sso.variiance.com Open in urlscan Pro
176.9.154.250 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://payment.variiance.com/
Effective URL:
https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/auth?client_id=payment&redirect_uri=https%3A%2F%2F...
Submission: On November 09 via automatic, source certstream-suspicious (November 9th 2023, 12:23:07 am UTC) — Scanned from DE

Summary HTTP 70 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 12 domains to perform 70 HTTP transactions. The main IP is 176.9.154.250, located in Germany and belongs to HETZNER-AS, DE. The main domain is sso.variiance.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 8th 2022. Valid for: a year.

This is the only time sso.variiance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	176.9.154.250 176.9.154.250	24940 (HETZNER-AS) (HETZNER-AS)
5	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
4	95.101.75.153 95.101.75.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
70	14

33 176.9.154.250 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod.variiance.com

payment.variiance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sso.variiance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
variiance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vconnct.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.101.75.153 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-75-153.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	variiance.com 1 redirects payment.variiance.com sso.variiance.com variiance.com	1 MB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 t.clarity.ms — Cisco Umbrella Rank: 7395 Failed c.clarity.ms — Cisco Umbrella Rank: 1405 Failed	54 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462 Failed	42 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	177 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 742	145 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	272 KB
2	gstatic.com fonts.gstatic.com	93 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	239 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	760 B
1	vconnct.me vconnct.me
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 903	4 KB
70	12

	Domain	Requested by
20	sso.variiance.com	payment.variiance.com sso.variiance.com
11	payment.variiance.com	payment.variiance.com
5	fonts.googleapis.com	payment.variiance.com sso.variiance.com
4	www.clarity.ms	payment.variiance.com www.clarity.ms
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	connect.facebook.net	payment.variiance.com connect.facebook.net sso.variiance.com
4	analytics.tiktok.com	payment.variiance.com analytics.tiktok.com
4	www.googletagmanager.com	payment.variiance.com www.google-analytics.com sso.variiance.com
2	fonts.gstatic.com	fonts.googleapis.com
2	c.clarity.ms
2	www.facebook.com	payment.variiance.com sso.variiance.com
1	c.bing.com	1 redirects
1	vconnct.me	sso.variiance.com
1	variiance.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	t.clarity.ms	www.clarity.ms
1	unpkg.com	payment.variiance.com
70	17

This site contains links to these domains. Also see Links.

Domain
variiance.com

Subject Issuer	Validity	Valid
payment.variiance.com R3	`2023-11-08` - `2024-02-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-18` - `2023-11-16`	3 months	crt.sh
*.variiance.com ZeroSSL RSA Domain Secure Site CA	`2022-11-08` - `2023-11-08`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/auth?client_id=payment&redirect_uri=https%3A%2F%2Fpayment.variiance.com%2F&state=73d4f73c-dfc4-48ce-b733-894665b6db80&response_mode=fragment&response_type=code&scope=openid&nonce=ee89b788-4e01-44de-b4ec-74b8ee153c51
Frame ID: A7D44795D6DF98127F6DD50D339ED845
Requests: 66 HTTP requests in this frame

Frame: https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/3p-cookies/step2.html
Frame ID: 902CE85E8E022F28BCE8776F37668641
Requests: 2 HTTP requests in this frame

Frame: https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/login-status-iframe.html
Frame ID: 6FA1CD6CF5E9A45F1229DB0DDC464BF3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

سجّل الدخول إلى Variiance

Page URL History Show full URLs

https://payment.variiance.com/ Page URL
https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/auth?client_id=payment&redirec... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

70
Requests

61 %
HTTPS

71 %
IPv6

12
Domains

17
Subdomains

14
IPs

4
Countries

2241 kB
Transfer

7258 kB
Size

31
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://variiance.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://payment.variiance.com/ Page URL
https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/auth?client_id=payment&redirect_uri=https%3A%2F%2Fpayment.variiance.com%2F&state=73d4f73c-dfc4-48ce-b733-894665b6db80&response_mode=fragment&response_type=code&scope=openid&nonce=ee89b788-4e01-44de-b4ec-74b8ee153c51 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://variiance.com/static/media/Group%20110.f597cf4f.svg HTTP 301
https://vconnct.me/

Request Chain 67

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1E9E24F512D1493A81811FAF93352270&RedC=c.clarity.ms&MXFR=2908AAEF9C1F6B6C0B37B92B981F65CA HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1E9E24F512D1493A81811FAF93352270&MUID=06C6C80C73516BC73953DBC872516A84

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
payment.variiance.com/ 6 KB
3 KB 63ms
12ms Document
text/html 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.variiance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod.variiance.com
Software: nginx/1.21.4 /
Resource Hash: 49eba100966f3f939555da59f0fc56f47a98195fe4fb3b4ea31c96ef1758d4a7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-type: text/html
date: Thu, 09 Nov 2023 00:23:01 GMT
etag: W/"6315fb82-19cd"
last-modified: Mon, 05 Sep 2022 13:37:06 GMT
server: nginx/1.21.4
transfer-encoding: chunked
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 136ms
54ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600

Requested by

Host: payment.variiance.com
URL: https://payment.variiance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2fae66c2e7d04f04329fb23bcaf4ec5d67928fae7f2690111b968905f4eee351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 22:49:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 00:23:02 GMT

GET
H2 200 leaflet.css
unpkg.com/leaflet@1.5.1/dist/ 14 KB
4 KB 45ms
16ms Stylesheet
text/css 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/leaflet@1.5.1/dist/leaflet.css

Requested by

Host: payment.variiance.com
URL: https://payment.variiance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4873060989924f8e92a321a0a38611ffd0252b5bdfddf7fce00abdc8ae2176a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.variiance.com/
Origin: https://payment.variiance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:01 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 16999595
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GYY39EDTDX423BKQQ3VNCY5D-fra
server: cloudflare
etag: W/"37bc-eNGUkCb3bhCXe6sFt0PSpUCo4lU"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8231e79d28db371c-FRA

