4d95a267ab7be2d40334167277742de77bab49

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: b03a7f9d-0d0a-4f80-a557-1df9d3056cc2-9297307
date: Sun, 29 Nov 2020 03:23:05 GMT
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
server: Netlify
age: 2155816
etag: ae1d8c94004bd164a0a2eeb76ca58b892e6f3a30
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
content-length: 330
x-amz-cf-id: yBfzYTRhxKlPPYQao59A8QZE0BNKM3pxbOUpfZzY_XqDntD_L4-2Uw==

GET
H2 200 observe.svg
d33wubrfki0l68.cloudfront.net/d57452065ea29507549860f8b9d9d047ff6a23d7/37938/assets/img/icons/ 424 B
823 B 55ms
17ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/d57452065ea29507549860f8b9d9d047ff6a23d7/37938/assets/img/icons/observe.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: bea7e2163b7dbdb8849b1749d019a139b9dc79e80cc5a8724820a6a6c54bb267

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 94ddfd14-ce07-4c00-8547-77ecaa66c11e-35863607
date: Thu, 26 Nov 2020 07:00:32 GMT
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
server: Netlify
age: 2401969
etag: 5195d371eeaa770bae64568239bbf64c07ee2fc0
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
content-length: 424
x-amz-cf-id: 4CeFjxSDVedEhKki91TXglPd_JwyePrXrj0XXWbiPRKeUt-Iq4XFJw==

GET
H2 200 library.svg
d33wubrfki0l68.cloudfront.net/f5f2d0eba2cf0adf4b6b9c7ae2cedbc42f01d5cb/dcc61/assets/img/icons/ 737 B
1 KB 56ms
18ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/f5f2d0eba2cf0adf4b6b9c7ae2cedbc42f01d5cb/dcc61/assets/img/icons/library.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: 65d5da362ebe504b8e92c4007b5ec68fd001d63274885d3266b03055be327c79

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 8e6c2091-95bb-46bb-831b-47d7a94b5b7d-26927819
date: Thu, 17 Dec 2020 05:09:27 GMT
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
server: Netlify
age: 594234
etag: 235fcf265b62ad2d254dd2289df2e80a4b1577a9
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
content-length: 737
x-amz-cf-id: Iou17ch2kCJys6gDLFPdeP93MlO19Xs7mbjLVAsx9ONbbdQNmbzbjQ==

GET
H2 200 learning-center.svg
d33wubrfki0l68.cloudfront.net/49d1087bb86300736fd0d3435c6e33cf64ad3817/c9c85/assets/img/icons/ 952 B
1 KB 56ms
18ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/49d1087bb86300736fd0d3435c6e33cf64ad3817/c9c85/assets/img/icons/learning-center.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: 4858d5d7d0cff30eb9571e795de5da7f3af5e5399b149ddf37cfb1a1041ce076

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f8e15076-0061-4452-b0b0-5b4620ddbc7e-3152444
date: Mon, 23 Nov 2020 07:49:49 GMT
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
server: Netlify
age: 2658213
etag: 15b338f387708a76cc43d997c3e7a62bd27104ea
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
content-length: 952
x-amz-cf-id: FKYd3Bdz1zRpaYz4aVKIHjx4TQRhVwQ7YRYbf9vklQm47gwXf8LukA==

GET
H2 200 blog.svg
d33wubrfki0l68.cloudfront.net/0192ab853676e93192834e4d15a56952f18107ea/125cd/assets/img/icons/ 2 KB
1 KB 37ms
19ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/0192ab853676e93192834e4d15a56952f18107ea/125cd/assets/img/icons/blog.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: 8867e18a10ae4dedad9634dc790a6d93e4c770f794d18139588d3bbef7733868

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 78328279-f5dc-40b5-ba1a-b84fdd0e9824-7420359
date: Sat, 21 Nov 2020 07:02:29 GMT
content-encoding: gzip
age: 2833852
x-cache: Hit from cloudfront
content-length: 944
access-control-allow-origin: *
server: Netlify
etag: 273e3094d40897f48ea37ecfcf1ab68bd59c079b-df
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
x-amz-cf-id: NadxCb54SiiN5ml0tNJ-FQv0iZbzwiWrp3VihsxnPqVglavZj-zeLw==

GET
H2 200 docs.svg
d33wubrfki0l68.cloudfront.net/fb93cb8c90bb934c43ba57fb342f07225336fd37/430d6/assets/img/icons/ 3 KB
2 KB 25ms
24ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/fb93cb8c90bb934c43ba57fb342f07225336fd37/430d6/assets/img/icons/docs.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: 23c2a02eceb4430e225b72b02ceb9cf401e12149fde5649783e67e153646c392

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 2d6d645d-37c7-48d5-8816-9746465eb690-16135524
date: Mon, 23 Nov 2020 17:38:18 GMT
content-encoding: gzip
age: 2622903
x-cache: Hit from cloudfront
content-length: 1174
access-control-allow-origin: *
server: Netlify
etag: 7fd90c882966b35311160ea7a69e1c609e8cd0df-df
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
x-amz-cf-id: fZidZHchsS0EnqXYNMpBej6w7tEbp8ZnEIaZYJaGSZGhUJbIQz4q-A==

GET
H2 200 icon-fullscreen.svg
d33wubrfki0l68.cloudfront.net/f7892c516328907295e70342cd8ebbaab2d73df1/9849d/assets/img/icons/ 294 B
692 B 18ms
17ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/f7892c516328907295e70342cd8ebbaab2d73df1/9849d/assets/img/icons/icon-fullscreen.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: 3c204ee7d12314fd514c1721b3a4fbb844ea666b6b4dd2436868ae16b12291ec

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 78328279-f5dc-40b5-ba1a-b84fdd0e9824-4735890
date: Mon, 23 Nov 2020 06:26:12 GMT
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
server: Netlify
age: 2663229
etag: f18499e1a8a4282cbfbf04ef0f23b71717a07f04
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
content-length: 294
x-amz-cf-id: KUCQMYps93pewgmFs-l7_CzVnGIJrG-6EgzdekWS8heCOBokKvFgyQ==

GET
H2 200 tada.png
d33wubrfki0l68.cloudfront.net/d5b178445bc8fb1685724cb9c8eb085a58ad7d16/9f620/assets/img/icons/ 36 KB
36 KB 40ms
39ms Image
image/png 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/d5b178445bc8fb1685724cb9c8eb085a58ad7d16/9f620/assets/img/icons/tada.png
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: 5255fe00193b66f96c13b9319b806f8be3770360e62c133013e800857909646d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 074827d4-042c-48c6-a030-fa914f0587f5-173617797
date: Thu, 17 Dec 2020 07:10:38 GMT
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
server: Netlify
age: 586964
etag: 3aea03ccc0356e94671920aa8e6b7325534869b4
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
content-length: 36640
x-amz-cf-id: mTMG8jouh5YpUyi7EpXZc6zcsGx-d9Gao9vAWZD6sIIYjWgkxGi_qw==

GET
H2 200 forms2.min.js Show response
go.sqreen.com/js/forms2/js/ 205 KB
68 KB 68ms
25ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sqreen.com/js/forms2/js/forms2.min.js

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dde2a7cd4331f78a4b35dca9aa2e716fc3d0c83ba0f855f0812cbfae4a27a805

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 12 Oct 2020 17:13:35 GMT
server: cloudflare
age: 2832
etag: "7e04e4-33245-5b17c6b21edc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6066cd7a4c990c79-AMS
cf-request-id: 07341ec06900000c79c0b95000000001
expires: Thu, 24 Dec 2020 06:13:21 GMT

GET
H2 200 sqreen-logo-bw-white.svg
d33wubrfki0l68.cloudfront.net/581c362c98647a1f60b0836031af8c398e14e2d8/37d35/assets/img/logos/ 6 KB
3 KB 31ms
30ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/581c362c98647a1f60b0836031af8c398e14e2d8/37d35/assets/img/logos/sqreen-logo-bw-white.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: 394f62547c718336aa5f916333b6907b8c04efbff298bf391da3bc96492a49e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 82777363-fc1e-4d8c-b229-392915153891-47713768
date: Wed, 23 Sep 2020 06:59:00 GMT
content-encoding: gzip
age: 7931660
x-cache: Hit from cloudfront
content-length: 2774
access-control-allow-origin: *
server: Netlify
etag: 16032948481b469314a967979317c9b143eb918e-df
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
x-amz-cf-id: 3VgfGIpLj_NkryPEnhZa-UDCA4PGZvCCRL9kw5hpRFCXpptvAOWSKg==

GET
H2 200 icon-radar.svg
d33wubrfki0l68.cloudfront.net/577ff26267b5620aa649ee5263cb27e8b097abdf/1e7ab/assets/img/icons/ 4 KB
1 KB 41ms
40ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/577ff26267b5620aa649ee5263cb27e8b097abdf/1e7ab/assets/img/icons/icon-radar.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: 82f32f34b32e8fba104f8c02fe2bf723cdf7e20165e53f21841f6d119fd515fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: ae160a67-62c0-4f2c-8f9c-cf64cac107a0-48551347
date: Thu, 03 Dec 2020 07:52:57 GMT
content-encoding: gzip
server: Netlify
age: 1794025
etag: f26819cf46a98298e931be3d264ed0dddc9c8222-df
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
x-amz-cf-id: vCjaPS_5EIT1CRYphUcCcqbfq27C-dFGkfkdgnxFtQbBpn7DkcdwvQ==
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)

GET
H2 200 shield-dashed.svg
d33wubrfki0l68.cloudfront.net/01ccecd80205ab327f02685c8db36de7cfac5550/0ae66/assets/img/icons/ 914 B
1 KB 46ms
45ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/01ccecd80205ab327f02685c8db36de7cfac5550/0ae66/assets/img/icons/shield-dashed.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: d8a0f8e1830ffb6cc96615fbc19a1a3ad0a5eb1c6256f8ac3f73b31cf5e3fe9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 074827d4-042c-48c6-a030-fa914f0587f5-247732684
date: Sat, 19 Dec 2020 09:05:16 GMT
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
server: Netlify
age: 407285
etag: 5c1c9a6fee8dd8c6c99b2620a07df36a85d5819a
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
content-length: 914
x-amz-cf-id: HsB08Erthte5050nYjTW-6UPX0JeV9dKQ_MMwS7X6Bj6Fz6ymsQtdQ==

GET
H2 200 icon-brick.svg
d33wubrfki0l68.cloudfront.net/9eb1b97e2723e0cfe869e994671d0292ed366e3a/1f63e/assets/img/icons/ 1 KB
904 B 46ms
45ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/9eb1b97e2723e0cfe869e994671d0292ed366e3a/1f63e/assets/img/icons/icon-brick.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: 044a173e1f716a7a084f6a6ce1d716b364e29e52bb491d5caaa9eb367b2dfd3f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: a04f0f34-688c-4004-9c5c-1bc874119e50-1909000
date: Mon, 23 Nov 2020 04:24:31 GMT
content-encoding: gzip
age: 2670531
x-cache: Hit from cloudfront
content-length: 469
access-control-allow-origin: *
server: Netlify
etag: 6fdf194dae47b6e8e05ed8ef38d624042de1eda3-df
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
x-amz-cf-id: 60j0Bzrr5RhzpDtDXh5w95SoMaJ_WwgJZpU62wBInRS7nDp8NWnNvw==

