app.contractsafe.com Open in urlscan Pro
34.214.94.53 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
Submission: On August 19 via manual (August 19th 2022, 2:21:43 pm UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 19 domains to perform 49 HTTP transactions. The main IP is 34.214.94.53, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is app.contractsafe.com. The Cisco Umbrella rank of the primary domain is 558575.
TLS certificate: Issued by Amazon on January 31st 2022. Valid for: a year.

This is the only time app.contractsafe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	34.214.94.53 34.214.94.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:73b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223f:6400:1f:aa31:7740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.165.237.134 35.165.237.134	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.92.195.120 52.92.195.120	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80b::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:8d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	23

16 34.214.94.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-94-53.us-west-2.compute.amazonaws.com

app.contractsafe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

alcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:6400:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.165.237.134 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-237-134.us-west-2.compute.amazonaws.com

pspdf.contractsafe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.195.120 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:8d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	contractsafe.com app.contractsafe.com — Cisco Umbrella Rank: 558575 pspdf.contractsafe.com — Cisco Umbrella Rank: 660931	2 MB
7	google.com apis.google.com — Cisco Umbrella Rank: 134 accounts.google.com — Cisco Umbrella Rank: 99 www.google.com — Cisco Umbrella Rank: 9	79 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6886	265 KB
5	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4343 app.hubspot.com — Cisco Umbrella Rank: 5524 track.hubspot.com — Cisco Umbrella Rank: 2112	23 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6076	548 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 52	2 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 130	16 KB
1	gstatic.com www.gstatic.com	35 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	45 KB
1	amazonaws.com s3-us-west-2.amazonaws.com	35 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3437	917 B
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 842	141 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2009	16 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4583	21 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 1988	20 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3133	3 KB
1	msauth.net alcdn.msauth.net — Cisco Umbrella Rank: 3835	169 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2226	973 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	1 KB
49	19

	Domain	Requested by
16	app.contractsafe.com	app.contractsafe.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
3	accounts.google.com	apis.google.com app.contractsafe.com www.gstatic.com
3	apis.google.com	app.contractsafe.com apis.google.com
2	app.hubspot.com	js.usemessages.com static.hsappstatic.net
2	api.hubspot.com	js.usemessages.com
1	track.hubspot.com
1	www.google.de	app.contractsafe.com
1	www.google.com	app.contractsafe.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.gstatic.com	accounts.google.com
1	www.googletagmanager.com	js.hsadspixel.net
1	s3-us-west-2.amazonaws.com	app.contractsafe.com
1	api.hubapi.com	js.hsadspixel.net
1	pspdf.contractsafe.com	app.contractsafe.com
1	cdn.pendo.io	app.contractsafe.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	alcdn.msauth.net	app.contractsafe.com
1	js.hs-scripts.com	app.contractsafe.com
1	fonts.googleapis.com	app.contractsafe.com
49	24

This site contains no links.

Subject Issuer	Validity	Valid
*.contractsafe.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 02	`2022-08-04` - `2023-07-30`	a year	crt.sh
cdn.pendo.io Amazon	`2022-07-30` - `2023-08-28`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-12-17` - `2022-11-29`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
Frame ID: F462EA8DFC7288D3CAB9E73D199A3810
Requests: 38 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 64BBFCAF8FD9A8F5B58BE07D46535ECC
Requests: 4 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/2082317/threads/utk/20f1e8868a864ed8bb1ac272648c6b26?uuid=94d787e14cda401fb52da71e195c9ef4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=app.contractsafe.com&inApp53=false&messagesUtk=20f1e8868a864ed8bb1ac272648c6b26&url=https%3A%2F%2Fapp.contractsafe.com%2Flogin%3Fnext%3D%252Fv3%252Fcontracts%252F3918f5c1-5d59-4759-b2ed-80531003463a&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 5BC9D6384C4E6B186CE96C1F75259E7F
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ContractSafe ::

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

100 %
HTTPS

82 %
IPv6

19
Domains

24
Subdomains

23
IPs

2
Countries

2826 kB
Transfer

10582 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
app.contractsafe.com/ 10 KB
5 KB 707ms
200ms Document
text/html 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

b589e4f8de604e47bdc468864b7b3263cf7ed2d551879e95b2b721d5f3746bfe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate, private
content-encoding: gzip
content-length: 3845
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
content-type: text/html; charset=utf-8
date: Fri, 19 Aug 2022 14:21:36 GMT
expires: Fri, 19 Aug 2022 14:21:36 GMT
referrer-policy: same-origin same-origin
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Cookie,Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
x-xss-protection: 1; mode=block 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 86ms
33ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 13:14:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 19 Aug 2022 14:21:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Aug 2022 14:21:36 GMT

GET
H2 200 jquery.mCustomScrollbar.css
app.contractsafe.com/static/lp/css/ 54 KB
6 KB 201ms
199ms Stylesheet
text/css 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/static/lp/css/jquery.mCustomScrollbar.css

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

055a53803f7214c989dbe26fc366ad13587ea581e254c705c8733d6461f1a8a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:41:22 GMT
server: Apache
etag: "d65c-5e6502b502c80-gzip"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: text/css
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5635
x-content-type-options: nosniff

GET
H2 200 font-awesome.min.css
app.contractsafe.com/static/font-awesome/css/ 30 KB
8 KB 203ms
201ms Stylesheet
text/css 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/static/font-awesome/css/font-awesome.min.css

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:41:22 GMT
server: Apache
etag: "7918-5e6502b502c80-gzip"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: text/css
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 7053
x-content-type-options: nosniff

GET
H2 200 main.min.css
app.contractsafe.com/static/assets/css/ 144 KB
25 KB 394ms
391ms Stylesheet
text/css 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/static/assets/css/main.min.css?csapp=US-v0.1.0-4081