GET
H/1.1 200
OK 7.2bbbf3d1.chunk.css
payment.variiance.com/static/css/ 27 KB
4 KB 13ms
12ms Stylesheet
text/css 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.variiance.com/static/css/7.2bbbf3d1.chunk.css
Requested by: Host: payment.variiance.com
URL: https://payment.variiance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod.variiance.com
Software: nginx/1.21.4 /
Resource Hash: 32c2be5b67520df66590e06e4666bd433fd1f49ea410d9b3b16558b61bbea04c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:01 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 13:37:05 GMT
server: nginx/1.21.4
etag: W/"6315fb81-6b52"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: text/css

GET
H/1.1 200
OK main.203addfd.chunk.css
payment.variiance.com/static/css/ 788 KB
107 KB 40ms
27ms Stylesheet
text/css 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.variiance.com/static/css/main.203addfd.chunk.css
Requested by: Host: payment.variiance.com
URL: https://payment.variiance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod.variiance.com
Software: nginx/1.21.4 /
Resource Hash: 2a006d9c6e08e8bdfb18fd01b346fb42f33bd84a2d407b6ed12068b8ec1d4406

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:01 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 13:37:05 GMT
server: nginx/1.21.4
etag: W/"6315fb81-c4e32"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: text/css

GET
H/1.1 200
OK 7.e423f2cc.chunk.js Show response
payment.variiance.com/static/js/ 2 MB
373 KB 36ms
14ms Script
application/javascript 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.variiance.com/static/js/7.e423f2cc.chunk.js
Requested by: Host: payment.variiance.com
URL: https://payment.variiance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod.variiance.com
Software: nginx/1.21.4 /
Resource Hash: d8d085dfbe230e079ae04b8c5766407d36147b584e9335f3e2423bf73bd46f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:01 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 13:37:05 GMT
server: nginx/1.21.4
etag: W/"6315fb81-1803bb"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK main.42bf2572.chunk.js Show response
payment.variiance.com/static/js/ 449 KB
224 KB 35ms
12ms Script
application/javascript 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.variiance.com/static/js/main.42bf2572.chunk.js
Requested by: Host: payment.variiance.com
URL: https://payment.variiance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod.variiance.com
Software: nginx/1.21.4 /
Resource Hash: 8b7ed8830fdff4c14d92759486276bde5e8c942a76b8b4087db135950a672ad7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:01 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 13:37:05 GMT
server: nginx/1.21.4
etag: W/"6315fb81-7031f"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
55 KB 133ms
52ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NG6KSTR

Requested by

Host: payment.variiance.com
URL: https://payment.variiance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7b9c6068202fcb449cd7c7294274f9eeb880747ac07474f085eb32a30de5753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56258
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Nov 2023 00:23:02 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 240ms
150ms Script
application/javascript 95.101.75.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6MUDNBU2H2VK28SH8C0&lib=ttq
Requested by: Host: payment.variiance.com
URL: https://payment.variiance.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.153 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-153.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 372cf2a56317b336acbd1e0a8f284ecf11c8c0268840f3ddf8af2da54d2bfc95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id: 353b5c63.2ffedca
date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-153.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 118,23.202.121.153
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=27, inner; dur=8
content-length: 1361
pragma: no-cache
server: nginx
x-tt-logid: 202311090023028EDE37A547826EDA7939
x-cache-remote: TCP_MISS from a23-195-36-40.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.195.36.40
x-tt-trace-host: 011176e688eb45422a7c21af8c7bd555abec405d517b7945d7b12b746430ed5b88fb41812aede6dee322e7044b63bb5d4b6421abfbc922cd1394ea43751523c9aaeb90510eebd41930bdeb49e4d65f3b50e8b612c7bef3d454b015074594beccbba43264630a9f6933ec0db072f5ee6459
expires: Thu, 09 Nov 2023 00:23:02 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: payment.variiance.com
URL: https://payment.variiance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Nov 2023 00:23:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: agu2COFwu4jXxq+Y9DxjJwHgFXUgqIAJiKe5t885EhProHgRp33dYkysXNVUpWiQcgZlF06TnqCDt8xBRoKKwg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
639 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@600&display=swap

Requested by

Host: payment.variiance.com
URL: https://payment.variiance.com/static/css/main.203addfd.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7661d1a75211ff7ad1519bbd597712444bc87719ab1dcd406d6afbeca248200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 23:35:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 00:23:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ 576 B
453 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Almarai:wght@700&display=swap

Requested by

Host: payment.variiance.com
URL: https://payment.variiance.com/static/css/main.203addfd.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64bec704a1f8d3634f4bdf094e7a634ace978d9a858feb6252174a7bcf5302de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 23:55:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 00:23:02 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
507 B 46ms
45ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Almarai:wght@300;400;700;800&display=swap

Requested by

Host: payment.variiance.com
URL: https://payment.variiance.com/static/css/main.203addfd.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdc1e3942c56dfbe1202ef2478070900336bea48ca198a4771df8011d849b868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 08 Nov 2023 23:59:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 00:23:02 GMT

GET
H/1.1 200
OK 9.1d1499e9.chunk.css
payment.variiance.com/static/css/ 52 KB
7 KB 12ms
12ms Stylesheet
text/css 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.variiance.com/static/css/9.1d1499e9.chunk.css
Requested by: Host: payment.variiance.com
URL: https://payment.variiance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod.variiance.com
Software: nginx/1.21.4 /
Resource Hash: 4463859a03781a39d6094bae53cf11ff2f36fa2dd84e368a0201201d7049508b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 13:37:05 GMT
server: nginx/1.21.4
etag: W/"6315fb81-d13e"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: text/css

GET
H/1.1 200
OK 9.ec3662dd.chunk.js Show response
payment.variiance.com/static/js/ 577 KB
161 KB 17ms
17ms Script
application/javascript 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.variiance.com/static/js/9.ec3662dd.chunk.js
Requested by: Host: payment.variiance.com
URL: https://payment.variiance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod.variiance.com
Software: nginx/1.21.4 /
Resource Hash: c08be306478c5345847db8c2bfb9bd84a74a3a115acb50a3012fa12a863c4423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 13:37:05 GMT
server: nginx/1.21.4
etag: W/"6315fb81-90480"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK 16.1dd7aea6.chunk.css
payment.variiance.com/static/css/ 898 B
589 B 12ms
12ms Stylesheet
text/css 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.variiance.com/static/css/16.1dd7aea6.chunk.css
Requested by: Host: payment.variiance.com
URL: https://payment.variiance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod.variiance.com
Software: nginx/1.21.4 /
Resource Hash: 225ccd838ddbc157cb9c7c7acde5359f575d4d7f8aedef2ee9d62fc4741c2c20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 13:37:05 GMT
server: nginx/1.21.4
etag: W/"6315fb81-382"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: text/css