GET
H2 200 paper-plane-illu.svg
d33wubrfki0l68.cloudfront.net/463c077cea20845abf308649c637732a38fe6073/819c4/assets/img/illustrations/ 4 KB
2 KB 29ms
28ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/463c077cea20845abf308649c637732a38fe6073/819c4/assets/img/illustrations/paper-plane-illu.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: 40fb8c5e74f6e29c68e9812647b4e02c2fe27ede4e2781f2bd4729f60d990706

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 564f0a5b-87eb-4184-bb6c-daafccebcfeb-13139439
date: Fri, 11 Dec 2020 02:48:19 GMT
content-encoding: gzip
age: 1121102
x-cache: Hit from cloudfront
content-length: 1568
access-control-allow-origin: *
server: Netlify
etag: 7a8fad083a7c574f76338d9b66a6cd4c16025566-df
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
x-amz-cf-id: 7_GVBnkHe8Z_Uym96x3QiRC917hoVAvBZ7b4pS0qAhcb8EnDgGkwhQ==

GET
H2 200 github-icon.svg
d33wubrfki0l68.cloudfront.net/8f09b98b1334c5ef2cb2f5dc260971229d1a06b3/79a66/assets/img/logos/ 2 KB
1 KB 28ms
27ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/8f09b98b1334c5ef2cb2f5dc260971229d1a06b3/79a66/assets/img/logos/github-icon.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: 99f98dbdc42cfe095ad06ce2a2a676106205dc4f4ee64b04c759de608a55abfe

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 0c68660f-b6f3-44b2-bd0a-5c82233dc89e-908805
date: Wed, 16 Dec 2020 06:08:12 GMT
content-encoding: gzip
age: 677109
x-cache: Hit from cloudfront
content-length: 834
access-control-allow-origin: *
server: Netlify
etag: 123d64222f1520224c6d9625f72c80ca47318f57-df
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
x-amz-cf-id: txjNaM1oEfoaEER5eRty3i5Fj23iVx475iu5CqfdBLxapv7Fuwgtdg==

GET
H2 200 twitter-icon.svg
d33wubrfki0l68.cloudfront.net/3ff3317a8dc0f0e4e4917f2ae8970b4e80cda5b5/80662/assets/img/logos/ 981 B
1 KB 29ms
28ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/3ff3317a8dc0f0e4e4917f2ae8970b4e80cda5b5/80662/assets/img/logos/twitter-icon.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: e5b6d6d4ccf96f50e9aa6ba5d235888cb7e82f309f89d86925b4ca0cf5678e42

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 15ef0f99-9ecd-49d2-bf33-43dcf5572937-24544634
date: Thu, 10 Dec 2020 06:30:34 GMT
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
server: Netlify
age: 1194167
etag: ad67350b41cb61772a81adafaf5d78c87a1cc862
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
content-length: 981
x-amz-cf-id: mrPvBGNhnwXUs-pxz_9jlcSdYYf8ONiyiJJF7yZdi4eVYfOn_Y8mRg==

GET
H2 200 linkedin-icon.svg
d33wubrfki0l68.cloudfront.net/cc3606fa27a57e4285450f26a02fed156da314fb/88ba8/assets/img/logos/ 794 B
1 KB 31ms
31ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/cc3606fa27a57e4285450f26a02fed156da314fb/88ba8/assets/img/logos/linkedin-icon.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: a275a2b875378f8727cf0910679f171c73982c569101b03f77a88df16facb338

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: cd6eb55b-e7de-4c33-81fb-0abc7e2ddf32-23767113
date: Sun, 13 Dec 2020 08:06:05 GMT
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
server: Netlify
age: 929237
etag: 6e0e1898f6f461b35019ee4c5cd5c45b9c204b8b
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
content-length: 794
x-amz-cf-id: KG0QI-5DLn_Jqhw95BlkyWShNNTiCdYLA8mtPT8IyypJvz5bYmkbzA==

GET
H2 200 sqreen-light-badge.svg
d33wubrfki0l68.cloudfront.net/1c3e318d8cf82f469941f35e72978377c736bdfc/35aa1/assets/img/illustrations/ 4 KB
2 KB 30ms
29ms Image
image/svg+xml 54.240.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/1c3e318d8cf82f469941f35e72978377c736bdfc/35aa1/assets/img/illustrations/sqreen-light-badge.svg
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.240.168.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-240-168-55.ams54.r.cloudfront.net
Software: Netlify /
Resource Hash: 7dcf4dbd2ec98aac130fc6028affd9c50e57653e5222bfadaa2d4a49979c7405

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: 074827d4-042c-48c6-a030-fa914f0587f5-270933857
date: Sun, 20 Dec 2020 02:28:48 GMT
content-encoding: gzip
age: 344673
x-cache: Hit from cloudfront
content-length: 2050
access-control-allow-origin: *
server: Netlify
etag: f99ee59b699ed432b92387dd65e9a125077eb0d3-df
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 f5e34f7c59830a3caffb7df5f36b4daf.cloudfront.net (CloudFront)
cache-control: public, max-age=31556926
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
x-amz-cf-id: ztpI0L-EnHTKkg6fffR3_J7uf-HUqEHsbzwX8BeGUPAkJrnIAN6oPA==

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 32ms
13ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:21 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1608776001.dop129.fr8.t,1608776001.cds282.fr8.hn,1608776001.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 23ms
18ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:21 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1608776001.dop129.fr8.t,1608776001.cds282.fr8.hn,1608776001.cds251.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2 200 shuffle.min.js Show response
www.sqreen.com/assets/js/ 19 KB
6 KB 13ms
9ms Script
application/javascript 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/js/shuffle.min.js

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

921349a9979962b0a95cf858c2dcc0dcdafea0609e01f078c1b93f8ed1e6d7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sqreen.com/checklists/saas-cto-security-checklist
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633378
date: Wed, 23 Dec 2020 12:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48474
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
vary: Accept-Encoding
content-length: 5978
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "0e52e89e1f6f3ca7d7b7723c85ac57a9-ssl-df"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 qrcode.min.js Show response
www.sqreen.com/assets/js/ 19 KB
7 KB 16ms
11ms Script
application/javascript 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/js/qrcode.min.js

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sqreen.com/checklists/saas-cto-security-checklist
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633379
date: Wed, 23 Dec 2020 12:45:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48474
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
vary: Accept-Encoding
content-length: 6703
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "e88a6686c093b18c842a23d0b84bc9d2-ssl-df"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 css
fonts.googleapis.com/ 2 KB
648 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Code+Pro

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f43b0241cbe4ec667b5f8bb20a43ba9729c40b5d86f094b32e8aa831c058f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Dec 2020 01:57:02 GMT
server: ESF
date: Thu, 24 Dec 2020 02:13:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Dec 2020 02:13:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
546 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Dancing+Script:wght@700&display=swap

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e3a966e2682fc629f65218b0d7faaad1d3108d56031faa981bc9d3e95ceba6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Dec 2020 02:13:21 GMT
server: ESF
date: Thu, 24 Dec 2020 02:13:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Dec 2020 02:13:21 GMT

GET
H2 200 slick.css
www.sqreen.com/css/ 1 KB
554 B 8ms
7ms Stylesheet
text/css 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/css/slick.css

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

f160ad26da8c4e9af52b4db65ba3876aa8f80320fd7312ced32e6e26cde4af3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sqreen.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633375
date: Tue, 22 Dec 2020 16:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122763
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
vary: Accept-Encoding
content-length: 438
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "08a2cc05d64d899d1752b9e09b28e3fe-ssl-df"
strict-transport-security: max-age=31536000
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 slick-theme.css
www.sqreen.com/css/ 3 KB
852 B 9ms
8ms Stylesheet
text/css 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/css/slick-theme.css

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

3b204bcef596f9a5ad61b8e8afb937de118cea37a2d808917fb2ec5750fdc958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sqreen.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633376
date: Tue, 22 Dec 2020 16:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122763
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
vary: Accept-Encoding
content-length: 736
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "0defc995dbe188d98c998c22111d793f-ssl-df"
strict-transport-security: max-age=31536000
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 twentytwenty.css
www.sqreen.com/css/ 6 KB
1 KB 9ms
8ms Stylesheet
text/css 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/css/twentytwenty.css

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

c270352cc14aadb8a906007a4e030cf7ccaaab51715a905f2bfec0f505b06294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sqreen.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633377
date: Tue, 22 Dec 2020 16:07:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122763
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
vary: Accept-Encoding
content-length: 968
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "4598189059daea9091cac6152b998a48-ssl-df"
strict-transport-security: max-age=31536000
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/5nxb5iyxWJCBesRTBrDlKocYYhI0yk6H/ 418 KB
83 KB 154ms
54ms Script
text/javascript 65.9.96.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/5nxb5iyxWJCBesRTBrDlKocYYhI0yk6H/analytics.min.js
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.131 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17fe63b41bd39cfa0682f83a158dd7a5fb0ef36036e8f4bf3b59a73b3ba27e19

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: dJVwoCIkUJJW2IFQJ61OLcgG8ub4L206
content-encoding: gzip
etag: "ae989e5a7927f323f2b41d4aab7a4c7d"
age: 26
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 84347
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 18:59:28 GMT
server: AmazonS3
date: Thu, 24 Dec 2020 02:12:56 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
x-amz-cf-id: L_-cwhSgKtP8w54EHBS3tTFpDsQmzMmbAOxki-iTc1ibwoWRkOHo4w==

GET
H2 200 heap-3784968534.js Show response
cdn.heapanalytics.com/js/ 99 KB
39 KB 69ms
32ms Script
application/javascript 13.32.240.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/heap-3784968534.js
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.240.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-240-51.ams50.r.cloudfront.net
Software: nginx /
Resource Hash: 552d186233d43e628237dc5d6c58064b9760fa43f47601ca1a95fc43903fe4f4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:12:54 GMT
content-encoding: gzip
server: nginx
age: 27
etag: W/"18d9c-xzPhYqIe8crqQOdGlqZcUg"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 559401aa49f4b835c1816ad004278e3e.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: fUlovJaruXb2mHJcgjEVGyMf5AQjocY8sWIYiNlRU5goSW7UEtnd9Q==

GET
H2 200 / Show response
load.sumo.com/ 2 KB
2 KB 31ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 0c30678ce61936db0d9405256fc6d328eb49d38614d1650a3678a32ebb3b943c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:21 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: B06DE98C3DB969EE
cdn-cachedat: 2020-12-22 17:48:26
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Jd9p8v8Tni7JUYCvVLFNgCz7OlVcU3o6y37Fi6GULvF4GuNCpPXgrC9W+cOzB+54EhBJoXFH6WE=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:48:07 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=600
cdn-requestid: 7c9a682a3142928a12149fa90fbee2ed
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 hotjar-2017502.js Show response
static.hotjar.com/c/ 3 KB
2 KB 54ms
16ms Script
application/javascript 13.32.240.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2017502.js?sv=6

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.240.67 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-240-67.ams50.r.cloudfront.net