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

7cd45de2d18541411afb99a90f87e09d69bdcd2b3c4806f7b64b47b92bcd03c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:41:22 GMT
server: Apache
etag: "23fb7-5e6502b502c80-gzip"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: text/css
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 24346
x-content-type-options: nosniff

GET
H2 200 bootstrap.min.css
app.contractsafe.com/static/stylesheets/vendor/bootstrap/css/ 119 KB
20 KB 580ms
578ms Stylesheet
text/css 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/static/stylesheets/vendor/bootstrap/css/bootstrap.min.css?csapp=US-v0.1.0-4081

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

4936e4d8aefc8b5969e8f2f71db805a28c68476d7724c9c7846df11285e148ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:41:22 GMT
server: Apache
etag: "1dbe0-5e6502b502c80-gzip"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: text/css
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 19650
x-content-type-options: nosniff

GET
H2 200 styles.min.css
app.contractsafe.com/static/stylesheets/ 45 KB
10 KB 393ms
391ms Stylesheet
text/css 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/static/stylesheets/styles.min.css

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

545e10de7f3436c390b5511852328bb72f6fc3af902f68295181dc09fc923fc7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:41:22 GMT
server: Apache
etag: "b2a5-5e6502b502c80-gzip"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: text/css
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 8964
x-content-type-options: nosniff

GET
H2 200 styles_v3.min.css
app.contractsafe.com/static/stylesheets/ 52 KB
11 KB 390ms
389ms Stylesheet
text/css 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/static/stylesheets/styles_v3.min.css?csapp=US-v0.1.0-4081

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

32a61a6ab56d1e2e73ac4a7668a2ba6d3fa655311b919c7c3cf0332d14dced30

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:41:22 GMT
server: Apache
etag: "cf26-5e6502b502c80-gzip"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: text/css
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 10076
x-content-type-options: nosniff

GET
H2 200 jquery.fancybox.min.css
app.contractsafe.com/static/lp/css/ 4 KB
2 KB 390ms
388ms Stylesheet
text/css 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/static/lp/css/jquery.fancybox.min.css

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

653e3d4f3cc5c2f02e91b98be75d7cbe575c5828d5134bf5b13f561b1d207daf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:41:22 GMT
server: Apache
etag: "f82-5e6502b502c80-gzip"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: text/css
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1220
x-content-type-options: nosniff

GET
H2 200 2082317.js Show response
js.hs-scripts.com/ 2 KB
973 B 188ms
134ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2082317.js
Requested by: Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a68ea411f1437e3eb135d9829ce8e15d3088aa59caca9228e396f5151d2b34d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 19 Aug 2022 11:30:36 GMT
server: cloudflare
x-hubspot-correlation-id: e342c762-09f9-408a-b32f-4a64b94eceb0
x-trace: 2B2E0063201532A3F6011A5A91B367321FE3B574AF000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 73d389621e4e903d-FRA
expires: Fri, 19 Aug 2022 14:22:37 GMT

GET
H2 200 cs_ver.js Show response
app.contractsafe.com/static/javascripts/ 1 KB
2 KB 203ms
202ms Script
application/javascript 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/static/javascripts/cs_ver.js

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ed622ed52a3271f5937630ff7ce97313d4b5cfb5ce15e5675388916038478f0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Fri, 19 Aug 2022 14:11:23 GMT
server: Apache
etag: "50e-5e698ac508aab-gzip"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: application/javascript
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 1034
x-content-type-options: nosniff

GET
H2 200 vendors~main.fa9a05d161820a329332.bundle.js Show response
app.contractsafe.com/static/javascripts/dist/ 4 MB
1 MB 581ms
580ms Script
application/javascript 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/static/javascripts/dist/vendors~main.fa9a05d161820a329332.bundle.js

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

56b7a9ae2fdeb88b75bf4491227ec6cf1f62f38ea18a319e17f391acb0460f6c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:47:56 GMT
server: Apache
etag: "3a5b05-5e65042cc2300-gzip"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: application/javascript
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 main.65193d9c031f62892824.bundle.js Show response
app.contractsafe.com/static/javascripts/dist/ 1 MB
208 KB 769ms
768ms Script
application/javascript 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/static/javascripts/dist/main.65193d9c031f62892824.bundle.js

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

803383b89cbc01e5f2d15b51f59a7f9300c5de9483f2e31df13b74940cb98f66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
content-encoding: gzip
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:47:56 GMT
server: Apache
etag: "111610-5e65042cc2300-gzip"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: application/javascript
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 81ms
33ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=setgapi

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89d721ca21d1f18aef983e6b566f69db40a463ff90bced411e937f0f9b98ff38

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20359
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Fri, 19 Aug 2022 14:21:36 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "62bea18ed28113f3"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 14:21:36 GMT

GET
H2 200 msal.js Show response
alcdn.msauth.net/lib/1.2.1/js/ 763 KB
169 KB 255ms
35ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://alcdn.msauth.net/lib/1.2.1/js/msal.js
Requested by: Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9a8ec6963ac3a41bb4cfa0c2aa341b51d74a637e3a8c08dd909f1de24b816fee