GET
H/1.1 200
OK 16.297a1f15.chunk.js Show response
payment.variiance.com/static/js/ 35 KB
7 KB 12ms
12ms Script
application/javascript 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.variiance.com/static/js/16.297a1f15.chunk.js
Requested by: Host: payment.variiance.com
URL: https://payment.variiance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod.variiance.com
Software: nginx/1.21.4 /
Resource Hash: 1a259ee848897dd596a2868b77bd3ac328fb8a6d39064429d914bea39738289f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 13:37:05 GMT
server: nginx/1.21.4
etag: W/"6315fb81-8ac9"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK logo.fcaebe27.png
payment.variiance.com/static/media/ 157 KB
158 KB 21ms
12ms Image
image/png 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.variiance.com/static/media/logo.fcaebe27.png
Requested by: Host: payment.variiance.com
URL: https://payment.variiance.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod.variiance.com
Software: nginx/1.21.4 /
Resource Hash: 24624efccd154c33cbd781fd0b266bfbc1460704f1c76ac6c648c6cb4f44d244

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
last-modified: Mon, 05 Sep 2022 13:37:05 GMT
server: nginx/1.21.4
accept-ranges: bytes
etag: "6315fb81-27567"
content-length: 161127
content-type: image/png

GET
H2 200 1316964222132863 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1316964222132863?v=2.9.138&r=stable&domain=payment.variiance.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4fef6c6de60e5c8095cabc8192cef32fe74c0606310cd62e6fe44cb43f3e1e3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Nov 2023 00:23:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: JsgxUIyLDIyeR72ohFnWzS6lylDTxUkRPH8dsGzWR/gzar9TGbjuET4skZA+Dh8CduBJTrAkDvchNvQnunFsZQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK step1.html Show response
sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/3p-cookies/ Frame 902C 955 B
2 KB 302ms
14ms Document
text/html 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/3p-cookies/step1.html

Requested by

Host: payment.variiance.com
URL: https://payment.variiance.com/static/js/7.e423f2cc.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payment.variiance.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, no-transform, no-store
content-length: 955
content-security-policy: frame-src 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Thu, 09 Nov 2023 00:23:02 GMT
p3p: CP="This is not a P3P policy!"
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 115ms
31ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6KSTR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 23:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2000
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 09 Nov 2023 01:49:42 GMT

GET
H2 200 buqy0jonbx Show response
www.clarity.ms/tag/ 1018 B
1 KB 140ms
103ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/buqy0jonbx?ref=gtm2
Requested by: Host: payment.variiance.com
URL: https://payment.variiance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 01099c1be822fd21779d0e6d084c71f08f577e332742f9d26ba95e2574ee7a15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: -1
date: Thu, 09 Nov 2023 00:23:02 GMT
x-azure-ref: 20231109T002302Z-t2s0e0v3wt1hp73a576e1q2e2n000000009g000000016mtf
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1018
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 main.MTBkNWQ3YjBkMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 24ms
24ms Script
application/javascript 95.101.75.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBkNWQ3YjBkMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6MUDNBU2H2VK28SH8C0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.153 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-153.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4eafd1eb43de86362e510cefbe94652d52ef4ff1cb3f234e9a5a71941d633eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id: 2ffede4
date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311071259385BE60535075BFC5E1D88
vary: Accept-Encoding
x-cache: TCP_HIT from a23-202-121-153.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0120ad57fe59ce87a3976e95a9aa5aa507ef395fc9160b735272fa10757351082ea19431db666c790211b08d406e0d7308edb728524f1cfae6ce575b4bba0aa7e99f1abac075cb443a683114b17b3ec04ac70133110a3fc72ed7d1dca52829fb40
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 108175

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 26ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1316964222132863&ev=PageView&dl=https%3A%2F%2Fpayment.variiance.com%2F&rl=&if=false&ts=1699489382323&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699489382322.138459699&ler=empty&it=1699489382212&coo=false&rqm=GET

Requested by

Host: payment.variiance.com
URL: https://payment.variiance.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Nov 2023 00:23:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_052e4.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
36 KB 24ms
24ms Script
application/javascript 95.101.75.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_052e4.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBkNWQ3YjBkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.153 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-153.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 75e71db96a17fcba01ea348f496e010c1311dd75207fc513260abde5e38965b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-akamai-request-id: 2ffedf5
date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311071259356F931C2EF300FF5DCBCC
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-202-121-153.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01417c2f1d49b31d07b2162c192e4d800ed2f25161d1f6395098512c3b8b17225af86066d8627aa0ce0e76f4a5120ddd8e82d12babcad704a333b7be71998b4ced41220d8e3859127f3ed9cefb24c362b73181c4306a2d9c58939f26e2f74f1964
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 35974

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
793 B 294ms
290ms Ping
text/plain 95.101.75.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTBkNWQ3YjBkMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.75.153 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-75-153.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: https://payment.variiance.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 40398991.2ffee01
date: Thu, 09 Nov 2023 00:23:02 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-202-121-153.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 265,23.202.121.153
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=175, inner; dur=153
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023110900230277C290E5CDA265C4318B
x-cache-remote: TCP_MISS from a23-195-36-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 175,23.195.36.39
x-tt-trace-host: 011176e688eb45422a7c21af8c7bd555abec405d517b7945d7b12b746430ed5b88986eee8b5bf7e3d8bd668f400ba7d0de8f78be0ac1cde825a7eb37af371d01b585131b87e6e26eb4e80255c332a79f9363f9f735631c3b062d712f1a4f41ca2e46a9a3a4c58fa6d7f7018eec5a6d7e7f
access-control-allow-headers: Authorization,*
expires: Thu, 09 Nov 2023 00:23:02 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
225 B 39ms
38ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1871575119&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.variiance.com%2F&ul=en-us&de=UTF-8&dt=Variiance%20Payment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAACAAI~&jid=1507510100&gjid=1373447374&cid=1429658174.1699489382&tid=UA-213512131-6&_gid=313675108.1699489382&_r=1&_slc=1&gtm=45He3b60n81NG6KSTRv854982040&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1930284964