Software

Resource Hash

23785a654b83eaf76d3c19acc0029223d8f3707dd3e4fc882c571f2cd0ff664b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 27
etag: W/31999c9a9fd0f317f82d5cbce312b7a9
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: AMS50-C1
content-length: 1535
via: 1.1 fc8f1559bec15e56ec52376ce42c7d90.cloudfront.net (CloudFront)
x-amz-cf-id: UggcDenEUSzYfy5fbi-dh2u3DcCLBHYlA02oGGLkVpXQUpzS3quIeg==

GET
H2 200 hinted-ProximaNova-Regular.woff2
www.sqreen.com/assets/fonts/ 64 KB
64 KB 7ms
7ms Font
font/woff2 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/fonts/hinted-ProximaNova-Regular.woff2

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

d5c416aad5a93ec52210006b33c49fd56518f38daa131352ab96f70bfbbdd4df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.sqreen.com
Referer: https://www.sqreen.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633380
date: Tue, 22 Dec 2020 16:07:19 GMT
x-content-type-options: nosniff
age: 122762
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
content-length: 65184
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "c8df151821952a33a0a32e63d4acc978-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 Moderat-Medium.woff2
www.sqreen.com/assets/fonts/ 42 KB
42 KB 12ms
12ms Font
font/woff2 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/fonts/Moderat-Medium.woff2

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

3ba84ba04a8963559da5488d4bc05c347c6be5e3a093dc77efbb34619d0239b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.sqreen.com
Referer: https://www.sqreen.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633381
date: Tue, 22 Dec 2020 16:07:19 GMT
x-content-type-options: nosniff
age: 122762
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
content-length: 43196
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "747c83e931bcbb8c6480a5767b176c84-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 Moderat-Regular.woff2
www.sqreen.com/assets/fonts/ 42 KB
42 KB 20ms
6ms Font
font/woff2 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/fonts/Moderat-Regular.woff2

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

4c6d2f0360d0cc9c7ba34f26b2d05e80a72cb944b53460587bf00ddb82ef89ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.sqreen.com
Referer: https://www.sqreen.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633383
date: Tue, 22 Dec 2020 16:07:19 GMT
x-content-type-options: nosniff
age: 122762
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
content-length: 43188
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "354a22a6a45101c4719c4d6a181350cf-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 Moderat-Bold.woff2
www.sqreen.com/assets/fonts/ 42 KB
42 KB 16ms
7ms Font
font/woff2 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/fonts/Moderat-Bold.woff2

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

06d38da8ea4edf750c8fb4f749f5b71a6dba952fd924a55771c0ccc213339eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.sqreen.com
Referer: https://www.sqreen.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633384
date: Tue, 22 Dec 2020 16:19:33 GMT
x-content-type-options: nosniff
age: 122028
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
content-length: 43060
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "ff76c808961fc122fa8e558e2035d21c-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 hinted-ProximaNova-Bold.woff2
www.sqreen.com/assets/fonts/ 64 KB
64 KB 26ms
19ms Font
font/woff2 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/fonts/hinted-ProximaNova-Bold.woff2

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

e986032f29885a46b943e3ff7042c79c8c8ac09f5c70bdfdf28cae4229c05730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.sqreen.com
Referer: https://www.sqreen.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633385
date: Tue, 22 Dec 2020 22:41:46 GMT
x-content-type-options: nosniff
age: 99095
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
content-length: 65568
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "48e8bde8e1d62c1e9096e2d8a0a4e212-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 hinted-ProximaNova-Semibold.woff2
www.sqreen.com/assets/fonts/ 63 KB
63 KB 13ms
7ms Font
font/woff2 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/fonts/hinted-ProximaNova-Semibold.woff2

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

f2822d60f9ebd42bf712d5417a8fc4d846afd7f26a3a6afb5838698deeaf2b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.sqreen.com
Referer: https://www.sqreen.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633386
date: Tue, 22 Dec 2020 16:07:19 GMT
x-content-type-options: nosniff
age: 122762
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
content-length: 64312
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "5dfe65fe41a7e13cdd1a732b0d60ce05-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 getForm Show response
go.sqreen.com/index.php/form/ 2 KB
1 KB 44ms
44ms Script
application/javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.sqreen.com/index.php/form/getForm?munchkinId=544-MID-880&form=1047&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&callback=jQuery112405353301697748107_1608776001843&_=1608776001844
Requested by: Host: go.sqreen.com
URL: https://go.sqreen.com/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41ff97d0f9d01d0f0a813ed9f4ff9d78c1d2c8060929012d8265c380450f38b2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 07341ec17800000c7925977000000001
content-encoding: gzip
server: cloudflare
date: Thu, 24 Dec 2020 02:13:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-ray: 6066cd7bfe2e0c79-AMS
cached: true

GET
H2 200 72.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 131 KB
43 KB 15ms
15ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/72.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:21 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 4762FA699DA2BC66
cdn-cachedat: 2020-12-22 17:48:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: xD3O3TcfPtF01cfcxijh8aO0nNydv5MwG+93GH5RcJAfCgRkz7J+XyPd7CHZot9XZ5DHthCuLPM=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:44 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 2e167a788e6619a41321c79e0f81ad0a
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 73.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 289 KB
99 KB 8ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:21 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 2A6A5A23463EFBBD
cdn-cachedat: 2020-12-22 17:48:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 3/Djrn1NfSPdTVZAYKkxxxD43cM3qSLEUaxHCB41vAD7dj+mGjIuy2kkNqgqsFQROCs4kqLGYmo=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:45 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 3b0c8275fca04982e993ede28e6aa0ab
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 modules.5d1cad31427a09b055ed.js Show response
script.hotjar.com/ 223 KB
59 KB 133ms
46ms Script
application/javascript 65.9.96.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5d1cad31427a09b055ed.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2017502.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.96.128 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3bab90335837b0878fc05a0cb4605e78f1479d61cefb0653f7b448eac171ebbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 15:55:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 641845
x-cache: Hit from cloudfront
content-length: 59800
access-control-allow-origin: *
last-modified: Wed, 16 Dec 2020 15:53:26 GMT
etag: "e84a105a276cfecf4b45f77c9e4a6030"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 875LfPPFV2_SVFEZSS8SNJ-nS7Qju3R0bBmi-tH0k2D5jQdudsjgzg==

GET
H2 200 hinted-ProximaNova-Light.woff2
www.sqreen.com/assets/fonts/ 61 KB
62 KB 9ms
8ms Font
font/woff2 2a05:d014:275:cb00:1953:33c3:785c:f9da
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sqreen.com/assets/fonts/hinted-ProximaNova-Light.woff2

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/css/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d014:275:cb00:1953:33c3:785c:f9da Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

4fa051988de64ab5a747873766694b77fe5a73abf8ae76a61540f6c35e4bed91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.sqreen.com
Referer: https://www.sqreen.com/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nf-request-id: f7752585-c386-4003-b56e-993634c835fb-6633395
date: Tue, 22 Dec 2020 22:41:46 GMT
x-content-type-options: nosniff
age: 99095
content-security-policy-report-only: child-src 'self'; connect-src 'self' http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.hotjar.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amplitude.com https://*.cloudflare.com https://*.contentful.com https://*.delighted.com https://*.facebook.com https://*.fullstory.com https://*.g.doubleclick.net https://*.getsentry.com https://*.githubusercontent.com https://*.google-analytics.com https://*.google.com https://*.googleapis.com https://*.herokuapp.com https://*.hotjar.com https://*.hotjar.com:12443 https://*.intercom.io https://*.intercomcdn.com https://*.lever.co https://*.linkedin.com https://*.litix.io https://*.mktoresp.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.segment.io https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.wistia.com https://github.com https://heapanalytics.com https://sumo.com https://twitter.com ws://*.hotjar.com wss://*.appcues.net wss://*.hotjar.com wss://*.intercom.io; default-src 'self'; font-src 'self' chrome-extension: data: http://*.sqreen.io https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.gstatic.com https://*.intercomcdn.com https://*.sqreen.com https://*.sqreen.io https://*.twimg.com https://*.wistia.com https://github.com; frame-src 'self' 'unsafe-inline' http://*.appcues.com http://*.g.doubleclick.net http://*.hotjar.com https://*.akamaihd.net https://*.amazonaws.com https://*.appcues.com https://*.facebook.com https://*.g.doubleclick.net https://*.hotjar.com https://*.recurly.com https://*.sqreen.com https://*.twitter.com https://*.typeform.com https://*.wistia.com https://headway-widget.net ws://*.hotjar.com wss://*.hotjar.com; img-src 'self' data: http://*.adnxs.com http://*.facebook.net http://*.g.doubleclick.net http://*.google-analytics.com http://*.google.com http://*.googleadservices.com http://*.googletagmanager.com http://*.prfct.co http://*.sqreen.io http://heapanalytics.com http://t.co https://*.addthis.com https://*.adnxs.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.b-cdn.net https://*.clearbit.com https://*.cloudfront.net https://*.ctfassets.net https://*.facebook.com https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.google-analytics.com https://*.google.ae https://*.google.be https://*.google.ca https://*.google.ch https://*.google.co.il https://*.google.co.in https://*.google.co.jp https://*.google.co.uk https://*.google.com https://*.google.com.ar https://*.google.com.au https://*.google.com.br https://*.google.com.mx https://*.google.com.ph https://*.google.com.sg https://*.google.com.tw https://*.google.com.ua https://*.google.cz https://*.google.de https://*.google.es https://*.google.fr https://*.google.ie https://*.google.it https://*.google.nl https://*.google.no https://*.google.pl https://*.google.pt https://*.google.se https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.gstatic.com https://*.intercomassets.com https://*.intercomcdn.com https://*.linkedin.com https://*.marinsm.com https://*.openx.net https://*.prfct.co https://*.reddit.com https://*.rubiconproject.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.twimg.com https://*.twitter.com https://*.univide.com https://*.wistia.com https://*.yahoo.com https://heapanalytics.com https://sqreen-assets.s3-eu-west-1.amazonaws.com https://sumo.com https://t.co https://twitter.com; manifest-src 'self' https://*.sqreen.com; media-src 'self' https://*.akamaihd.net https://*.cloudfront.net https://*.intercomcdn.com https://*.wistia.com; object-src 'self' https://*.akamaihd.net https://*.wistia.com; prefetch-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' data: http://*.ads-twitter.com http://*.appcues.com http://*.facebook.net http://*.g.doubleclick.net http://*.getdrip.com http://*.google-analytics.com http://*.googleadservices.com http://*.googletagmanager.com http://*.heapanalytics.com http://*.hotjar.com http://*.perfectaudience.com http://*.prfct.co http://*.segment.com http://*.sqreen.io http://heapanalytics.com https://*.ads-twitter.com https://*.ads.linkedin.com https://*.akamaihd.net https://*.amazonaws.com https://*.amplitude.com https://*.appcues.com https://*.b-cdn.net https://*.bufferapp.com https://*.cloudflare.com https://*.cloudfront.net https://*.facebook.net https://*.fullstory.com https://*.g.doubleclick.net https://*.getdrip.com https://*.google-analytics.com https://*.googleadservices.com https://*.googleapis.com https://*.googletagmanager.com https://*.headwayapp.co https://*.heapanalytics.com https://*.herokuapp.com https://*.hotjar.com https://*.intercom.io https://*.intercomcdn.com https://*.jquery.com https://*.licdn.com https://*.linkedin.com https://*.marketo.net https://*.perfectaudience.com https://*.pinterest.com https://*.prfct.co https://*.recurly.com https://*.reddit.com https://*.redditstatic.com https://*.segment.com https://*.sqreen.com https://*.sqreen.io https://*.sumo.com https://*.timekit.io https://*.twitter.com https://*.typeform.com https://*.wistia.com https://fullstory.com https://heapanalytics.com https://reddit.com https://twitter.com ws://*.hotjar.com wss://*.hotjar.com wss://*.intercom.io; style-src 'self' 'unsafe-inline' http://*.appcues.com http://*.sqreen.io http://heapanalytics.com https://*.amazonaws.com https://*.appcues.com https://*.b-cdn.net https://*.cloudflare.com https://*.cloudfront.net https://*.googleapis.com https://*.sqreen.com https://*.sqreen.io https://*.twitter.com https://heapanalytics.com; worker-src 'self'; report-uri https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4;
x-protected-by: Sqreen
content-length: 62952
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: Netlify
x-frame-options: DENY
etag: "9c2060df4a5e2b5b9c4a3ce6982d3b59-ssl"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 getForm Show response
go.sqreen.com/index.php/form/ 4 KB
1 KB 572ms
572ms Script
application/javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sqreen.com/index.php/form/getForm?munchkinId=544-MID-880&form=1070&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&callback=jQuery112405353301697748107_1608776001845&_=1608776001846