Request headers

Referer
Origin: https://app.contractsafe.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 19 Aug 2022 14:21:36 GMT
content-encoding: gzip
x-azure-ref-originshield: 020z/YgAAAABbTMT2D3bGRqlVcG6siI0hQU1TMDRFREdFMTkyMQBkYjY2MmZlMy1mNDM4LTQzYzItYTI5Zi1lNjU5MGM0ZjVlNTE=
content-md5: dmb+No3JAg3ab7QL/BNn0Q==
x-cache: TCP_HIT
content-length: 172194
x-ms-lease-status: unlocked
last-modified: Thu, 23 Jan 2020 00:05:25 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D79F97F277182D
x-azure-ref: 0cZz/YgAAAACQ9aIrqtNNT7pAEpRqF0yOQlJVMzBFREdFMDcwOQBkYjY2MmZlMy1mNDM4LTQzYzItYTI5Zi1lNjU5MGM0ZjVlNTE=
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f9bc7512-701e-000c-3ba7-b3c36a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 81ms
29ms Script
application/javascript 2606:4700::6811:73b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2082317.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea2ffede896a8727d9691452b1314e64ac7d2932896e89920599392ba33dd6f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
via: 1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 518
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.290/bundles/pixels-release.js&cfRay=73d37cbddd859001-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Wed, 10 Aug 2022 01:59:54 UTC
server: cloudflare
etag: W/"4f0b2f5f5adcb58be2f46e95ab35e280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: .CBGOpqVu8zaE1sKV5DacDTNZHwT9f6j
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 73d389634b97bb8b-FRA
x-amz-cf-id: Mey23yuWm-iOyVa6WxODdhbPhTGMwH2bYOUAoZ_HV0LbfjKOARe_PQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.290/bundles/pixels-release.js

GET
H2 200 2082317.js Show response
js.hs-analytics.net/analytics/1660918800000/ 62 KB
20 KB 222ms
170ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1660918800000/2082317.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2082317.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f94be210b82b7ce210fd1ee5a4703d578aba4518d2f0df105f79e17d9d2c852

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 9EBXY0DYVAMFE728
x-amz-server-side-encryption: AES256
cf-ray: 73d3896349e86931-FRA
x-amz-id-2: SjweCrolwudslTAzsgjUDeDxt+ySkXC2pvHI8uLCEv+6rBVm6cvClePn1T4gV3fWjMWVBNVtxI0=
last-modified: Tue, 26 Jul 2022 14:49:10 GMT
server: cloudflare
etag: W/"f15493de3b72c3f42b6f5f7710949564"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Fri, 19 Aug 2022 14:26:37 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 73 KB
21 KB 88ms
35ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2082317.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c09332326d7e70e0623cd6bd5b3b5bf25ed4f55f92f7b90291ebe4cc9ce9130d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
via: 1.1 68261aebcfc232344da2ef3bf1d3f9ea.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 556
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10527/bundles/project.js&cfRay=73d37bcfc8b49b46-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Wed, 10 Aug 2022 02:50:06 UTC
server: cloudflare
etag: W/"a2bf181c4425a795ee88f3f230bb1967"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: c5qrTiV6vDUhLMyUOB33g.CfXJNifE8r
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 73d3896349035c26-FRA
x-amz-cf-id: SRAg4Sy2cq2eAnN0h7TBz_UvUZOXQrD6qfhC9ANgTT93DUGcymIgoQ==
x-hs-target-asset: conversations-embed/static-1.10527/bundles/project.js

GET
H2 200 2082317.js Show response
js.hs-banner.com/ 61 KB
16 KB 200ms
146ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2082317.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2082317.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd8ca262db2b58a7632bfd37498bdd2b772ee0d9b97d3f167a73e78d99c1cefe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 2PGW1ASTWN7R29CR
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: eYKmVGLygvfa1VTIxXSAMjzbJ52SdIPk+w7eqynOEvofS5dGZB/kyKx9+VP9kAlQhdtgcyeOtBY=
timing-allow-origin: *
last-modified: Tue, 16 Aug 2022 20:54:20 GMT
server: cloudflare
etag: W/"203b45d973208d8b222c9ede249fd2e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: LEVvzKEPNw9.Yg39wDxCh64KqvPe77Gd
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 73d389634d6968fb-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 19 Aug 2022 14:26:37 GMT

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/e85d8779-8996-4919-7da6-8488194c7a05/ 455 KB
141 KB 142ms
37ms Script
application/javascript 2600:9000:223f:6400:1f:aa31:7740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/e85d8779-8996-4919-7da6-8488194c7a05/pendo.js
Requested by: Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:6400:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a282dc246e1a12e94cb2c15437b1674f0baa48ec123fcbd9b54608d6af434fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Fri, 19 Aug 2022 14:14:10 GMT
Content-Encoding: gzip
Age: 448
X-GUploader-UploadID: ADPycdvw-41wdGQHdk26wuIqOCE54-Jlxg_9XtAgOipm-feAtk3QOyCb5t8cvNv_HCKvcrgBfyyjhNl_CqgkcfPeredOXybkBsws
X-Cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 143859
Access-Control-Allow-Origin: *
Last-Modified: Thu, 18 Aug 2022 19:16:29 GMT
Server: UploadServer
ETag: "dc02ace9ac738879a62f251a92bbda29"
Vary: Accept-Encoding
x-goog-hash: crc32c=Q9OUjQ==, md5=3AKs6axziHmmLyUakrvaKQ==
x-goog-generation: 1660850189600068
Via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 143859
X-Amz-Cf-Pop: FRA56-P5
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: _TxzsKd693Q8RHqEJBO1A_pdqJQ7rFbAmDZRMbaStANfO1SGSAaEpA==
Expires: Fri, 19 Aug 2022 14:21:40 GMT

GET
H2 200 pspdfkit.js Show response
pspdf.contractsafe.com/ 2 MB
454 KB 751ms
371ms Script
text/javascript 35.165.237.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pspdf.contractsafe.com/pspdfkit.js
Requested by: Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.165.237.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-165-237-134.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 34db5d0cddf253911889050f0b6bb9e643a6e3a6e15b6b0f628bf801fb095e4d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:39 GMT
content-encoding: br
server: Cowboy
etag: "5182968"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public
accept-ranges: bytes
content-length: 464192
x-request-id: FwzE8FLDfIGkssUAADIE

GET
H2 200 36a546a98dbdb166cdce9a4f41078c3b.woff2
app.contractsafe.com/static/javascripts/dist/ 16 KB
17 KB 191ms
191ms Font
font/woff2 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/static/javascripts/dist/36a546a98dbdb166cdce9a4f41078c3b.woff2