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84c1c700d49864ad48b17353c76a0a371cb7786d0b6d298ccd0ee13894aa7633

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.variiance.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 00:23:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.variiance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.16/ 59 KB
25 KB 15ms
15ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.16/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/buqy0jonbx?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 354142e53641e1e72a89609e46eff578e69d762290d65d84acaaf380751c20fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 11:11:51 GMT
etag: W/"0x8DBE04B8283FFCB"
vary: Accept-Encoding
x-azure-ref: 20231109T002302Z-t2s0e0v3wt1hp73a576e1q2e2n000000009g000000016mut
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: fcd56e84-e01e-005e-5955-12c53b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
81 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JSSYWZXEEH&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52a5ab7ae341d575fbd5c5d2854373a9dd5fa9e8041d7622f707d36cc2fcffec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Nov 2023 00:23:02 GMT

GET
H/1.1 200
OK step2.html Show response
sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/3p-cookies/ Frame 902C 1 KB
2 KB 12ms
12ms Document
text/html 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/3p-cookies/step2.html

Requested by

Host: sso.variiance.com
URL: https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/3p-cookies/step1.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, no-transform, no-store
content-length: 1142
content-security-policy: frame-src 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Thu, 09 Nov 2023 00:23:02 GMT
p3p: CP="This is not a P3P policy!"
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

POST collect
t.clarity.ms/ 0
0

GET
H/1.1 200
OK login-status-iframe.html
sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/ Frame 6FA1 4 KB
4 KB 14ms
13ms Document
text/html 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/login-status-iframe.html

Requested by

Host: payment.variiance.com
URL: https://payment.variiance.com/static/js/7.e423f2cc.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payment.variiance.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, no-transform, no-store
content-length: 3713
content-security-policy: frame-src 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Thu, 09 Nov 2023 00:23:02 GMT
p3p: CP="This is not a P3P policy!"
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 1; mode=block

POST collect
region1.google-analytics.com/g/ 0
0

POST act
analytics.tiktok.com/api/v2/pixel/ 0
0

GET c.gif
c.clarity.ms/ 0
0

GET
H/1.1 204
No Content init
sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/login-status-iframe.html/ Frame 6FA1 0
224 B 12ms
12ms XHR
text/plain 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/login-status-iframe.html/init?client_id=payment&origin=https%3A%2F%2Fpayment.variiance.com

Requested by

Host: sso.variiance.com
URL: https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/login-status-iframe.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Nov 2023 00:23:02 GMT
x-content-type-options: nosniff
referrer-policy: no-referrer
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK Primary Request auth Show response
sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/ 27 KB
29 KB 25ms
24ms Document
text/html 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/auth?client_id=payment&redirect_uri=https%3A%2F%2Fpayment.variiance.com%2F&state=73d4f73c-dfc4-48ce-b733-894665b6db80&response_mode=fragment&response_type=code&scope=openid&nonce=ee89b788-4e01-44de-b4ec-74b8ee153c51

Requested by

Host: payment.variiance.com
URL: https://payment.variiance.com/static/js/7.e423f2cc.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

73f14a65842e6197172abcf1b69733c52a76895bf8c8383136c51816fa748cfc

Security Headers

Name	Value
Content-Security-Policy	frame-src 'self'; frame-ancestors 'self'; object-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://payment.variiance.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, must-revalidate, max-age=0
content-language: ar
content-security-policy: frame-src 'self'; frame-ancestors 'self'; object-src 'none';
content-type: text/html;charset=utf-8
date: Thu, 09 Nov 2023 00:23:02 GMT
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
transfer-encoding: chunked
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: none
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK logo%20(2).fcaebe27.png
payment.variiance.com/static/media/ 96 KB
0 13ms
11ms Image
image/png 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payment.variiance.com/static/media/logo%20(2).fcaebe27.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod.variiance.com
Software: nginx/1.21.4 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://payment.variiance.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
last-modified: Mon, 05 Sep 2022 13:37:05 GMT
server: nginx/1.21.4
accept-ranges: bytes
etag: "6315fb81-27567"
content-length: 161127
content-type: image/png

POST collect
t.clarity.ms/ 0
0

GET
H/1.1 200
OK base.css
sso.variiance.com/auth/resources/5ijgt/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 38 KB
6 KB 18ms
12ms Stylesheet
text/css 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/resources/5ijgt/common/keycloak/web_modules/@patternfly/react-core/dist/styles/base.css

Requested by

Host: sso.variiance.com
URL: https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/auth?client_id=payment&redirect_uri=https%3A%2F%2Fpayment.variiance.com%2F&state=73d4f73c-dfc4-48ce-b733-894665b6db80&response_mode=fragment&response_type=code&scope=openid&nonce=ee89b788-4e01-44de-b4ec-74b8ee153c51

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

aef2ee595f506315b93b2bf2f5b80ff9fd98513bd61b3004f0e569ec66366c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 5766
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK app.css
sso.variiance.com/auth/resources/5ijgt/common/keycloak/web_modules/@patternfly/react-core/dist/styles/ 497 KB
51 KB 33ms
14ms Stylesheet
text/css 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/resources/5ijgt/common/keycloak/web_modules/@patternfly/react-core/dist/styles/app.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

37001dcbfa631ba0bec6e5ea46e5c43206f54909786ac129d8ca4eae2966fda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
transfer-encoding: chunked
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK patternfly.min.css
sso.variiance.com/auth/resources/5ijgt/common/keycloak/node_modules/patternfly/dist/css/ 178 KB
31 KB 56ms
28ms Stylesheet
text/css 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/resources/5ijgt/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
transfer-encoding: chunked
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK patternfly-additions.min.css
sso.variiance.com/auth/resources/5ijgt/common/keycloak/node_modules/patternfly/dist/css/ 220 KB
30 KB 71ms
43ms Stylesheet
text/css 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/resources/5ijgt/common/keycloak/node_modules/patternfly/dist/css/patternfly-additions.min.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
transfer-encoding: chunked
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK pficon.css
sso.variiance.com/auth/resources/5ijgt/common/keycloak/lib/pficon/ 577 B
654 B 56ms
28ms Stylesheet
text/css 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/resources/5ijgt/common/keycloak/lib/pficon/pficon.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 323
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK login.css
sso.variiance.com/auth/resources/5ijgt/login/variiance/css/ 14 KB
4 KB 56ms
29ms Stylesheet
text/css 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/resources/5ijgt/login/variiance/css/login.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