Requested by

Host: go.sqreen.com
URL: https://go.sqreen.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b06c7eafbda047f65aab6993db141b3b08770f327f853c1e8c91b47869cd0df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cached: false
cf-ray: 6066cd7c4e620c79-AMS
cf-request-id: 07341ec1ab00000c79340f3000000001

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
142 B 546ms
180ms XHR
application/json 54.200.110.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5nxb5iyxWJCBesRTBrDlKocYYhI0yk6H/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.110.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-110-219.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sqreen.com
date: Thu, 24 Dec 2020 02:13:22 GMT
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
141 B 541ms
181ms XHR
application/json 54.200.110.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5nxb5iyxWJCBesRTBrDlKocYYhI0yk6H/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.110.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-110-219.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sqreen.com
date: Thu, 24 Dec 2020 02:13:22 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5253f362331b955af39b0f6f1e32d9aefff3468bfea10c1e4cc23fb37099a3a5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 h
heapanalytics.com/ 37 B
213 B 300ms
99ms Image
image/gif 3.210.194.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heapanalytics.com/h?a=3784968534&u=6430280339729296&v=4298555582921828&s=8560062695872210&b=web&tv=4.0&z=0&h=%2Fchecklists%2Fsaas-cto-security-checklist&d=www.sqreen.com&t=SaaS%20CTO%20Security%20Checklist&ts=1608776002144&st=1608776002145
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.194.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-194-123.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-length: 37
content-type: image/gif

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame BAF4 0
0 131ms
42ms Document
text/html 65.9.96.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2017502.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.45 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9288402a0a891e0bbaca832ecabae61.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: BpN4Z7Gx_MQ-WRqfGVXJQxSw2RMOEmo5mBPvXhVZPM-Q5AtAq5zt0A==
age: 2625139

GET
H2

200

shim.latest.js Show response
js.intercomcdn.com/
Redirect Chain

https://widget.intercom.io/widget/ev3k1dfl
https://js.intercomcdn.com/shim.latest.js

12 KB
5 KB

135ms
42ms

Script
application/javascript

65.9.96.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/shim.latest.js
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0acecc6a554176c11fe821dfa5ebbe234cc229c5e372c1d5d5d7365ab9f9a11d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 24 Dec 2020 02:09:53 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 16:21:26 GMT
server: AmazonS3
age: 209
etag: "bad442725154dc11de51f32818aaf7c2"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
cache-control: max-age=300, s-maxage=300, public
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 4396
x-amz-cf-id: 865c0Hfig1RGY-78n-bS5tzZ0s5g9ZlZSMdjYljp72LPQlaG7zU_2w==

Redirect headers

date: Fri, 23 Oct 2020 13:11:10 GMT
via: 1.1 ab1d15e056bdcedbea349504173a4ecb.cloudfront.net (CloudFront)
server: AmazonS3
age: 5317333
x-cache: Hit from cloudfront
location: https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop: AMS50-C1
content-length: 0
x-amz-cf-id: dx_OVIcqz8FqZn3iKwR1RiRNPNbfPne-PWsx5hJbWeGP93Qw4zippg==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 80ms
29ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5nxb5iyxWJCBesRTBrDlKocYYhI0yk6H/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 3987
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1608776002.248686,VS0,VE0
x-served-by: cache-fra19133-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 26ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5nxb5iyxWJCBesRTBrDlKocYYhI0yk6H/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 02:13:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=61341
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 123 KB
44 KB 37ms
15ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QG6B3&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5nxb5iyxWJCBesRTBrDlKocYYhI0yk6H/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96ad1fc39ca27535ee13ecd4cd96cf822d4cffed721fac8610dfab380cefbb43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44437
x-xss-protection: 0
last-modified: Thu, 24 Dec 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Dec 2020 02:13:22 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 88ms
33ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5nxb5iyxWJCBesRTBrDlKocYYhI0yk6H/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12175
x-xss-protection: 0
server: cafe
etag: 17536051821503146167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Dec 2020 02:13:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
24 KB 23ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5nxb5iyxWJCBesRTBrDlKocYYhI0yk6H/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23470
x-fb-rlafr: 0
pragma: public
x-fb-debug: Yy8gvXbDSESk3ZOCItpGjoyFK4fNy4cVayLA1FCHtNbAZSjqPDmq0NbCv6iKYL7VtqKp/SC3XV25nA2pWETBiw==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 24 Dec 2020 02:13:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 29ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5nxb5iyxWJCBesRTBrDlKocYYhI0yk6H/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4995
date: Thu, 24 Dec 2020 00:50:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 24 Dec 2020 02:50:07 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 78ms
26ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/5nxb5iyxWJCBesRTBrDlKocYYhI0yk6H/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 02:13:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 forms2.css
go.sqreen.com/js/forms2/css/ 13 KB
3 KB 23ms
23ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sqreen.com/js/forms2/css/forms2.css

Requested by

Host: go.sqreen.com
URL: https://go.sqreen.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2820
content-length: 2623
cf-request-id: 07341ec2d300000c79fc249000000001
last-modified: Mon, 12 Oct 2020 17:13:35 GMT
server: cloudflare
etag: "7e0525-3437-5b17c6b21edc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6066cd7e18250c79-AMS
expires: Thu, 24 Dec 2020 06:13:22 GMT

GET
H2 200 forms2-theme-plain.css
go.sqreen.com/js/forms2/css/ 828 B
374 B 32ms
32ms Stylesheet
text/css 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sqreen.com/js/forms2/css/forms2-theme-plain.css

Requested by

Host: go.sqreen.com
URL: https://go.sqreen.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27
vary: Accept-Encoding
content-length: 246
cf-request-id: 07341ec2d300000c79b3b47000000001
last-modified: Mon, 12 Oct 2020 17:13:35 GMT
server: cloudflare
etag: "7e0524-33c-5b17c6b21edc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63113904
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6066cd7e18290c79-AMS
expires: Thu, 24 Dec 2020 06:13:22 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.31

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-fb-rlafr: 0
pragma: public
x-fb-debug: ZkoDl6XjNYt845ZNSNImBu4vIFMFiSE55DxNd83jaGMEVUpm83/Sm7RyY33633Zk7JshZssw0OqdqE/lryWHUA==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 24 Dec 2020 02:13:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 513325432125369 Show response
connect.facebook.net/signals/config/ 239 KB
69 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/513325432125369?v=2.9.31&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5f4f9bb6f4bfe95273f713520651f6450ecfea07d03678d3163c4c9cf6a0c5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70260
x-fb-rlafr: 0
pragma: public
x-fb-debug: /1MWb9nG15MLRBolK+0vwY7fKMO78tLyYGAyBTtzuJ9GE9z30UOmKiDtjTVLXLEUpm+W2tiKayiDOx2A1NqABQ==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 24 Dec 2020 02:13:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 294949607
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 02:13:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=58238
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 25ms
23ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 02:13:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Sat, 03 Apr 2021 02:13:22 GMT

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 33ms
19ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 01:18:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3309
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Thu, 24 Dec 2020 02:18:13 GMT

POST
H2 200 f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
reports-api.sqreen.io/browser/v0/csp-violations/ 0
0 141ms
67ms Other
text/html 34.248.170.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
Requested by: Host: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.170.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-170-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

access-control-allow-origin: https://www.sqreen.com
access-control-expose-headers: Next-Page, Total-Records, X-User

GET
H/1.1 200
OK 6si.min.js Show response
j.6sc.co/ 15 KB
7 KB 67ms
22ms Script
application/javascript 104.109.70.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/6si.min.js
Requested by: Host: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.70.122 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-70-122.deploy.static.akamaitechnologies.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 779651bc146d489786b9b4ab590d2784547448e4b85cf1bb9036b31e404d1a37

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 02:13:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 22:09:24 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5f6d1914-3a6c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript
Access-Control-Allow-Origin
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 6116

GET
H2 200 adsct
t.co/i/ 43 B
449 B 173ms
129ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nvijn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 108
pragma: no-cache
last-modified: Thu, 24 Dec 2020 02:13:22 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 540517e633910f45af27c99d08707b4e
x-transaction: 00dd938300c5f628
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
124 B 186ms
141ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nztus&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 120
pragma: no-cache
last-modified: Thu, 24 Dec 2020 02:13:22 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 540517e633910f45af27c99d08707b4e
x-transaction: 00f2e3fa00de18dd
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/945086973/ 2 KB
2 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/945086973/?random=1608776002351&cv=9&fst=1608776002351&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

252bb228c6f980fd9c7e0abe8357a93cb13723b8bb05fcb4014918b0e18745f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/945086973/ 3 KB
1 KB 36ms
17ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945086973/?random=1608776002356&cv=9&fst=1608776002356&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=path%3D%2Fchecklists%2Fsaas-cto-security-checklist%3Breferrer%3D%3Bsearch%3D%3Btitle%3DSaaS%20CTO%20Security%20Checklist%3Burl%3Dhttps%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29838c7ea42cc90c5ed78b0db1a3bc0036940b792a9ac5678c2ea75593c6084c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1058
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/945086973/ 2 KB
1 KB 41ms
29ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/945086973/?random=1608776002357&cv=9&fst=1608776002357&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e65e22009a2cd53b890d12a8c72c3fc20b76328d65e1c20e58077f9cf25f87f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/945086973/ 3 KB
2 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945086973/?random=1608776002359&cv=9&fst=1608776002359&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=referrer%3Ddirect%3Bbrowser_timezone%3D-60%3Bbrowser_language%3Den-US%3Blanding_page%3Dhttps%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist%3Bscreen_height%3D1200%3Bscreen_width%3D1600%3BoriginalReferrer%3D%3Bpath%3D%2Fchecklists%2Fsaas-cto-security-checklist%3Bsearch%3D%3Btitle%3DSaaS%20CTO%20Security%20Checklist%3Burl%3Dhttps%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31f4a14d82ddf989bcc81aa85e345a29814bb68f014dcb743fc39b2fb16659ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1134
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
px.ads.linkedin.com/ 0
679 B 232ms
187ms Image
application/javascript 2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=89248&time=1608776002376&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: odb4I0CFUxYA4gvB5SoAAA==