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
Origin: https://app.contractsafe.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:38 GMT
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:47:56 GMT
server: Apache
etag: "4160-5e65042cc2300"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: font/woff2
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 16736
x-content-type-options: nosniff

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 203ms
152ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=2082317&conversations-embed=static-1.10527&mobile=false&messagesUtk=20f1e8868a864ed8bb1ac272648c6b26&traceId=20f1e8868a864ed8bb1ac272648c6b26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://app.contractsafe.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://app.contractsafe.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73d3896c98d05b92-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 19 Aug 2022 14:21:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYuqqYS7mX%2B8uBd5nblqGeRGh15DR03DHHLyIs%2BzmfHNAEH3bpMlk%2FaEd7Idh5N7qyij9Va4LYkI%2Fn2rJazPJGEl93hJ9tWNNd%2Bd21HAEw9iCsDYDZtheGGfb49NFFipk97H8Uk1Jx2wFnNT3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: e47df6a3-9a2e-4213-9e7d-b9fdcdc26b8f
x-trace: 2B320BCECAF4109802767C20FF0BF60C47B30B4D4C000000000000000000

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 4 KB
3 KB 515ms
487ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ff96a9dcb8e7e15ddace90b4d03e752e172ff48df5a19c3f3398f62d47a244b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Referer
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Response headers

date: Fri, 19 Aug 2022 14:21:39 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d126c533-8f43-47d8-b866-0f11293a4c7a
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1637
server: cloudflare
x-trace: 2B7C4C320322B35EB56EC2F021E9D5F534DFCE4C48000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onnZ7S2EheYcjQeRD4YOVFKP7dD9rBxE3SatuUotCwCGVcTYb9xN433ZvSBgsO9tCUyBGRSsRRUwpsfuDPEHA9%2F1PtXtWb%2FLOlfU3IiUVVi%2FKTv%2BxjT7wJYS0iqPdRq9WzAGeYWCt%2FglcUHa9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.contractsafe.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 73d3896dbd6fbb35-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 67 B
917 B 237ms
184ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=2082317

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acadc20c60c039a4d29694d5e3aad7103c6d135b8088e4ecc3ff310a35954964

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 225dcf48-9c93-4ae9-a25c-34704e01cef1
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B3F5CB50D89886FB2EA2180089F1248514D2A129A000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqVruJJoj2zqrwmw7t90aB8E03Ooycr1dq2kA0c2wyi%2FPmNxIUvP6OTTcPEY%2BcHW3t3o%2B43q12ICG4o3n%2BsejVWydgo6IhJu%2BZ0HqH9i6aJwjzxZLVkObEyvdmPhUqifrQJAp37%2Fztu7GHmi"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.contractsafe.com
access-control-allow-credentials: false
cf-ray: 73d3896c9fd068f8-FRA
access-control-allow-headers: *

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 108 KB
36 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=setgapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a17fc9f326fc2b2f9f290ef004383d7dc046f777c6efe021fc52194c1d404dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 00:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 223731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36464
x-xss-protection: 0
last-modified: Sat, 30 Jul 2022 15:17:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 00:12:47 GMT

GET
H2 200 g-logo.svg
app.contractsafe.com/static/images/ 918 B
2 KB 192ms
191ms Image
image/svg+xml 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.contractsafe.com/static/images/g-logo.svg

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

e6b4af5c00cfed6d0532a501cf5e1bb69512f7756d297a7f4cbdc8f086b9c6ec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:38 GMT
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:41:22 GMT
server: Apache
etag: "396-5e6502b502c80"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: image/svg+xml
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 918
x-content-type-options: nosniff

GET
H2 200 ms-symbollockup_mssymbol_19.png
app.contractsafe.com/static/images/ 162 B
892 B 193ms
192ms Image
image/png 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.contractsafe.com/static/images/ms-symbollockup_mssymbol_19.png

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

ecc6ec51a0ff2a2c3314e3f98f47c75beb6ca294e70569cdc457a05fe7028d8d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:38 GMT
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:41:22 GMT
server: Apache
etag: "a2-5e6502b502c80"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: image/png
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 162
x-content-type-options: nosniff

GET
H2 200 05e19c4acc0834e67a3becda1d6340cb.woff2
app.contractsafe.com/static/javascripts/dist/ 16 KB
17 KB 193ms
193ms Font
font/woff2 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/static/javascripts/dist/05e19c4acc0834e67a3becda1d6340cb.woff2

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

eb0d3e86a0d3dffd0c2d917f5b309a189f78110ee62373666161a018036da1a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
Origin: https://app.contractsafe.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:38 GMT
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:47:56 GMT
server: Apache
etag: "3fc4-5e65042cc2300"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: font/woff2
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 16324
x-content-type-options: nosniff

GET
H2 200 fontawesome-webfont.woff2
app.contractsafe.com/static/font-awesome/fonts/ 75 KB
76 KB 192ms
192ms Font
font/woff2 34.214.94.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.contractsafe.com/static/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/static/font-awesome/css/font-awesome.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.214.94.53 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-214-94-53.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.contractsafe.com/static/font-awesome/css/font-awesome.min.css
Origin: https://app.contractsafe.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:38 GMT
referrer-policy: same-origin
last-modified: Mon, 15 Aug 2022 23:41:22 GMT
server: Apache
etag: "12d68-5e6502b502c80"
x-frame-options: SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
content-type: font/woff2
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 77160
x-content-type-options: nosniff