64b4a14f5941afa3b88f6bfbb45a10cf336a7ac22042eee8240d2b6b5d0d48aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 3281
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK tile.css
sso.variiance.com/auth/resources/5ijgt/login/variiance/css/ 7 KB
2 KB 68ms
41ms Stylesheet
text/css 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/resources/5ijgt/login/variiance/css/tile.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

38f57a9833dde172f48a5d3294357b7cdde64c6ad734ad59261e2c4246e4dd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 1263
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK style.css
sso.variiance.com/auth/resources/5ijgt/login/variiance/css/ 9 KB
2 KB 69ms
24ms Stylesheet
text/css 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/resources/5ijgt/login/variiance/css/style.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

84f5cd14a91b17bb6971432f4d80552d09aab08551d748354e3f4ec225ce99a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css;charset=UTF-8
cache-control: max-age=2592000
content-length: 2201
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK sso_cover.jpg
sso.variiance.com/auth/resources/5ijgt/login/variiance/img/ 162 KB
162 KB 26ms
26ms Image
image/jpeg 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.variiance.com/auth/resources/5ijgt/login/variiance/img/sso_cover.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

97220929563be59838cf28c0815a3f6468e0b28c66f820a0e96eb84e275c2660

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
transfer-encoding: chunked
content-type: image/jpeg
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
vconnct.me/
Redirect Chain

https://variiance.com/static/media/Group%20110.f597cf4f.svg
https://vconnct.me/

0
0

102ms
13ms

Image
text/html

176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vconnct.me/
Requested by: Host: sso.variiance.com
URL: https://sso.variiance.com/auth/realms/Variiance/protocol/openid-connect/auth?client_id=payment&redirect_uri=https%3A%2F%2Fpayment.variiance.com%2F&state=73d4f73c-dfc4-48ce-b733-894665b6db80&response_mode=fragment&response_type=code&scope=openid&nonce=ee89b788-4e01-44de-b4ec-74b8ee153c51
Protocol: HTTP/1.1
Server: 176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: prod.variiance.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Redirect headers

location: https://vconnct.me
date: Thu, 09 Nov 2023 00:23:02 GMT
cache-control: private
server: nginx/1.25.2
content-length: 169
content-type: text/html

GET
H/1.1 200
OK vast.png
sso.variiance.com/auth/resources/5ijgt/login/variiance/img/ 1 KB
2 KB 15ms
14ms Image
image/png 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.variiance.com/auth/resources/5ijgt/login/variiance/img/vast.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

235cd24ffeaae585683b33d74c1a36788bb958020d5ea117426d3fd26bb7716f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-type: image/png
cache-control: max-age=2592000
content-length: 1527
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK vlc.png
sso.variiance.com/auth/resources/5ijgt/login/variiance/img/ 1 KB
1 KB 16ms
14ms Image
image/png 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.variiance.com/auth/resources/5ijgt/login/variiance/img/vlc.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

2b6bcc6b496e0a2ad82db42f169391a712beb72d8ced724f0a9d3912f3cce2b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-type: image/png
cache-control: max-age=2592000
content-length: 1232
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK vol.png
sso.variiance.com/auth/resources/5ijgt/login/variiance/img/ 1 KB
1 KB 15ms
14ms Image
image/png 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.variiance.com/auth/resources/5ijgt/login/variiance/img/vol.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

378537886f5aa8b2412d4be9dfadeb36420b667ac04e7b45988f84b0af79e6fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-type: image/png
cache-control: max-age=2592000
content-length: 1165
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK vts.png
sso.variiance.com/auth/resources/5ijgt/login/variiance/img/ 1 KB
1 KB 14ms
14ms Image
image/png 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.variiance.com/auth/resources/5ijgt/login/variiance/img/vts.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

a659ee7e473fd975cce149f496aba9a5f1611d34a3aabd6db4071802cccb1dfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer
x-content-type-options: nosniff
content-type: image/png
cache-control: max-age=2592000
content-length: 1062
x-xss-protection: 1; mode=block

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
422 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Almarai:wght@300;400;700&display=swap

Requested by

Host: sso.variiance.com
URL: https://sso.variiance.com/auth/resources/5ijgt/login/variiance/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8b72532f62a67889afcd26f718c2f6fb076407fc38f0d1f880457db7aa96408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 00:11:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Nov 2023 00:23:02 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
55 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NG6KSTR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7b9c6068202fcb449cd7c7294274f9eeb880747ac07474f085eb32a30de5753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56258
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Nov 2023 00:23:02 GMT

GET
H2 200 tsstApxBaigK_hnnQ1iFow.woff2
fonts.gstatic.com/s/almarai/v12/ 46 KB
46 KB 168ms
82ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/almarai/v12/tsstApxBaigK_hnnQ1iFow.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Almarai:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sso.variiance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 17:26:45 GMT
x-content-type-options: nosniff
age: 543378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46804
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:10:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 17:26:45 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
53 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Nov 2023 00:23:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 5DUiuxPZUWx6aKMsVSffNbchzy9VoKOheVT7Bmf4ukMcL6EDywzXIyso5uIe3IDjVTogjw7FgzLxSidGPQesPg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK google.svg
sso.variiance.com/auth/resources/5ijgt/login/variiance/img/ 1 KB
846 B 13ms
13ms Image
image/svg+xml 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.variiance.com/auth/resources/5ijgt/login/variiance/img/google.svg

Requested by

Host: sso.variiance.com
URL: https://sso.variiance.com/auth/resources/5ijgt/login/variiance/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

10bf61292ef28e6730f45097ee9ccd4832714536d99701129173d78e9d40b679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/svg+xml
cache-control: max-age=2592000
content-length: 524
x-xss-protection: 1; mode=block