GET
H/1.1 200
OK visitWebPage Show response
544-mid-880.mktoresp.com/webevents/ 2 B
311 B 402ms
101ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://544-mid-880.mktoresp.com/webevents/visitWebPage?_mchNc=1608776002380&_mchCn=&_mchId=544-MID-880&_mchTk=_mch-sqreen.com-1608776002379-47120&_mchHo=www.sqreen.com&_mchPo=&_mchRu=%2Fchecklists%2Fsaas-cto-security-checklist&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 02:13:22 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: d21d9946-5619-488e-b852-460576a4179d

GET
H2 200 /
www.facebook.com/tr/ 44 B
265 B 19ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=513325432125369&ev=PageView&dl=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&rl=&if=false&ts=1608776002393&sw=1600&sh=1200&v=2.9.31&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1608776002390.1013444907&it=1608776002305&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 24 Dec 2020 02:13:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 19ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=513325432125369&ev=PageView&dl=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&rl=&if=false&ts=1608776002395&sw=1600&sh=1200&v=2.9.31&r=stable&a=seg&ec=1&o=30&fbp=fb.1.1608776002390.1013444907&it=1608776002305&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 24 Dec 2020 02:13:22 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2017502/ 178 B
321 B 102ms
36ms XHR
application/json 18.203.1.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2017502/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5d1cad31427a09b055ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.1.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-1-140.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

POST
H2 200 f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
reports-api.sqreen.io/browser/v0/csp-violations/ 0
0 73ms
63ms Other
text/html 34.248.170.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5d1cad31427a09b055ed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.170.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-170-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

access-control-allow-origin: https://www.sqreen.com
access-control-expose-headers: Next-Page, Total-Records, X-User

GET
H2 204 2017502 Show response
vc.hotjar.io/sessions/ 0
256 B 167ms
79ms XHR
text/plain 65.9.96.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2017502?s=0.25&r=0.1685590548885545
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5d1cad31427a09b055ed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
via: 1.1 93fcd07b66eaf26b036f14e2ec9d73eb.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: _sYxtuPSFqBP_gzyBlTDrB0H9rgc0f0n6Dd_ejaPwa8wldKu2I6VvQ==

GET
H2 200 marketo-xdframe-relative.html Show response
go.sqreen.com/rs/544-MID-880/images/ Frame B092 2 KB
927 B 144ms
144ms Document
text/html 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sqreen.com/rs/544-MID-880/images/marketo-xdframe-relative.html

Requested by

Host: go.sqreen.com
URL: https://go.sqreen.com/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65f159f273c9a92ce315e57c1834c8ce19f6bb3a368fe4f37d83d3259ba3f330

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: go.sqreen.com
:scheme: https
:path: /rs/544-MID-880/images/marketo-xdframe-relative.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dd6634ca9a48ff1a9bc87ad5d26a17eea1608776001; __cf_bm=7bb1cbe6ada37b57e72e50b144051c653aff3e2b-1608776001-1800-ARCFn6zytcKhMw+Toc0EztHBKWXbcYZjzoBRIjK8JReTf5VSU2ScZCkek1H5C9kCdVacJ/IrI2wbqg05Orx+S1g=; ajs_anonymous_id=%224ac333e6-b5c5-4bbc-b74e-80465e3a92fe%22; _hp2_id.3784968534=%7B%22userId%22%3A%226430280339729296%22%2C%22pageviewId%22%3A%224298555582921828%22%2C%22sessionId%22%3A%228560062695872210%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D; _hp2_ses_props.3784968534=%7B%22z%22%3A0%2C%22ts%22%3A1608776002144%2C%22d%22%3A%22www.sqreen.com%22%2C%22h%22%3A%22%2Fchecklists%2Fsaas-cto-security-checklist%22%2C%22t%22%3A%22SaaS%20CTO%20Security%20Checklist%22%7D; _hjTLDTest=1; _hjid=a3b58bc3-52d0-4fce-833c-b8972c71f119; _hjFirstSeen=1; _ga=GA1.2.961373506.1608776002; _gid=GA1.2.1408449561.1608776002; _mkto_trk=id:544-MID-880&token:_mch-sqreen.com-1608776002379-47120; _fbp=fb.1.1608776002390.1013444907; _hjAbsoluteSessionInProgress=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
content-type: text/html
last-modified: Sat, 17 Oct 2020 05:29:59 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
set-cookie: BIGipServerab37web-nginx-app_https=!emcsBhuf2hV6T/tybf/nLIVwOTHiDgtssjr08kPA1y14Y5c1aTdKIIZRfIu/exjl/MFJZ92D4ozp22g=;Path=/;Version=1;Secure;Httponly
cf-cache-status: DYNAMIC
cf-request-id: 07341ec37000000c79b71b1000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6066cd7f192c0c79-AMS
content-encoding: gzip

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-64824410-1&cid=961373506.1608776002&jid=704206336&gjid=199594372&_gid=1408449561.1608776002&_u=aGBAgEAjAAAAAE~&z=882636611

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 24 Dec 2020 02:13:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.sqreen.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
190 B 8ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=882993084&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&dp=%2Fchecklists%2Fsaas-cto-security-checklist&ul=en-us&de=UTF-8&dt=SaaS%20CTO%20Security%20Checklist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=704206336&gjid=199594372&cid=961373506.1608776002&tid=UA-64824410-1&_gid=1408449561.1608776002&z=1322490301

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Dec 2020 03:14:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82715
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 8ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=882993084&t=pageview&_s=2&dl=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&dr=direct&dp=%2Fchecklists%2Fsaas-cto-security-checklist&ul=en-us&de=UTF-8&dt=SaaS%20CTO%20Security%20Checklist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=961373506.1608776002&tid=UA-64824410-1&_gid=1408449561.1608776002&z=593127260

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Dec 2020 03:14:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82715
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visitWebPage Show response
544-mid-880.mktoresp.com/webevents/ 2 B
311 B 390ms
98ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://544-mid-880.mktoresp.com/webevents/visitWebPage?_mchNc=1608776002423&_mchRu=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&_mchQp=&_mchId=544-MID-880&_mchTk=_mch-sqreen.com-1608776002379-47120&_mchHo=www.sqreen.com&_mchPo=&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchRe=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 02:13:22 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: d6e0b6e3-edad-4497-86c9-d26c9950e6c8

GET
H2 200 /
www.google.com/pagead/1p-user-list/945086973/ 42 B
108 B 23ms
20ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/945086973/?random=1608776002359&cv=9&fst=1608775200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=referrer%3Ddirect%3Bbrowser_timezone%3D-60%3Bbrowser_language%3Den-US%3Blanding_page%3Dhttps%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist%3Bscreen_height%3D1200%3Bscreen_width%3D1600%3BoriginalReferrer%3D%3Bpath%3D%2Fchecklists%2Fsaas-cto-security-checklist%3Bsearch%3D%3Btitle%3DSaaS%20CTO%20Security%20Checklist%3Burl%3Dhttps%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&async=1&fmt=3&is_vtc=1&random=694284185&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/945086973/ 42 B
108 B 42ms
22ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/945086973/?random=1608776002359&cv=9&fst=1608775200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=referrer%3Ddirect%3Bbrowser_timezone%3D-60%3Bbrowser_language%3Den-US%3Blanding_page%3Dhttps%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist%3Bscreen_height%3D1200%3Bscreen_width%3D1600%3BoriginalReferrer%3D%3Bpath%3D%2Fchecklists%2Fsaas-cto-security-checklist%3Bsearch%3D%3Btitle%3DSaaS%20CTO%20Security%20Checklist%3Burl%3Dhttps%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&async=1&fmt=3&is_vtc=1&random=694284185&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/945086973/ 42 B
340 B 22ms
19ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/945086973/?random=1608776002356&cv=9&fst=1608775200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=path%3D%2Fchecklists%2Fsaas-cto-security-checklist%3Breferrer%3D%3Bsearch%3D%3Btitle%3DSaaS%20CTO%20Security%20Checklist%3Burl%3Dhttps%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&async=1&fmt=3&is_vtc=1&random=3209519857&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/945086973/ 42 B
552 B 40ms
20ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/945086973/?random=1608776002356&cv=9&fst=1608775200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=path%3D%2Fchecklists%2Fsaas-cto-security-checklist%3Breferrer%3D%3Bsearch%3D%3Btitle%3DSaaS%20CTO%20Security%20Checklist%3Burl%3Dhttps%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&async=1&fmt=3&is_vtc=1&random=3209519857&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/945086973/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945086973/?random=1436499408&cv=9&fst=1608776002351&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=2...
https://www.google.com/pagead/1p-conversion/945086973/?random=1436499408&cv=9&fst=1608776002351&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_j...
https://www.google.de/pagead/1p-conversion/945086973/?random=1436499408&cv=9&fst=1608776002351&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_ja...

42 B
66 B

43ms
30ms

Image
image/gif

2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/945086973/?random=1436499408&cv=9&fst=1608776002351&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QvnjX5XSF7-i7_UPgLq5aA&cid=CAQSKQCNIrLM45M23afg3k-p0r7vpKBtevyY0Ihnl_jn3Uberw_phwBVkQao&random=43169512&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/945086973/?random=1436499408&cv=9&fst=1608776002351&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QvnjX5XSF7-i7_UPgLq5aA&cid=CAQSKQCNIrLM45M23afg3k-p0r7vpKBtevyY0Ihnl_jn3Uberw_phwBVkQao&random=43169512&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/945086973/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945086973/?random=508575130&cv=9&fst=1608776002357&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24...
https://www.google.com/pagead/1p-conversion/945086973/?random=508575130&cv=9&fst=1608776002357&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_ja...
https://www.google.de/pagead/1p-conversion/945086973/?random=508575130&cv=9&fst=1608776002357&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_jav...