GET
H/1.1 200
OK logo_720_v4.png
s3-us-west-2.amazonaws.com/contractsafe/logos/ 35 KB
35 KB 790ms
217ms Image
image/png 52.92.195.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/contractsafe/logos/logo_720_v4.png
Requested by: Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.195.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0f147cc17718edd650e0b46473815149f8616347ba06c442d3cb683fb012f015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Fri, 19 Aug 2022 14:21:40 GMT
Last-Modified: Wed, 02 Jun 2021 01:19:28 GMT
Server: AmazonS3
x-amz-request-id: 4C85H0P68XCGBJVM
ETag: "01c504f3ba7b2b8d02474fa27448c0c1"
x-amz-version-id: mYMO1u4xiIPF6AoZXahhdlGCyt7psvjY
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 35482
x-amz-id-2: Q3Kt1ZpEs7Hj42OcdG42LEE6xX1U95yLNmzD5Ih1/X3F3rziwRQLxRr7zV1ysQJfg8YsP/6x5G8=

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
20 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=attachClickHandler

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/static/javascripts/dist/main.65193d9c031f62892824.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea4fc667a8fdff55917c94a915ad7e6daea0692e5d0670dc933cac3b3a3026f0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Fri, 19 Aug 2022 14:21:38 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "6e8a7e82c00a0985"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Aug 2022 14:21:38 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame 64BB 280 B
1 KB 119ms
71ms Document
text/html 2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e603ffe70ccb65c7dff760cb6fdf5de21ccf7d553758b342a96988ad3b75e76

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xIR91fsFoJQbJjK-ijkBJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-xIR91fsFoJQbJjK-ijkBJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 14:21:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 92ms
42ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-940339995

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04b1f8292013118f4b305d3fa940c4777c5e99d97f97c9da01c5f7846f6fcc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45715
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Aug 2022 14:21:38 GMT

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 64BB 2 KB
850 B 87ms
39ms Other
text/html 2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

65b4508b4bb33bb19169fd0ecf59a2de8ee097e56292ee44760332ca2e75d905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 14:21:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.JKv_83cAvA4.es5.O/d=1/rs=AOaEmlGCqAhdd5kCWNLH_qJvUIRKiy0-XA/ Frame 64BB 99 KB
35 KB 75ms
22ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.JKv_83cAvA4.es5.O/d=1/rs=AOaEmlGCqAhdd5kCWNLH_qJvUIRKiy0-XA/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64edc5596b8cef6a234f2a15e4ab06fee5718f1ba507fe82528a30f2897afa52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 11:39:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34851
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 17:41:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Aug 2023 11:39:16 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 138ms
81ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-940339995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

6854343e00c3b85696ab0203e2389917dee112fef408125323d7cd3f48faaab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15668
x-xss-protection: 0
server: cafe
etag: 17682506513748322061
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Aug 2022 14:21:39 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame 64BB 49 B
95 B 37ms
37ms XHR
application/json 2a00:1450:4001:80b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fapp.contractsafe.com&client_id=961309055303-uujcdtfkmnr1qb5pd6nn5ue9r8ergqic.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.JKv_83cAvA4.es5.O/d=1/rs=AOaEmlGCqAhdd5kCWNLH_qJvUIRKiy0-XA/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aM4d5CE2o2JkZJKf6GoNdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-aM4d5CE2o2JkZJKf6GoNdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
expires: Fri, 19 Aug 2022 14:21:39 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/940339995/ 2 KB
2 KB 94ms
38ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/940339995/?random=1660918899122&cv=9&fst=1660918899122&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8h0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.contractsafe.com%2Flogin%3Fnext%3D%252Fv3%252Fcontracts%252F3918f5c1-5d59-4759-b2ed-80531003463a&tiba=ContractSafe%20%3A%3A&auid=1549961580.1660918899&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de47bfe99dff3c3423baa3d0e127d1150e4d6772cc9cfe8c948ffc1306358263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 14:21:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/940339995/ 42 B
548 B 119ms
70ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/940339995/?random=1660918899122&cv=9&fst=1660917600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.contractsafe.com%2Flogin%3Fnext%3D%252Fv3%252Fcontracts%252F3918f5c1-5d59-4759-b2ed-80531003463a&tiba=ContractSafe%20%3A%3A&async=1&fmt=3&is_vtc=1&random=3937730048&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 14:21:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/940339995/ 42 B
548 B 92ms
41ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/940339995/?random=1660918899122&cv=9&fst=1660917600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8h0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.contractsafe.com%2Flogin%3Fnext%3D%252Fv3%252Fcontracts%252F3918f5c1-5d59-4759-b2ed-80531003463a&tiba=ContractSafe%20%3A%3A&async=1&fmt=3&is_vtc=1&random=3937730048&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: app.contractsafe.com
URL: https://app.contractsafe.com/login?next=%2Fv3%2Fcontracts%2F3918f5c1-5d59-4759-b2ed-80531003463a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Aug 2022 14:21:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 20f1e8868a864ed8bb1ac272648c6b26 Show response
app.hubspot.com/conversations-visitor/2082317/threads/utk/ Frame 5BC9 48 KB
18 KB 242ms
184ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/2082317/threads/utk/20f1e8868a864ed8bb1ac272648c6b26?uuid=94d787e14cda401fb52da71e195c9ef4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=app.contractsafe.com&inApp53=false&messagesUtk=20f1e8868a864ed8bb1ac272648c6b26&url=https%3A%2F%2Fapp.contractsafe.com%2Flogin%3Fnext%3D%252Fv3%252Fcontracts%252F3918f5c1-5d59-4759-b2ed-80531003463a&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d906b076618715d98464058604953e5c8e79d3f62b754fc3157dab9cd7d1fbb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 145
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 73d389711d9c9c0c-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.13005/html/index.html&cfRay=73d389711d9c9c0c&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F2082317%2Fthreads%2Futk%2F20f1e8868a864ed8bb1ac272648c6b26%3Fuuid%3D94d787e14cda401fb52da71e195c9ef4%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dapp.contractsafe.com%26inApp53%3Dfalse%26messagesUtk%3D20f1e8868a864ed8bb1ac272648c6b26%26url%3Dhttps%253A%252F%252Fapp.contractsafe.com%252Flogin%253Fnext%253D%25252Fv3%25252Fcontracts%25252F3918f5c1-5d59-4759-b2ed-80531003463a%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=&cfenv=prod&pdt=2022-08-19&csp=ro
content-type: text/html; charset=utf-8
date: Fri, 19 Aug 2022 14:21:39 GMT
etag: W/"fde59e7b2e771879e2aed913e11fbc67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 10 Aug 2022 02:50:06 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=73d389711d9c9c0c&resource=conversations-visitor-ui/static-1.13005/html/index.html"}]}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 3d65275b81abaf880be10de6f2c71e9a.cloudfront.net (CloudFront)
x-amz-cf-id: tIP8beGevXbfcVrTR30p_UzNYyX8zcnD9WJSni8KhIoRRf9XlMY5Jg==
x-amz-cf-pop: IAD89-P1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: sgBF7k_rY522gHHx8SLvJH_qiR4Rd1Ah
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.13005/html/index.html
x-hs-worker-debug-mode: false