GET
H2 200 tssoApxBaigK_hnnS-agtnqWow.woff2
fonts.gstatic.com/s/almarai/v12/ 47 KB
47 KB 114ms
40ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/almarai/v12/tssoApxBaigK_hnnS-agtnqWow.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Almarai:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b5a1116fedf74e888369da43f27b4ea6e21a7c5b3e3dde3227da6c21a2ef67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sso.variiance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:28:59 GMT
x-content-type-options: nosniff
age: 406444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48004
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:29:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 07:28:59 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
sso.variiance.com/auth/resources/5ijgt/common/keycloak/node_modules/patternfly/dist/fonts/ 75 KB
76 KB 14ms
14ms Font
application/octet-stream 176.9.154.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.variiance.com/auth/resources/5ijgt/common/keycloak/node_modules/patternfly/dist/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: sso.variiance.com
URL: https://sso.variiance.com/auth/resources/5ijgt/common/keycloak/node_modules/patternfly/dist/css/patternfly.min.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

176.9.154.250 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

prod.variiance.com

Software

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
Origin: https://sso.variiance.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:02 GMT
content-encoding: gzip
referrer-policy: no-referrer
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
transfer-encoding: chunked
content-type: application/octet-stream
cache-control: max-age=2592000
x-xss-protection: 1; mode=block

GET
H3 200 367341315356429 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 80ms
80ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/367341315356429?v=2.9.138&r=stable&domain=sso.variiance.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f1e679f773b8c933c57b4c626275e1dada696772d0282c6647fb7ebd8edc60b9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Nov 2023 00:23:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: PHZSqlqkyUe3W7emaTRyM3iCgtk2YB10kLRJwxt3FsfCtNWF92Lj+A3XQDCvib96gzudG+BrB8oAIG5RV1mXcA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 34ms
33ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG6KSTR

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 08 Nov 2023 23:51:32 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1891
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 09 Nov 2023 01:51:32 GMT

GET
H2 200 buqy0jonbx Show response
www.clarity.ms/tag/ 1018 B
1 KB 113ms
111ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/buqy0jonbx?ref=gtm2
Requested by: Host: payment.variiance.com
URL: https://payment.variiance.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 01099c1be822fd21779d0e6d084c71f08f577e332742f9d26ba95e2574ee7a15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

expires: -1
date: Thu, 09 Nov 2023 00:23:03 GMT
x-azure-ref: 20231109T002303Z-t2s0e0v3wt1hp73a576e1q2e2n000000009g000000016mza
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1018
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 9ms
8ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367341315356429&ev=PageView&dl=https%3A%2F%2Fsso.variiance.com%2Fauth%2Frealms%2FVariiance%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dpayment%26redirect_uri%3Dhttps%253A%252F%252Fpayment.variiance.com%252F%26state%3D73d4f73c-dfc4-48ce-b733-894665b6db80%26response_mode%3Dfragment%26response_type%3Dcode%26scope%3Dopenid%26nonce%3Dee89b788-4e01-44de-b4ec-74b8ee153c51&rl=https%3A%2F%2Fpayment.variiance.com%2F&if=false&ts=1699489383054&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699489382322.138459699&ler=other&it=1699489382960&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Nov 2023 00:23:03 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 15 B
35 B 40ms
39ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1995248556&t=pageview&_s=1&dl=https%3A%2F%2Fsso.variiance.com%2Fauth%2Frealms%2FVariiance%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dpayment%26redirect_uri%3Dhttps%253A%252F%252Fpayment.variiance.com%252F%26state%3D73d4f73c-dfc4-48ce-b733-894665b6db80%26response_mode%3Dfragment%26response_type%3Dcode%26scope%3Dopenid%26nonce%3Dee89b788-4e01-44de-b4ec-74b8ee153c51&dr=https%3A%2F%2Fpayment.variiance.com%2F&ul=en-us&de=UTF-8&dt=%D8%B3%D8%AC%D9%91%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84%20%D8%A5%D9%84%D9%89%20Variiance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAACAAI~&jid=1194849946&gjid=489800026&cid=1450468996.1699489383&tid=UA-213512131-10&_gid=1993521285.1699489383&_r=1&_slc=1&gtm=45He3b60n81NG6KSTRv854982040&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=990563156

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

c3bd918c5353c12bfcd6ba662a471138bd0dcad3ce69acdd12b8c0ad19e05d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 00:23:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sso.variiance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
81 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-709JN25HB5&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e0cbf70e70b3eef97518c3c7f7886a205282e654fe8d5b658082c4d161c2a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Nov 2023 00:23:03 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.16/ 59 KB
25 KB 17ms
17ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.16/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/buqy0jonbx?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 354142e53641e1e72a89609e46eff578e69d762290d65d84acaaf380751c20fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 00:23:03 GMT
content-encoding: br
last-modified: Wed, 08 Nov 2023 11:11:51 GMT
etag: W/"0x8DBE04B8283FFCB"
vary: Accept-Encoding
x-azure-ref: 20231109T002303Z-t2s0e0v3wt1hp73a576e1q2e2n000000009g000000016n07
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: fcd56e84-e01e-005e-5955-12c53b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

POST
H2 204 collect
region1.google-analytics.com/g/ 0
73 B 39ms
38ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-709JN25HB5&gtm=45je3b60v9123778499&_p=1699489382905&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1450468996.1699489383&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fsso.variiance.com%2Fauth%2Frealms%2FVariiance%2Fprotocol%2Fopenid-connect%2Fauth%3Fclient_id%3Dpayment%26redirect_uri%3Dhttps%253A%252F%252Fpayment.variiance.com%252F%26state%3D73d4f73c-dfc4-48ce-b733-894665b6db80%26response_mode%3Dfragment%26response_type%3Dcode%26scope%3Dopenid%26nonce%3Dee89b788-4e01-44de-b4ec-74b8ee153c51&dr=https%3A%2F%2Fpayment.variiance.com%2F&dt=%D8%B3%D8%AC%D9%91%D9%84%20%D8%A7%D9%84%D8%AF%D8%AE%D9%88%D9%84%20%D8%A5%D9%84%D9%89%20Variiance&sid=1699489383&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=464
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-709JN25HB5&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 00:23:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sso.variiance.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=1E9E24F512D1493A81811FAF93352270&RedC=c.clarity.ms&MXFR=2908AAEF9C1F6B6C0B37B92B981F65CA
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1E9E24F512D1493A81811FAF93352270&MUID=06C6C80C73516BC73953DBC872516A84