42 B
530 B

40ms
27ms

Image
image/gif

2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/945086973/?random=508575130&cv=9&fst=1608776002357&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QvnjX8DTF5qZ7_UPpLeMsAk&cid=CAQSKQCNIrLMHc7aH6bnCAzT7GeSqPEMq7J3QHnIBULALtexE4KBzfhGJMKd&random=2889947599&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/945086973/?random=508575130&cv=9&fst=1608776002357&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&tiba=SaaS%20CTO%20Security%20Checklist&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=QvnjX8DTF5qZ7_UPpLeMsAk&cid=CAQSKQCNIrLMHc7aH6bnCAzT7GeSqPEMq7J3QHnIBULALtexE4KBzfhGJMKd&random=2889947599&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
reports-api.sqreen.io/browser/v0/csp-violations/ 0
0 61ms
60ms Other
text/html 34.248.170.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.170.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-170-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

access-control-allow-origin: https://www.sqreen.com
access-control-expose-headers: Next-Page, Total-Records, X-User

GET
H/1.1 200
OK / Show response
c.6sc.co/ 47 B
370 B 72ms
21ms XHR
text/plain 104.109.70.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.70.122 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-109-70-122.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 549e37adce39732724863821c8ee6c5f9e5e1977a6083a133ed153b0b23fb87b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 02:13:22 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.sqreen.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 47

POST
H2 200 f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
reports-api.sqreen.io/browser/v0/csp-violations/ 0
0 49ms
48ms Other
text/html 34.248.170.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.170.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-170-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

access-control-allow-origin: https://www.sqreen.com
access-control-expose-headers: Next-Page, Total-Records, X-User

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
703 B 48ms
15ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Dec 2020 02:13:22 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.45:80
AN-X-Request-Uuid: 0f18b13f-db9e-4426-97d0-d638eac87dc6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sqreen.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 frame-modern.3651b008.js Show response
js.intercomcdn.com/ Frame 11E0 243 KB
66 KB 47ms
46ms Script
application/javascript 65.9.96.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/frame-modern.3651b008.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ev3k1dfl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89aa4a1f3078b5ac8ca91b5cc2b7f1b95e30c2f2a7e2157bc5913bb19070d484

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 24 Dec 2020 00:21:29 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 16:13:07 GMT
server: AmazonS3
age: 6714
etag: "b4bd446918faa405c37c694252d1dc33"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 67105
x-amz-cf-id: CV0EomQ1GDbWExqA69g8NxaiOUtfII8p0RaJd8BqOnjljvMfWBWZ3g==

GET
H2 200 vendor-modern.9d1078c3.js Show response
js.intercomcdn.com/ Frame 11E0 123 KB
38 KB 47ms
47ms Script
application/javascript 65.9.96.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.intercomcdn.com/vendor-modern.9d1078c3.js
Requested by: Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ev3k1dfl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 848c5de83cc5769619fb12455772acca45887021ab6fdc7b5c88f36a31ff0946

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 24 Dec 2020 02:09:10 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 14:22:27 GMT
server: AmazonS3
age: 253
etag: "9b5b470a28e38dff426854ef00fb72e0"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
cache-control: max-age=31536000, s-maxage=7200, public
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
content-length: 38314
x-amz-cf-id: Wbi395Mk4lJlPMoPnarIJd293WCcYK8RaZ3_S8YU8WnR8yESa3cKsQ==

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 44ms
29ms Image
image/gif 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-64824410-1&cid=961373506.1608776002&jid=704206336&_u=aGBAgEAjAAAAAE~&z=1172243701

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-64824410-1&cid=961373506.1608776002&jid=704206336&_u=aGBAgEAjAAAAAE~&z=1172243701

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Dec 2020 02:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 429 f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
reports-api.sqreen.io/browser/v0/csp-violations/ 0
0 33ms
32ms Other
text/html 34.248.170.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reports-api.sqreen.io/browser/v0/csp-violations/f637ed5d-4ac6-441d-a0f5-04c3d7e976c4
Requested by: Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.170.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-170-27.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/csp-report

Response headers

GET
H/1.1 200
OK img.gif
b.6sc.co/v1/beacon/ 43 B
774 B 253ms
206ms Image
image/gif 104.109.70.122
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=df5ae9d800581dc469302ececc06c942&svisitor=&visitor=afe0382f-ea93-4c9e-861c-96c64009cbdd&session=02d5abf8-fbbe-4d7b-8367-a5570492819f&event=a_pageload&q=%7B%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20how%20to%20protect%20your%20SaaS%20applications%20with%20the%20SaaS%20CTO%20security%20checklist.%20Select%20your%20startup%20stage%20and%20use%20these%20rules%20to%20improve%20your%20application%20security%2C%20infrastructure%20security%20and%20more.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SaaS%20CTO%20Security%20Checklist%22%7D&cb=76002482&r=&thirdParty=%7B%7D&pageURL=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.109.70.122 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-109-70-122.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 02:13:22 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 43
Pragma: no-cache
Last-Modified: Fri, 21 Feb 2020 19:02:58 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5e502962-2b"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/gif
Access-Control-Allow-Origin
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 11E0 8 KB
3 KB 678ms
481ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3651b008.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

02a21f302057c68afa26c105ad50d582e62ffc537ff3f19daeb2f2b4d131cea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: gzip
x-ami-version: ami-0ff4c5c01112bbd61
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000uep64um3lf5euk8rg
x-runtime: 0.373485
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"02a21f302057c68afa26c105ad50d582"
x-ratelimit-remaining: 19998
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sqreen.com
x-intercom-version: 93e50d2790ba8dde12db3c35cc0b0c6499b13495
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1608776040
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

GET
H2 200 forms2.min.js Show response
go.sqreen.com/js/forms2/js/ Frame B092 205 KB
68 KB 28ms
28ms Script
application/x-javascript 104.17.74.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.sqreen.com/js/forms2/js/forms2.min.js

Requested by

Host: go.sqreen.com
URL: https://go.sqreen.com/rs/544-MID-880/images/marketo-xdframe-relative.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.74.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dde2a7cd4331f78a4b35dca9aa2e716fc3d0c83ba0f855f0812cbfae4a27a805

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.sqreen.com/rs/544-MID-880/images/marketo-xdframe-relative.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 12 Oct 2020 17:13:35 GMT
server: cloudflare
age: 2833
etag: "7e04e4-33245-5b17c6b21edc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 6066cd804ab00c79-AMS
cf-request-id: 07341ec43000000c79d33ba000000001
expires: Thu, 24 Dec 2020 06:13:22 GMT

POST
H2 200 / Show response
sumo.com/api/load/ 886 B
1 KB 568ms
193ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

541a2735ab006dc37764ee3d14b7c34d674e84a3e56e710320a02469f4401f64

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sqreen.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
content-length: 886

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
650 B 181ms
137ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nvijn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 116
pragma: no-cache
last-modified: Thu, 24 Dec 2020 02:13:22 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e0cf81f82b95b20c4aa38b80c3028600
x-transaction: 0047a3c800736433
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
238 B 191ms
147ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nztus&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 125
pragma: no-cache
last-modified: Thu, 24 Dec 2020 02:13:22 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e0cf81f82b95b20c4aa38b80c3028600
x-transaction: 006fbe2800f85e34
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=882993084&t=timing&_s=3&dl=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&dr=direct&dp=%2Fchecklists%2Fsaas-cto-security-checklist&ul=en-us&de=UTF-8&dt=SaaS%20CTO%20Security%20Checklist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1371&pdt=8&dns=0&rrt=186&srt=7&tcp=0&dit=695&clt=695&_gst=752&_gbt=942&_u=aGBAgEAjAAAAAE~&jid=&gjid=&cid=961373506.1608776002&tid=UA-64824410-1&_gid=1408449561.1608776002&z=1986531259

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Dec 2020 03:14:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82715
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=513325432125369&ev=Microdata&dl=https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist&rl=&if=false&ts=1608776002897&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SaaS%20CTO%20Security%20Checklist%22%2C%22meta%3Adescription%22%3A%22Learn%20how%20to%20protect%20your%20SaaS%20applications%20with%20the%20SaaS%20CTO%20security%20checklist.%20Select%20your%20startup%20stage%20and%20use%20these%20rules%20to%20improve%20your%20application%20security%2C%20infrastructure%20security%20and%20more.%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.sqreen.com%2Fchecklists%2Fsaas-cto-security-checklist%22%2C%22og%3Atitle%22%3A%22SaaS%20CTO%20Security%20Checklist%22%2C%22og%3Aimage%22%3A%22assets%2Fimg%2Fuploads%2Fshare.png%22%2C%22og%3Aimage%3Atype%22%3A%22image%2Fjpeg%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22627%22%2C%22og%3Adescription%22%3A%22Learn%20how%20to%20protect%20your%20SaaS%20applications%20with%20the%20SaaS%20CTO%20security%20checklist.%20Select%20your%20startup%20stage%20and%20use%20these%20rules%20to%20improve%20your%20application%20security%2C%20infrastructure%20security%20and%20more.%22%2C%22og%3Asite_name%22%3A%22Sqreen%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.31&r=stable&a=seg&ec=2&o=30&fbp=fb.1.1608776002390.1013444907&it=1608776002305&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 24 Dec 2020 02:13:22 GMT

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 11E0 8 KB
3 KB 443ms
443ms XHR
application/json 99.83.219.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.3651b008.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.83.219.81 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8b87a22ce463223.awsglobalaccelerator.com

Software

nginx /

Resource Hash

41896e2cae87525b92c67de8b235beea7744bd3c9ac233e64c09e7efb1ea61f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: gzip
x-ami-version: ami-0ff4c5c01112bbd61
status: 200 OK
strict-transport-security: max-age=31556952; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 000uepa1uvm1f5107fh0
x-runtime: 0.338015
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"41896e2cae87525b92c67de8b235beea"
x-ratelimit-remaining: 19997
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sqreen.com
x-intercom-version: 93e50d2790ba8dde12db3c35cc0b0c6499b13495
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1608776040
x-ratelimit-limit: 20000
access-control-allow-headers: Content-Type
x-content-type-options: nosniff

OPTIONS
H2 204 services
sumo.com/ Frame 0
0 188ms
188ms Other 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Protocol: H2
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sumo-auth
Origin: https://www.sqreen.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.14.1
date: Thu, 24 Dec 2020 02:13:23 GMT
access-control-allow-origin: https://www.sqreen.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

POST
H2 200 services Show response
sumo.com/ 26 KB
5 KB 240ms
240ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

2e1bf31f1b876ac1b5911945fa5c81e536974702e1b5ac29daf7dadbb8b8f2c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-Sumo-Auth: QcIZGjQZe3ypJLvE7QXWsfVj
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.sqreen.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