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.223/ Frame 5BC9 44 KB
16 KB 104ms
40ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.223/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/2082317/threads/utk/20f1e8868a864ed8bb1ac272648c6b26?uuid=94d787e14cda401fb52da71e195c9ef4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=app.contractsafe.com&inApp53=false&messagesUtk=20f1e8868a864ed8bb1ac272648c6b26&url=https%3A%2F%2Fapp.contractsafe.com%2Flogin%3Fnext%3D%252Fv3%252Fcontracts%252F3918f5c1-5d59-4759-b2ed-80531003463a&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2778903aad7fbc80e080d755b907ba9b836cea44751989d3923a28b48f8d102e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:39 GMT
via: 1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1289574
x-amz-server-side-encryption: AES256
cf-ray: 73d38972bfad9112-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 04 Aug 2022 15:24:29 GMT
server: cloudflare
etag: W/"2407a7964ffbf44b40b5b506b96368df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NTKU0DlEyaVriLqdgMkumDri4jKdATTdBdjdxW3Aqhq592TDXlrQs%2FRkdFJVRwyqAX0wZowroPelGbrg2wC%2B76cabIPQWa2Yg88pxZNEJ0w100pZ4Rm9BUuPlgjK5BHUGKORe6xE35fh7he29guv2WgTH4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: irhayGiqpCyrRQiCATc2s.GJ3NHllsom
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P2
content-type: application/javascript
x-amz-cf-id: gRLOEWVVbqeloUJUCJnreFx0aO0B-PaBVriPnXFi5Tlyq-T9Y8QL6A==
expires: Sat, 19 Aug 2023 14:21:39 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame 5BC9 20 KB
5 KB 94ms
30ms Stylesheet
text/css 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:39 GMT
via: 1.1 cba87929a659f0e0a8a2cdc0b7cb22ae.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 112368
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTTs2X71XOY5M%2Fl6aNS8zJsu%2BU4XXT9sNDj48u%2B55MCgkqZwFf7BSb5dF6pAHXhOQOIiStk9nnERpwqphb61U%2BwwEgZx%2FsXjuD0K%2FrqdUFhznMBRkop71TTYqea%2F9o4F1ygXtDm0XdNJZxYZ0gysLQtgFd4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
cache-control: public, max-age=31536000
x-amz-cf-pop: HEL51-P2
cf-ray: 73d38972bb998ff4-FRA
x-amz-cf-id: pUn2MIDrESb4MIntLPEl6MZiXWuBFxCOZQg2xX_pvNgIQ4-MB4VHow==
expires: Sat, 19 Aug 2023 14:21:39 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.312/ Frame 5BC9 295 KB
95 KB 100ms
36ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.312/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

338be55e09986b74b0abf67ba0d09e117698bc411529b3da8f0783a349461bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:39 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 853238
x-amz-server-side-encryption: AES256
cf-ray: 73d38972bfaf9112-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Aug 2022 01:31:38 GMT
server: cloudflare
etag: W/"24368d9bf0991b15f75e817302381e9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jULo7javk3uZJFPvFZglnlSFhQDVE3UDKv8yVxLKJ%2FWX90zxhuDf19TbOnNZGPT5oqyb9BGBNsWa4x3bP73nh5pnRYtZO1D3j9lBeoqPeKC%2FRhUc%2FQHkpCvDW6ITptR2%2FkIvO78Y1uk4z0dpYxO06694KM0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: tGv9d32FqDJZMi1TXjkihXz8ATz_W19h
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: 7VtSsFI-hHbSctamVsuxTlpk8EpaHVs1Gtj-x_x5VX-wsHCt4Ok-yg==
expires: Sat, 19 Aug 2023 14:21:39 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13005/bundles/ Frame 5BC9 508 KB
148 KB 103ms
39ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13005/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b77c3bd2c894db137a8f336c17ac29f1594ec5af0992955b992f9c4cf8cca745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:39 GMT
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 775890
x-amz-server-side-encryption: AES256
cf-ray: 73d38972bfb09112-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 12:47:24 GMT
server: cloudflare
etag: W/"f256542a6af6ceeed437331f5ab75882"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2F2LVCkEPZBjJ0TiU%2F%2B4M%2FQE3U9fum1eYgj0jUfwWXxPsrBs603%2BYlykdMNARieiYZSlOJpfY9TTMDaA%2BZte0uH5s7eHlV%2BSvqBuuAdJwMB2VNMMJzq0U82IhdDenrRCQHqNEcPC7XiKZHDeCmYl3TdYKSg%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4ZVN9WwqwrSShn_QR6h0LOyR_8.npKP.
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: v6S7uNd0TpqXNhFjo2Ogz3yEm2QdJwcUcHOMh9MBCzw7hqBmsPtuow==
expires: Sat, 19 Aug 2023 14:21:39 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12866/ Frame 5BC9 776 B
1 KB 60ms
35ms Script
application/javascript 2606:4700::6811:8d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12866/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13005/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:8d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c7803606f0214378a7296f304b85a18d0cb047ecd2c3e9c066b95eac1b354df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:39 GMT
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2404336
x-amz-server-side-encryption: AES256
cf-ray: 73d38973dfeb9055-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 18:05:07 GMT
server: cloudflare
etag: W/"d105d9d314ee327813395907aaaebd14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEggVhfcVVFk6TgPqxiD7kEBGwf%2FkbvBZ7uHVFO%2BbKtAcBgOgLZK8UCNoNMEyhZHPIztoh0StCv8%2BSY2gj8yMeo9bDbw6SGgdcJdFDAu2BBj1w%2BE4Ysg48vd2u12cbtwl%2B2TvJ%2F5rueHrgX3nxm1Ge1ZLYE%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: JEgcIEae4RCP8X2OpQHVNr_uxJQ.waGT
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: um0_GH8FJWjBJ8AnoCgQEDJ1AIQBojpsg8TIlO5UKEHyWf1iBnQlsw==
expires: Sat, 19 Aug 2023 14:21:39 GMT