42 B
444 B

26ms
25ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1E9E24F512D1493A81811FAF93352270&MUID=06C6C80C73516BC73953DBC872516A84
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 00:23:02 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 00:23:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 066ECEFA679A40FF94CF8258C7409EF2 Ref B: FRAEDGE1915 Ref C: 2023-11-09T00:23:03Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=1E9E24F512D1493A81811FAF93352270&MUID=06C6C80C73516BC73953DBC872516A84
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
297 B 95ms
95ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.16/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://sso.variiance.com
Date: Thu, 09 Nov 2023 00:23:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.clarity.ms
URL: https://t.clarity.ms/collect

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JSSYWZXEEH&gtm=45je3b60v9125521526&_p=1699489382050&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1429658174.1699489382&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fpayment.variiance.com%2F&dt=Variiance%20Payment&sid=1699489382&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=857

Domain: analytics.tiktok.com
URL: https://analytics.tiktok.com/api/v2/pixel/act

Domain: c.clarity.ms
URL: https://c.clarity.ms/c.gif

Domain: t.clarity.ms
URL: https://t.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sso.variiance.com/auth/realms/Variiance/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: 605acfb0-3d32-46f0-bbdc-289acb30c094.vsso-8548f6c7d9-bn7x8
sso.variiance.com/auth/realms/Variiance/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: 605acfb0-3d32-46f0-bbdc-289acb30c094.vsso-8548f6c7d9-bn7x8
sso.variiance.com/auth/realms/Variiance/	1969-12-31 23:59:59	Name: KC_RESTART Value: eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI4N2Q5MzZiZi1hNjE4LTQzZGUtOGM2Yy1kN2JjN2QxZmUwNjcifQ.eyJjaWQiOiJwYXltZW50IiwicHR5Ijoib3BlbmlkLWNvbm5lY3QiLCJydXJpIjoiaHR0cHM6Ly9wYXltZW50LnZhcmlpYW5jZS5jb20vIiwiYWN0IjoiQVVUSEVOVElDQVRFIiwibm90ZXMiOnsic2NvcGUiOiJvcGVuaWQiLCJpc3MiOiJodHRwczovL3Nzby52YXJpaWFuY2UuY29tL2F1dGgvcmVhbG1zL1ZhcmlpYW5jZSIsInJlc3BvbnNlX3R5cGUiOiJjb2RlIiwicmVkaXJlY3RfdXJpIjoiaHR0cHM6Ly9wYXltZW50LnZhcmlpYW5jZS5jb20vIiwic3RhdGUiOiI3M2Q0ZjczYy1kZmM0LTQ4Y2UtYjczMy04OTQ2NjViNmRiODAiLCJub25jZSI6ImVlODliNzg4LTRlMDEtNDRkZS1iNGVjLTc0YjhlZTE1M2M1MSIsInJlc3BvbnNlX21vZGUiOiJmcmFnbWVudCJ9fQ.BQxuCwwJaqrP0hL-VnQyd2bL93Orn5N3eECmif6NuRA
payment.variiance.com/	1969-12-31 23:59:59	Name: 90efbe14bbd05c9ed2f9137b976091ae Value: d50ccec5fbfd8943d5fc3e7eb0f64db9
payment.variiance.com/	1969-12-31 23:59:59	Name: lang Value: eg
payment.variiance.com/	1969-12-31 23:59:59	Name: country Value: %D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%D8%A9
.tiktok.com/	1970-01-21 01:26:25	Name: _ttp Value: 2XuqbNjMgYX8wZJPNyAzyK4bzl7
.variiance.com/	1970-01-20 18:14:25	Name: _fbp Value: fb.1.1699489382322.138459699
www.clarity.ms/	1970-01-21 00:50:25	Name: CLID Value: 561e4adbf3c84a6fb7e96e9dd73cdb76.20231109.20241108
.variiance.com/	1970-01-21 01:26:25	Name: _tt_enable_cookie Value: 1
.variiance.com/	1970-01-21 01:26:25	Name: _ttp Value: WBcmPROR8Lq9OQOAF1vJPebskro
.payment.variiance.com/	1970-01-21 01:40:49	Name: _ga Value: GA1.3.1429658174.1699489382
.payment.variiance.com/	1970-01-20 16:06:15	Name: _gid Value: GA1.3.313675108.1699489382
.payment.variiance.com/	1970-01-20 16:04:49	Name: _gat_UA-213512131-6 Value: 1
.variiance.com/	1970-01-21 00:50:25	Name: _clck Value: 1bq1o3t\|2\|fgk\|0\|1408
sso.variiance.com/	1969-12-31 23:59:59	Name: c08cd1dd38dc7fdbd219ec59d1dda95d Value: 52c2af07e28fdc8e8df0a7dad898789c
.payment.variiance.com/	1970-01-21 01:40:49	Name: _ga_JSSYWZXEEH Value: GS1.3.1699489382.1.0.1699489382.0.0.0
variiance.com/	1969-12-31 23:59:59	Name: 27ae356b5c119e39982851a93771a375 Value: 54d12817e38320a5e76209b6b7bfffb3
vconnct.me/	1969-12-31 23:59:59	Name: 5e8fbd06820bafc5a9f3df498b8ebec5 Value: ef7875481102f7ff22b7ffcf3123f302
.sso.variiance.com/	1970-01-21 01:40:49	Name: _ga Value: GA1.3.1450468996.1699489383
.sso.variiance.com/	1970-01-20 16:06:15	Name: _gid Value: GA1.3.1993521285.1699489383
.sso.variiance.com/	1970-01-20 16:04:49	Name: _gat_UA-213512131-10 Value: 1
.sso.variiance.com/	1970-01-21 01:40:49	Name: _ga_709JN25HB5 Value: GS1.3.1699489383.1.0.1699489383.0.0.0
.bing.com/	1970-01-21 01:26:25	Name: MUID Value: 06C6C80C73516BC73953DBC872516A84
.c.bing.com/	1970-01-20 16:14:54	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:26:25	Name: SRM_B Value: 06C6C80C73516BC73953DBC872516A84
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:26:25	Name: MUID Value: 06C6C80C73516BC73953DBC872516A84
.c.clarity.ms/	1970-01-20 16:14:54	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:04:49	Name: ANONCHK Value: 0
.variiance.com/	1970-01-20 16:06:15	Name: _clsk Value: hpb6hp\|1699489383351\|1\|1\|t.clarity.ms/collect