GET
H2 200 7.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 97 KB
33 KB 8ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/7.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 8C7E505326FDB987
cdn-cachedat: 2020-12-22 17:48:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 4szDWtjX4bS2RtmwC8nbjRUIVovXkB+X1kCG5Mv/rC6eGSHkIOajN6RUo7+VFu44UtgeZTxLyJE=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:42 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: fc258cba86ccc1707a86792a2e34ba94
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 4.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
3 KB 8ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/4.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 7190123C81B0243C
cdn-cachedat: 2020-12-22 17:48:29
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: ywRPFK155TzRO6vlcUYazuv8oVg1u8fUHTEJ4D60/I5Slds0Ob2fFJNamsVFdKFd44pL5EHfkpA=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:19 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 260028b73091d56c248f16ae6d52d248
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 2.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 3 KB
2 KB 9ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 36C7E21F287E1DB3
cdn-cachedat: 2020-12-22 17:48:29
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 2iW9xNmrXUnXmWh6Hi7vBv6q0pmcbsj8tE43JW7c4Zxf9UUbvGG9GbIzWeZe38mHsv/ewjJECtg=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:03 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: fa01b59942dca3a88c672d7a23c20b32
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 10.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 11 KB
5 KB 8ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/10.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 00B946EC076B81C2
cdn-cachedat: 2020-12-22 17:48:29
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: r3vqaeZ3skCw36Tnw5KKm1gmB8oBJWfY6DwxclVOIqQRcEzli+97DJpHi7UHEk832NasluiDoSo=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:49 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: f99accc788f03ca63330d98d53bd30f2
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 22.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 92 KB
24 KB 9ms
8ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/22.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 74683F7B2CEB2621
cdn-cachedat: 2020-12-22 17:48:27
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 6giO6SCDFMfO7EvJg+4WdNQ3LOeIe+z6WKDPefCJBXoCRA1m4A5Hxjrox7OozVx+fTWybVhIiVo=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:05 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 2835ff0aa2f5d24447c03347e6f581ec
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 23.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 329 KB
93 KB 10ms
9ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 223DDFD3C2002281
cdn-cachedat: 2020-12-22 17:48:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: e6KTIRJCGiwOSnlF2wXo2PKr6mIr1/ZEw4GciXMoL/wLuffGtuLghABbzhiUiFPlGWpVQrAL19Q=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:05 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: cc677c2bd5ab3800115be7be3095f95b
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 21.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 179 KB
50 KB 14ms
13ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/21.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: A90E1CAD702D8E1F
cdn-cachedat: 2020-12-22 17:48:26
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 2521q8T1P3ajiWRd0dHVLI+7eNkOHo1TkKsSPjFfxVyTQC2Y9CA0qLhQriHZ3+B/GbzAKjoCPoo=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:04 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: e478f5682149d671f8afb55a1cc8a44d
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 64.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 KB
1 KB 13ms
12ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/64.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 105477D00F976BF9
cdn-cachedat: 2020-12-22 17:48:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 880O3qCCi1mmrBN1SJH4yKk1L5O1Vs6Rp5MgyAMgY+mZoqe/7qNeBbLUIMJx1Y6VbcGSEBN08Ys=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:39 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 748419985abd32a991c76f2d28ed3f07
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 0.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
3 KB 8ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 04AE26721946A5A9
cdn-cachedat: 2020-12-22 17:48:30
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: YZS7BrDTkCj6BNJNp/eTh3voX6FxrvRjtg0qEbDdEuZ7lFRfCRs+eyh3R46AVuXyMhiyYBplJdE=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:48 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: cda1360a20998d7156143799ff3ef492
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 1.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 KB
2 KB 14ms
12ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/1.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: BC4C8BA20BD99537
cdn-cachedat: 2020-12-22 17:48:28
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 4dTQFX8LUhBgjtpos6EinKgh28ZmXD1NKB70K5d77bnxk1SSo0NxbZtgfX6f7ENrn6h3eWUWwXU=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:49 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 78f9055806307cb7b3b589456c4f16f7
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 3.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
2 KB 13ms
12ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/3.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 0C015B3301C20B78
cdn-cachedat: 2020-12-22 17:48:29
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: JST1/rq4KPsLYAD4N2fXISQOqzVErKPaqBUZLzvNTOM9cR5oAUKSiqCcNvsnfxjGU3qQNvbOSik=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:11 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 6462e0393eba6a4b77ad461a03e6a6c0
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 11.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 438 KB
128 KB 8ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 85E900B2F4ADA4A1
cdn-cachedat: 2020-12-22 17:48:29
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: b6GsfMvGVaDp7DXO8/zMhEjHLMApCnu6+FKCRlDhkI3iqiFO1glwPdxST5YftAAeYKpTk7iAgss=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:55 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 8d1a25216f98a8e628fd318e572f4fee
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 15.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 711 KB
52 KB 13ms
12ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: FD0026628DAF043F
cdn-cachedat: 2020-12-22 17:48:29
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: omxPI1kuZE7lODA4F/o8a+Xb5MOridcPlcYJ7LR0QGa7K/aTgTVITyGValeGzLxbWM1tbcvb43k=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:59 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 44dc7c69c6ee0cd68713f76e55454f3d
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 96.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 MB
77 KB 7ms
6ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/96.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: 6S8K6PAHCX7JFQCR
cdn-cachedat: 2020-12-22 17:48:27
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: LrOaYAhRNJIe8Jccb0NldjD6ZV1UHwpa3CnYLU8JiclW5EgWVz9KImYorJtanD2PNJ6q3nsQDXQ=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:48:03 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 4d139e86c203335138b5b687dc69016f
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 97.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 221 B
876 B 7ms
7ms Script
text/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/97.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 02:13:23 GMT
content-encoding: br
cdn-edgestorageid: 481
x-amz-request-id: FBACE134A36973B4
cdn-cachedat: 2020-12-22 17:48:29
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Aj/c+LY3021yCiP84GFYYASVkpYHOjYCSmarhMQFwMW64tE7aMCJWKuR7T+vre1PN2NxsR7RGvY=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:48:04 GMT
server: BunnyCDN-DE1-481
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 8dbceb7279a82d2e2ee144c0e9a58152
cdn-requestcountrycode: DE
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H3-Q050 200 css
fonts.googleapis.com/ 21 KB
1 KB 43ms
29ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Dec 2020 00:57:49 GMT
server: ESF
date: Thu, 24 Dec 2020 02:13:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Dec 2020 02:13:23 GMT

OPTIONS
H2 200 rpc
clients6.google.com/ Frame 0
0 35ms
15ms Other
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Protocol

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.sqreen.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.sqreen.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,PATCH,POST,PUT
access-control-max-age: 3600
access-control-allow-headers: content-type
content-type: text/plain; charset=UTF-8
vary: Origin X-Origin
date: Thu, 24 Dec 2020 02:13:24 GMT
expires: Thu, 24 Dec 2020 02:13:24 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 0
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 queue Show response
sumo.com/apps/share/facebook/ 16 B
293 B 190ms
190ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/apps/share/facebook/queue

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 24 Dec 2020 02:13:24 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.sqreen.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 16

POST
H2 200 queue Show response
sumo.com/apps/share/facebook/ 16 B
293 B 198ms
197ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/apps/share/facebook/queue

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 24 Dec 2020 02:13:24 GMT
vary: Origin, Accept-Encoding
server: nginx/1.14.1
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://www.sqreen.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 16

POST rpc
clients6.google.com/ 0
0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 css
fonts.googleapis.com/ 21 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: www.sqreen.com
URL: https://www.sqreen.com/checklists/saas-cto-security-checklist

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Dec 2020 01:52:40 GMT
server: ESF
date: Thu, 24 Dec 2020 02:13:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Dec 2020 02:13:24 GMT

GET
H2 200 features Show response
sumo.com/api/site/0192db87363591a2d11e3ab3e0366ec2da806a510963217183f98874951131e1/ 3 KB
1 KB 366ms
365ms XHR
application/json 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/0192db87363591a2d11e3ab3e0366ec2da806a510963217183f98874951131e1/features?site_id=0192db87363591a2d11e3ab3e0366ec2da806a510963217183f98874951131e1

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-38-14-212.us-west-2.compute.amazonaws.com

Software

nginx/1.14.1 /

Resource Hash

cef0427b6e047c2ad3394c51530c795a835df54637602c4d1768cb49758f62e9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Sumo-Auth: QcIZGjQZe3ypJLvE7QXWsfVj

Response headers

date: Thu, 24 Dec 2020 02:13:24 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.14.1
etag: "-1421097924"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sqreen.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

OPTIONS
H2 204 features
sumo.com/api/site/0192db87363591a2d11e3ab3e0366ec2da806a510963217183f98874951131e1/ Frame 0
0 196ms
196ms Other 52.38.14.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/0192db87363591a2d11e3ab3e0366ec2da806a510963217183f98874951131e1/features?site_id=0192db87363591a2d11e3ab3e0366ec2da806a510963217183f98874951131e1
Protocol: H2
Server: 52.38.14.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-38-14-212.us-west-2.compute.amazonaws.com
Software: nginx/1.14.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sumo-auth
Origin: https://www.sqreen.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.14.1
date: Thu, 24 Dec 2020 02:13:24 GMT
access-control-allow-origin: https://www.sqreen.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/images/burger.svg

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/images/scsc-logo.svg

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/images/arrow-bottom.svg

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/images/sqreen-logo.svg

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/images/icon-twitter-white.svg

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/js/vendors/jquery-3.1.1.min.js

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/js/vendors/isotope.pkgd.min.js

Domain: cto-security-checklist.sqreen.com
URL: https://cto-security-checklist.sqreen.com/js/main.js

Domain: clients6.google.com
URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go.sqreen.com/	1970-01-19 15:36:08	Name: __cfduid Value: dd6634ca9a48ff1a9bc87ad5d26a17eea1608776001
www.sqreen.com/	1970-01-20 08:24:08	Name: _gd_svisitor Value: 6fb51002c51a000042f9e35f830100002bf11100
www.sqreen.com/	1970-01-20 08:24:08	Name: _gd_visitor Value: afe0382f-ea93-4c9e-861c-96c64009cbdd
www.sqreen.com/	1970-01-19 15:03:00	Name: _an_uid Value: 0
go.sqreen.com/	1969-12-31 23:59:59	Name: BIGipServerab37web-nginx-app_https Value: !emcsBhuf2hV6T/tybf/nLIVwOTHiDgtssjr08kPA1y14Y5c1aTdKIIZRfIu/exjl/MFJZ92D4ozp22g=
www.sqreen.com/	1970-01-19 14:52:56	Name: _hjIncludedInPageviewSample Value: 1
.sqreen.com/	1970-01-19 14:52:57	Name: _hjAbsoluteSessionInProgress Value: 1
.sqreen.com/	1970-01-19 23:38:32	Name: ajs_anonymous_id Value: %224ac333e6-b5c5-4bbc-b74e-80465e3a92fe%22
.sqreen.com/	1970-01-19 17:02:32	Name: _fbp Value: fb.1.1608776002390.1013444907
.sqreen.com/	1970-01-19 14:52:56	Name: _gat Value: 1
.sqreen.com/	1970-01-19 14:54:22	Name: _gid Value: GA1.2.1408449561.1608776002
.sqreen.com/	1970-01-20 08:24:08	Name: _mkto_trk Value: id:544-MID-880&token:_mch-sqreen.com-1608776002379-47120
.sqreen.com/	1970-01-20 08:24:08	Name: _ga Value: GA1.2.961373506.1608776002
www.sqreen.com/	1970-01-19 14:53:10	Name: _gd_session Value: 02d5abf8-fbbe-4d7b-8367-a5570492819f
.sqreen.com/	1970-01-19 14:52:57	Name: _hp2_ses_props.3784968534 Value: %7B%22ts%22%3A1608776002144%2C%22d%22%3A%22www.sqreen.com%22%2C%22h%22%3A%22%2Fchecklists%2Fsaas-cto-security-checklist%22%7D
.sqreen.com/	1970-01-19 14:52:57	Name: _hjFirstSeen Value: 1
.sqreen.com/checklists	1969-12-31 23:59:59	Name: tracking Value: {"first_website_visit":"2020-12-24T02:13:21.628Z","referrer":"direct","browser_timezone":-60,"browser_language":"en-US","landing_page":"https://www.sqreen.com/checklists/saas-cto-security-checklist","screen_height":1200,"screen_width":1600,"originalReferrer":""}
.sqreen.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.go.sqreen.com/	1970-01-19 14:52:57	Name: __cf_bm Value: 7bb1cbe6ada37b57e72e50b144051c653aff3e2b-1608776001-1800-ARCFn6zytcKhMw+Toc0EztHBKWXbcYZjzoBRIjK8JReTf5VSU2ScZCkek1H5C9kCdVacJ/IrI2wbqg05Orx+S1g=
www.sqreen.com/	1970-01-19 14:52:56	Name: _hjIncludedInSessionSample Value: 0
.sqreen.com/	1970-01-19 23:38:32	Name: _hjid Value: a3b58bc3-52d0-4fce-833c-b8972c71f119
.sqreen.com/	1970-01-20 00:20:53	Name: _hp2_id.3784968534 Value: %7B%22userId%22%3A%226430280339729296%22%2C%22pageviewId%22%3A%224298555582921828%22%2C%22sessionId%22%3A%228560062695872210%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
www.sqreen.com/checklists	1970-01-19 15:36:08	Name: __smVID Value: a84cac164534cbe94c0c8d4293bc5d3523a295f86a2c45b4eaca674690380621