POST
H3 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 5BC9 0
1 KB 176ms
152ms Ping
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13005

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13005/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/2082317/threads/utk/20f1e8868a864ed8bb1ac272648c6b26?uuid=94d787e14cda401fb52da71e195c9ef4&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=app.contractsafe.com&inApp53=false&messagesUtk=20f1e8868a864ed8bb1ac272648c6b26&url=https%3A%2F%2Fapp.contractsafe.com%2Flogin%3Fnext%3D%252Fv3%252Fcontracts%252F3918f5c1-5d59-4759-b2ed-80531003463a&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Aug 2022 14:21:40 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 1ca8a453-1951-45cf-b123-79d6955290c0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kA10ME1Cc07P0m8qNFAsntm8g8JjZ50AzKQqDC1jpfQZrIEooX0F9Pw8sO3TZdhuqjKwA2kp2ol75575cDOoZN2hrFWrNhIZCjwxjzeZerAXBA68OCM7YS76hA5LPTTsYhSJLFlHXjU4stUjA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-allow-credentials: true
cf-ray: 73d389748a089255-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
534 B 149ms
141ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1091019263&v=1.1&a=2082317&pu=https%3A%2F%2Fapp.contractsafe.com%2Flogin%3Fnext%3D%252Fv3%252Fcontracts%252F3918f5c1-5d59-4759-b2ed-80531003463a&t=ContractSafe+%3A%3A&cts=1660918900337&vi=09df6c44610de6c44cbe4d17fdd4d912&nc=true&u=96518336.09df6c44610de6c44cbe4d17fdd4d912.1660918900334.1660918900334.1660918900334.1&b=96518336.1.1660918900334&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 14:21:40 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2532ed8d-de6c-4ea3-927f-73f2eefa2979
cf-ray: 73d389773ecd9c0c-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTUQkR%2F5wbP8NqSFwW2nPlir%2FVa3SdPk9vpCPGUJzkovA4kMcsbZGr3bpBHk8uytiYi3aF4b7kdtcTYgIlR0hoC5SX8qyFlnVNrT4MnAeGQvqynGsAvL7lTAqVXG6UJUFhNVUw2OK1JWVndQkiLP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app.contractsafe.com/	1970-01-20 14:06:08	Name: csrftoken Value: kskzglyufMl4SekI9B7ews70kObaQytkLVCZEMrs8R9LduTcZv8mC17OdKZUezBB
.app.contractsafe.com/	1970-01-20 14:57:58	Name: G_ENABLED_IDPS Value: google
app.contractsafe.com/	1970-01-20 05:32:03	Name: AWSALB Value: +5G3QVOm1CseIo8YewVKDc/LEV43xLRW2FH5PhsbDN+SFjnXfwEzLtogINMcDH9KZzsNTwHjmH+SmkS68jE9XVXS7qkcy4dOvOoK730aMqr/sIRKibVUyLpRu/x5
app.contractsafe.com/	1970-01-20 05:32:03	Name: AWSALBCORS Value: +5G3QVOm1CseIo8YewVKDc/LEV43xLRW2FH5PhsbDN+SFjnXfwEzLtogINMcDH9KZzsNTwHjmH+SmkS68jE9XVXS7qkcy4dOvOoK730aMqr/sIRKibVUyLpRu/x5
.contractsafe.com/	1970-01-20 07:31:34	Name: _gcl_au Value: 1.1.1549961580.1660918899
.google.com/	1970-01-20 09:45:30	Name: NID Value: 511=jSEEAItW6CqrgfeZd6Suk2VkVjNTN2zk7FG3VYAryM_vNelVHOzwjJvdYnWj3bwCsaTYTuUv_7qOkIsjkJ7CmY0YrJz6luQu7oWfRetiZqOyH-IcmwLpSEQACCnhxbQiQ94gk0kMgIJo_wIdP-z_hxn03BIgLBmLLWauJynMt4A
.doubleclick.net/	1970-01-20 05:21:59	Name: test_cookie Value: CheckForPermission
.hubspot.com/	1970-01-20 05:22:00	Name: __cf_bm Value: eehd4545WsYh5fJWM9dpwqCzHoiP1B1BfHTTP39gDg4-1660918899-0-AY6FterdpTGtGDFl9rEIcEQ53Xv2z9XhtgfqMqgqA/q6GeuWwWVGXWIgNBHTniat5b2psXIG1cgj7A9YYKxCHQQ=
.app.contractsafe.com/	1970-01-20 09:41:10	Name: messagesUtk Value: 20f1e8868a864ed8bb1ac272648c6b26
.contractsafe.com/	1970-01-20 09:41:10	Name: __hstc Value: 96518336.09df6c44610de6c44cbe4d17fdd4d912.1660918900334.1660918900334.1660918900334.1
.contractsafe.com/	1970-01-20 09:41:10	Name: hubspotutk Value: 09df6c44610de6c44cbe4d17fdd4d912
.contractsafe.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.contractsafe.com/	1970-01-20 05:22:00	Name: __hssc Value: 96518336.1.1660918900334