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
c.bing.com
c.clarity.ms
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
payment.variiance.com
region1.google-analytics.com
sso.variiance.com
t.clarity.ms
unpkg.com
variiance.com
vconnct.me
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
analytics.tiktok.com
c.clarity.ms
region1.google-analytics.com
t.clarity.ms
176.9.154.250
20.114.189.70
2001:4860:4802:32::36
2001:4860:4802:34::178
2606:4700::6810:7daf
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:813::2008
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
68.219.88.97
95.101.75.153
01099c1be822fd21779d0e6d084c71f08f577e332742f9d26ba95e2574ee7a15
10bf61292ef28e6730f45097ee9ccd4832714536d99701129173d78e9d40b679
1a259ee848897dd596a2868b77bd3ac328fb8a6d39064429d914bea39738289f
20ae6a4a7d0d0a5cf52120dea92dcfc64fe95a1aa230399bbbeef27d2e5fe074
225ccd838ddbc157cb9c7c7acde5359f575d4d7f8aedef2ee9d62fc4741c2c20
235cd24ffeaae585683b33d74c1a36788bb958020d5ea117426d3fd26bb7716f
24624efccd154c33cbd781fd0b266bfbc1460704f1c76ac6c648c6cb4f44d244
2a006d9c6e08e8bdfb18fd01b346fb42f33bd84a2d407b6ed12068b8ec1d4406
2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e
2a765f666a686821e3e144abd003dafd3d7409325222fc9fd2664164f833795b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b6bcc6b496e0a2ad82db42f169391a712beb72d8ced724f0a9d3912f3cce2b5
2fae66c2e7d04f04329fb23bcaf4ec5d67928fae7f2690111b968905f4eee351
32c2be5b67520df66590e06e4666bd433fd1f49ea410d9b3b16558b61bbea04c
354142e53641e1e72a89609e46eff578e69d762290d65d84acaaf380751c20fa
37001dcbfa631ba0bec6e5ea46e5c43206f54909786ac129d8ca4eae2966fda4
372cf2a56317b336acbd1e0a8f284ecf11c8c0268840f3ddf8af2da54d2bfc95
378537886f5aa8b2412d4be9dfadeb36420b667ac04e7b45988f84b0af79e6fa
38f57a9833dde172f48a5d3294357b7cdde64c6ad734ad59261e2c4246e4dd40
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4463859a03781a39d6094bae53cf11ff2f36fa2dd84e368a0201201d7049508b
4873060989924f8e92a321a0a38611ffd0252b5bdfddf7fce00abdc8ae2176a3
49eba100966f3f939555da59f0fc56f47a98195fe4fb3b4ea31c96ef1758d4a7
4eafd1eb43de86362e510cefbe94652d52ef4ff1cb3f234e9a5a71941d633eb8
52a5ab7ae341d575fbd5c5d2854373a9dd5fa9e8041d7622f707d36cc2fcffec
64b4a14f5941afa3b88f6bfbb45a10cf336a7ac22042eee8240d2b6b5d0d48aa
64bec704a1f8d3634f4bdf094e7a634ace978d9a858feb6252174a7bcf5302de
6b5a1116fedf74e888369da43f27b4ea6e21a7c5b3e3dde3227da6c21a2ef67c
6e0cbf70e70b3eef97518c3c7f7886a205282e654fe8d5b658082c4d161c2a4f
73f14a65842e6197172abcf1b69733c52a76895bf8c8383136c51816fa748cfc
75e71db96a17fcba01ea348f496e010c1311dd75207fc513260abde5e38965b3
81d5057a5bfc9c5b0fbbf5314433dad3bfce537c754cfcbf701dae78e59164cd
84c1c700d49864ad48b17353c76a0a371cb7786d0b6d298ccd0ee13894aa7633
84f5cd14a91b17bb6971432f4d80552d09aab08551d748354e3f4ec225ce99a2
8b7ed8830fdff4c14d92759486276bde5e8c942a76b8b4087db135950a672ad7
8e08d6c979c3b89f8735ddec57645eea1633c985de66818d1c9d7a2478bcbd32
97220929563be59838cf28c0815a3f6468e0b28c66f820a0e96eb84e275c2660
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a659ee7e473fd975cce149f496aba9a5f1611d34a3aabd6db4071802cccb1dfc
a7b9c6068202fcb449cd7c7294274f9eeb880747ac07474f085eb32a30de5753
acb255de3945454dfc45b4becf811efb182d3fbd67b784e0f9dd4e4c69a7264c
aef2ee595f506315b93b2bf2f5b80ff9fd98513bd61b3004f0e569ec66366c1c
c08be306478c5345847db8c2bfb9bd84a74a3a115acb50a3012fa12a863c4423
c3bd918c5353c12bfcd6ba662a471138bd0dcad3ce69acdd12b8c0ad19e05d66
c4fef6c6de60e5c8095cabc8192cef32fe74c0606310cd62e6fe44cb43f3e1e3
c8b72532f62a67889afcd26f718c2f6fb076407fc38f0d1f880457db7aa96408
cdc1e3942c56dfbe1202ef2478070900336bea48ca198a4771df8011d849b868
d8d085dfbe230e079ae04b8c5766407d36147b584e9335f3e2423bf73bd46f20
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1e679f773b8c933c57b4c626275e1dada696772d0282c6647fb7ebd8edc60b9
f7661d1a75211ff7ad1519bbd597712444bc87719ab1dcd406d6afbeca248200

sso.variiance.com Open in urlscan Pro 176.9.154.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

61 %HTTPS

71 %IPv6

12 Domains

17 Subdomains

14 IPs

4 Countries

2241 kBTransfer

7258 kBSize

31 Cookies

1 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sso.variiance.com Open in urlscan Pro
176.9.154.250 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

61 %
HTTPS

71 %
IPv6

12
Domains

17
Subdomains

14
IPs

4
Countries

2241 kB
Transfer

7258 kB
Size

31
Cookies

70 HTTP transactions
0 data transactions