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://munchkin.marketo.net/159/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 544-MID-880 [object Object]
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 26) Message: Query variable %s not found sumotoken
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: install sumo badge...
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 26) Message: Query variable %s not found sumopath
console-api	info	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: CREATING SANDBOX FOR services/index/#services/index
console-api	info	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: CREATING SANDBOX FOR 156085c5-0017-4150-b225-a731ad248f38/service/#156085c5-0017-4150-b225-a731ad248f38/service
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: rendering share...
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: rendering for desktop...
console-api	log	URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js(Line 1) Message: style buffer update...
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: buffer
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: facebook
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: facebooklike
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: googleplus
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: pinterest
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: reddit
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: yummly
console-api	log	URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js(Line 1) Message: undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

544-mid-880.mktoresp.com
analytics.twitter.com
api-iam.intercom.io
api.segment.io
b.6sc.co
c.6sc.co
cdn.heapanalytics.com
cdn.segment.com
cdnjs.cloudflare.com
clients6.google.com
code.jquery.com
connect.facebook.net
cto-security-checklist.sqreen.com
d33wubrfki0l68.cloudfront.net
fonts.googleapis.com
go.sqreen.com
googleads.g.doubleclick.net
heapanalytics.com
in.hotjar.com
j.6sc.co
js.intercomcdn.com
load.sumo.com
munchkin.marketo.net
px.ads.linkedin.com
reports-api.sqreen.io
script.hotjar.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sumo.com
t.co
vars.hotjar.com
vc.hotjar.io
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.sqreen.com
www.sqreen.io
clients6.google.com
cto-security-checklist.sqreen.com
104.109.70.122
104.109.95.62
104.17.74.206
104.244.42.197
104.244.42.3
13.32.240.108
13.32.240.51
13.32.240.67
151.101.12.157
172.217.22.98
18.203.1.140
185.33.221.88
192.28.144.124
2001:4de0:ac19::1:b:2b
2600:9000:2204:b600:4:2d4c:7b00:93a1
2606:4700::6810:125e
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2004
2a00:1450:4001:818::2003
2a00:1450:4001:81d::200a
2a00:1450:400c:c06::9a
2a00:f48:2000:1023::3
2a02:26f0:6c00:28c::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d014:275:cb00:1953:33c3:785c:f9da
2a05:f500:11:101::b93f:9005
3.210.194.123
34.248.170.27
52.38.14.212
54.200.110.219
54.240.168.55
65.9.96.128
65.9.96.131
65.9.96.16
65.9.96.45
65.9.96.53
99.83.219.81
02a21f302057c68afa26c105ad50d582e62ffc537ff3f19daeb2f2b4d131cea8
044a173e1f716a7a084f6a6ce1d716b364e29e52bb491d5caaa9eb367b2dfd3f
06d38da8ea4edf750c8fb4f749f5b71a6dba952fd924a55771c0ccc213339eab
0acecc6a554176c11fe821dfa5ebbe234cc229c5e372c1d5d5d7365ab9f9a11d
0c30678ce61936db0d9405256fc6d328eb49d38614d1650a3678a32ebb3b943c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13e9741d8619b07a7e0779171ec4a35d0ee8dad0592a65088f9d3f31af274d43
17fe63b41bd39cfa0682f83a158dd7a5fb0ef36036e8f4bf3b59a73b3ba27e19
23785a654b83eaf76d3c19acc0029223d8f3707dd3e4fc882c571f2cd0ff664b
23c2a02eceb4430e225b72b02ceb9cf401e12149fde5649783e67e153646c392
252bb228c6f980fd9c7e0abe8357a93cb13723b8bb05fcb4014918b0e18745f7
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
29838c7ea42cc90c5ed78b0db1a3bc0036940b792a9ac5678c2ea75593c6084c
2e1bf31f1b876ac1b5911945fa5c81e536974702e1b5ac29daf7dadbb8b8f2c9
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31f4a14d82ddf989bcc81aa85e345a29814bb68f014dcb743fc39b2fb16659ed
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
394f62547c718336aa5f916333b6907b8c04efbff298bf391da3bc96492a49e3
3b204bcef596f9a5ad61b8e8afb937de118cea37a2d808917fb2ec5750fdc958
3ba84ba04a8963559da5488d4bc05c347c6be5e3a093dc77efbb34619d0239b0
3bab90335837b0878fc05a0cb4605e78f1479d61cefb0653f7b448eac171ebbe
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3c204ee7d12314fd514c1721b3a4fbb844ea666b6b4dd2436868ae16b12291ec
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
40fb8c5e74f6e29c68e9812647b4e02c2fe27ede4e2781f2bd4729f60d990706
41896e2cae87525b92c67de8b235beea7744bd3c9ac233e64c09e7efb1ea61f3
41ff97d0f9d01d0f0a813ed9f4ff9d78c1d2c8060929012d8265c380450f38b2
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
460a49f2067962dd6a8de35096cb273ddd2a6b33c3dc2ad69fd1e31cb0ae7ecd
4858d5d7d0cff30eb9571e795de5da7f3af5e5399b149ddf37cfb1a1041ce076
4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba
4976bdfa792eaeec191f6b9a88beb27c2d7a15c2c2670fab634eed012f4567e0
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
4c6d2f0360d0cc9c7ba34f26b2d05e80a72cb944b53460587bf00ddb82ef89ba
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4fa051988de64ab5a747873766694b77fe5a73abf8ae76a61540f6c35e4bed91
5253f362331b955af39b0f6f1e32d9aefff3468bfea10c1e4cc23fb37099a3a5
5255fe00193b66f96c13b9319b806f8be3770360e62c133013e800857909646d
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
541a2735ab006dc37764ee3d14b7c34d674e84a3e56e710320a02469f4401f64
549e37adce39732724863821c8ee6c5f9e5e1977a6083a133ed153b0b23fb87b
552d186233d43e628237dc5d6c58064b9760fa43f47601ca1a95fc43903fe4f4
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57cd46adbabd6c40823602b4513aecbe89320a769572255272abe9f008de69fa
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
5e7cc919d6aad76a106d34dfa95d2b87d6cd925eb8e19fcfbc98a7c79e4b3ed9
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
655270ae95f9a7b35ec7557a5d4d95a267ab7be2d40334167277742de77bab49
65d5da362ebe504b8e92c4007b5ec68fd001d63274885d3266b03055be327c79
65f159f273c9a92ce315e57c1834c8ce19f6bb3a368fe4f37d83d3259ba3f330
6f43b0241cbe4ec667b5f8bb20a43ba9729c40b5d86f094b32e8aa831c058f89
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
779651bc146d489786b9b4ab590d2784547448e4b85cf1bb9036b31e404d1a37
7dcf4dbd2ec98aac130fc6028affd9c50e57653e5222bfadaa2d4a49979c7405
82f32f34b32e8fba104f8c02fe2bf723cdf7e20165e53f21841f6d119fd515fd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848c5de83cc5769619fb12455772acca45887021ab6fdc7b5c88f36a31ff0946
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8867e18a10ae4dedad9634dc790a6d93e4c770f794d18139588d3bbef7733868
89aa4a1f3078b5ac8ca91b5cc2b7f1b95e30c2f2a7e2157bc5913bb19070d484
921349a9979962b0a95cf858c2dcc0dcdafea0609e01f078c1b93f8ed1e6d7fd
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
96ad1fc39ca27535ee13ecd4cd96cf822d4cffed721fac8610dfab380cefbb43
99f98dbdc42cfe095ad06ce2a2a676106205dc4f4ee64b04c759de608a55abfe
9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830
9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642
9e3a966e2682fc629f65218b0d7faaad1d3108d56031faa981bc9d3e95ceba6b
9e65e22009a2cd53b890d12a8c72c3fc20b76328d65e1c20e58077f9cf25f87f
a275a2b875378f8727cf0910679f171c73982c569101b03f77a88df16facb338
a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
ab36a512210b0f75aacf3ed1860bfd5cab5abefaddf34dd30a932bee87bea85f
abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b06c7eafbda047f65aab6993db141b3b08770f327f853c1e8c91b47869cd0df0
b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bea7e2163b7dbdb8849b1749d019a139b9dc79e80cc5a8724820a6a6c54bb267
c270352cc14aadb8a906007a4e030cf7ccaaab51715a905f2bfec0f505b06294
c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c65d5f03bb2e19294396faa0b9c630a79b33c961b6773cde5d0e8c9ad7e4daea
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cef0427b6e047c2ad3394c51530c795a835df54637602c4d1768cb49758f62e9
d5c416aad5a93ec52210006b33c49fd56518f38daa131352ab96f70bfbbdd4df
d5f4f9bb6f4bfe95273f713520651f6450ecfea07d03678d3163c4c9cf6a0c5d
d65008cad89b9d9dbb20b1579634ba3e90708160ae1838ca4c1d38fe2e3fd84c
d8a0f8e1830ffb6cc96615fbc19a1a3ad0a5eb1c6256f8ac3f73b31cf5e3fe9c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
dde2a7cd4331f78a4b35dca9aa2e716fc3d0c83ba0f855f0812cbfae4a27a805
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa
e1ec254792b6fe5cb168d2ce9cb1e35d15311d3b357b305a95cbfb12552477d0
e2af26a6f7017e387ab6460d6ed668d84234619cd748343a169c50716e582191
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e5b6d6d4ccf96f50e9aa6ba5d235888cb7e82f309f89d86925b4ca0cf5678e42
e986032f29885a46b943e3ff7042c79c8c8ac09f5c70bdfdf28cae4229c05730
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f160ad26da8c4e9af52b4db65ba3876aa8f80320fd7312ced32e6e26cde4af3e
f2822d60f9ebd42bf712d5417a8fc4d846afd7f26a3a6afb5838698deeaf2b2a
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

www.sqreen.com Open in urlscan Pro 2a05:d014:275:cb00:1953:33c3:785c:f9da Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

147 Requests

94 %HTTPS

41 %IPv6

31 Domains

44 Subdomains

41 IPs

6 Countries

1935 kBTransfer

7319 kBSize

23 Cookies

110 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sqreen.com Open in urlscan Pro
2a05:d014:275:cb00:1953:33c3:785c:f9da Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

94 %
HTTPS

41 %
IPv6

31
Domains

44
Subdomains

41
IPs

6
Countries

1935 kB
Transfer

7319 kB
Size

23
Cookies

147 HTTP transactions
5 data transactions