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' *.learnondemandsystems.com http://localhost:8000;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN, ALLOW-FROM *.learnondemandsystems.com http://localhost:8000;
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
alcdn.msauth.net
api.hubapi.com
api.hubspot.com
apis.google.com
app.contractsafe.com
app.hubspot.com
cdn.pendo.io
fonts.googleapis.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
pspdf.contractsafe.com
s3-us-west-2.amazonaws.com
static.hsappstatic.net
track.hubspot.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.186.162
2600:9000:223f:6400:1f:aa31:7740:93a1
2606:4700:4400::6812:21ab
2606:4700::6811:45b0
2606:4700::6811:73b0
2606:4700::6811:8d2
2606:4700::6811:c9cc
2606:4700::6811:d5cc
2606:4700::6811:efcc
2606:4700::6813:9a53
2620:1ec:46::45
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80b::200d
2a00:1450:4001:810::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2004
34.214.94.53
35.165.237.134
52.92.195.120
04b1f8292013118f4b305d3fa940c4777c5e99d97f97c9da01c5f7846f6fcc2f
055a53803f7214c989dbe26fc366ad13587ea581e254c705c8733d6461f1a8a1
0a17fc9f326fc2b2f9f290ef004383d7dc046f777c6efe021fc52194c1d404dd
0f147cc17718edd650e0b46473815149f8616347ba06c442d3cb683fb012f015
1c7803606f0214378a7296f304b85a18d0cb047ecd2c3e9c066b95eac1b354df
2778903aad7fbc80e080d755b907ba9b836cea44751989d3923a28b48f8d102e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
32a61a6ab56d1e2e73ac4a7668a2ba6d3fa655311b919c7c3cf0332d14dced30
338be55e09986b74b0abf67ba0d09e117698bc411529b3da8f0783a349461bdf
34db5d0cddf253911889050f0b6bb9e643a6e3a6e15b6b0f628bf801fb095e4d
3e603ffe70ccb65c7dff760cb6fdf5de21ccf7d553758b342a96988ad3b75e76
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4936e4d8aefc8b5969e8f2f71db805a28c68476d7724c9c7846df11285e148ba
4f94be210b82b7ce210fd1ee5a4703d578aba4518d2f0df105f79e17d9d2c852
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9
545e10de7f3436c390b5511852328bb72f6fc3af902f68295181dc09fc923fc7
56b7a9ae2fdeb88b75bf4491227ec6cf1f62f38ea18a319e17f391acb0460f6c
64edc5596b8cef6a234f2a15e4ab06fee5718f1ba507fe82528a30f2897afa52
653e3d4f3cc5c2f02e91b98be75d7cbe575c5828d5134bf5b13f561b1d207daf
65b4508b4bb33bb19169fd0ecf59a2de8ee097e56292ee44760332ca2e75d905
6854343e00c3b85696ab0203e2389917dee112fef408125323d7cd3f48faaab2
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cd45de2d18541411afb99a90f87e09d69bdcd2b3c4806f7b64b47b92bcd03c4
803383b89cbc01e5f2d15b51f59a7f9300c5de9483f2e31df13b74940cb98f66
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
89d721ca21d1f18aef983e6b566f69db40a463ff90bced411e937f0f9b98ff38
8ff96a9dcb8e7e15ddace90b4d03e752e172ff48df5a19c3f3398f62d47a244b
9a8ec6963ac3a41bb4cfa0c2aa341b51d74a637e3a8c08dd909f1de24b816fee
a282dc246e1a12e94cb2c15437b1674f0baa48ec123fcbd9b54608d6af434fcf
a68ea411f1437e3eb135d9829ce8e15d3088aa59caca9228e396f5151d2b34d9
acadc20c60c039a4d29694d5e3aad7103c6d135b8088e4ecc3ff310a35954964
b589e4f8de604e47bdc468864b7b3263cf7ed2d551879e95b2b721d5f3746bfe
b77c3bd2c894db137a8f336c17ac29f1594ec5af0992955b992f9c4cf8cca745
c09332326d7e70e0623cd6bd5b3b5bf25ed4f55f92f7b90291ebe4cc9ce9130d
d906b076618715d98464058604953e5c8e79d3f62b754fc3157dab9cd7d1fbb8
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd8ca262db2b58a7632bfd37498bdd2b772ee0d9b97d3f167a73e78d99c1cefe
de47bfe99dff3c3423baa3d0e127d1150e4d6772cc9cfe8c948ffc1306358263
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b4af5c00cfed6d0532a501cf5e1bb69512f7756d297a7f4cbdc8f086b9c6ec
ea2ffede896a8727d9691452b1314e64ac7d2932896e89920599392ba33dd6f1
ea4fc667a8fdff55917c94a915ad7e6daea0692e5d0670dc933cac3b3a3026f0
eb0d3e86a0d3dffd0c2d917f5b309a189f78110ee62373666161a018036da1a1
ecc6ec51a0ff2a2c3314e3f98f47c75beb6ca294e70569cdc457a05fe7028d8d
ed622ed52a3271f5937630ff7ce97313d4b5cfb5ce15e5675388916038478f0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

app.contractsafe.com Open in urlscan Pro 34.214.94.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

82 %IPv6

19 Domains

24 Subdomains

23 IPs

2 Countries

2826 kBTransfer

10582 kBSize

13 Cookies

0 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.contractsafe.com Open in urlscan Pro
34.214.94.53 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

82 %
IPv6

19
Domains

24
Subdomains

23
IPs

2
Countries

2826 kB
Transfer

10582 kB
Size

13
Cookies

49 HTTP transactions
1 data transactions