urlscan.io logo urlscan.io
SecurityTrails logo

client.sacredbusinessflow.com Open in urlscan Pro
159.89.51.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://client.sacredbusinessflow.com/
Effective URL: https://client.sacredbusinessflow.com/login
Submission: On November 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 12 domains to perform 50 HTTP transactions. The main IP is 159.89.51.42, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is client.sacredbusinessflow.com.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.
This is the only time client.sacredbusinessflow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 159.89.51.42 14061 (DIGITALOC...)
1 13.32.121.84 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
8 2606:4700:440... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
8 99.86.4.99 16509 (AMAZON-02)
3 67.205.189.57 14061 (DIGITALOC...)
1 18.66.97.53 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 54.186.23.98 16509 (AMAZON-02)
1 13.227.219.28 16509 (AMAZON-02)
4 54.187.119.242 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
1 18.66.112.15 16509 (AMAZON-02)
1 44.228.215.240 16509 (AMAZON-02)
50 17
4    159.89.51.42 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
client.sacredbusinessflow.com
1    13.32.121.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-84.fra60.r.cloudfront.net
script.tapfiliate.com
1    2600:9000:225e:6400:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)
r.wdfl.co
8    2606:4700:4400::6812:21b8 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.upcoach.com
3    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
4    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
8    99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net
js.stripe.com
3    67.205.189.57 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
wa.upcoach.com
1    18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
static.hotjar.com
4    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
1    13.227.219.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-28.ams54.r.cloudfront.net
script.hotjar.com
4    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
r.stripe.com
2    2600:9000:206f:5a00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net
vc.hotjar.io
1    44.228.215.240 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-215-240.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
17 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1287
q.stripe.com — Cisco Umbrella Rank: 7148
r.stripe.com — Cisco Umbrella Rank: 3546
m.stripe.com — Cisco Umbrella Rank: 1249
418 KB
11 upcoach.com
cdn.upcoach.com
wa.upcoach.com
451 KB
4 gstatic.com
fonts.gstatic.com
94 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
40 KB
4 sacredbusinessflow.com
client.sacredbusinessflow.com
50 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1354
16 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727
script.hotjar.com — Cisco Umbrella Rank: 901
60 KB
2 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1492
ka-p.fontawesome.com — Cisco Umbrella Rank: 3445
58 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2687
259 B
1 wdfl.co
r.wdfl.co — Cisco Umbrella Rank: 27316
5 KB
1 tapfiliate.com
script.tapfiliate.com — Cisco Umbrella Rank: 33924
4 KB
50 12
Domain Requested by
8 js.stripe.com client.sacredbusinessflow.com
js.stripe.com
8 cdn.upcoach.com client.sacredbusinessflow.com
4 r.stripe.com js.stripe.com
4 q.stripe.com client.sacredbusinessflow.com
4 fonts.gstatic.com fonts.googleapis.com
4 cdn.jsdelivr.net client.sacredbusinessflow.com
4 client.sacredbusinessflow.com 2 redirects client.sacredbusinessflow.com
3 wa.upcoach.com client.sacredbusinessflow.com
wa.upcoach.com
3 fonts.googleapis.com client.sacredbusinessflow.com
2 m.stripe.network js.stripe.com
m.stripe.network
1 m.stripe.com m.stripe.network
1 vc.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com client.sacredbusinessflow.com
1 ka-p.fontawesome.com kit.fontawesome.com
1 kit.fontawesome.com client.sacredbusinessflow.com
1 r.wdfl.co client.sacredbusinessflow.com
1 script.tapfiliate.com client.sacredbusinessflow.com
50 18

This site contains no links.

Subject Issuer Validity Valid
client.sacredbusinessflow.com
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
backend.tapfiliate.com
Amazon RSA 2048 M01		 2023-10-04 -
2024-11-02		 a year crt.sh
r.wdfl.co
Amazon RSA 2048 M03		 2023-09-02 -
2024-09-30		 a year crt.sh
upcoach.com
E1		 2023-11-03 -
2024-02-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
wa.upcoach.com
R3		 2023-09-27 -
2023-12-26		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://client.sacredbusinessflow.com/login
Frame ID: 69E086B8BF5C4B728161782A962DAAA1
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
Frame ID: 67E5F3CE2AF7346A9CB34FC12F3C4AE8
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 0BA849A24EE1873953449637332D84D3
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: AE33C878F13E74E68885013A893D8ADB
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sacred Business Flow

Page URL History Show full URLs

  1. https://client.sacredbusinessflow.com/ HTTP 302
    https://client.sacredbusinessflow.com/home HTTP 302
    https://client.sacredbusinessflow.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • livewire(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

50
Requests

100 %
HTTPS

41 %
IPv6

12
Domains

18
Subdomains

17
IPs

2
Countries

1197 kB
Transfer

5778 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://client.sacredbusinessflow.com/ HTTP 302
    https://client.sacredbusinessflow.com/home HTTP 302
    https://client.sacredbusinessflow.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
client.sacredbusinessflow.com/
Redirect Chain
  • https://client.sacredbusinessflow.com/
  • https://client.sacredbusinessflow.com/home
  • https://client.sacredbusinessflow.com/login
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.51.42 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy nginx/1.22.1 /
Resource Hash
cbf7a6b85c6deafe7fed06f4909aceb35467364ddd2e5f81e505bf73723e970d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:10:51 GMT
server
Caddy nginx/1.22.1
service-worker-allowed
/habits/mobile
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-up-cdproxy-server
custom-domain-proxy-1
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 23:10:51 GMT
location
https://client.sacredbusinessflow.com/login
server
Caddy nginx/1.22.1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-up-cdproxy-server
custom-domain-proxy-1
x-xss-protection
1; mode=block
tapfiliate.js
script.tapfiliate.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.tapfiliate.com/tapfiliate.js
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-84.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44798a517a7c8d28c1e371a1b8b869bae1608bd48df7ed50800cbed8703612c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 08:05:24 GMT
content-encoding
br
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 12:34:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
54328
etag
W/"ddbb39a9e8e67d5067145f8aa76b938d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
VPFAANKwzJ_dKcHwmTH7sh-d4LhrRQiBS9inEkriiYaW2KLawFSVgA==
rw.js
r.wdfl.co/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.wdfl.co/rw.js
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6400:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db68929956fdf19f3c4ee31053627a223e7eabefa3f49527d27477f873fea682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 22:15:55 GMT
content-encoding
gzip
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
last-modified
Sat, 18 Nov 2023 08:15:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
3297
x-amz-server-side-encryption
AES256
etag
W/"f39a8fdc07ea414b5d364e26cf975f3e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
f91U_ws4Cbyhn5xNm8yyRBXmvV17kCOAezzXIVA7YMiZLcIKOi405w==
app.js
cdn.upcoach.com/public_assets/js/ 		357 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.upcoach.com/public_assets/js/app.js?id=eb68b676071f3612fb4c548244d124e3
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d84f9fa5fb58ed282776a3c433a45eafc566ba47711fc061ff8b6dcc4df688a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000000000000060fe73f4-006557cf48-4d33653d-nyc3b
age
91362
x-envoy-upstream-healthchecked-cluster
last-modified
Fri, 17 Nov 2023 10:47:05 GMT
server
cloudflare
etag
W/"eb68b676071f3612fb4c548244d124e3"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript
x-do-cdn-uuid
ce1b2e3c-2b94-40cb-aa67-074dab242ea1
x-rgw-object-type
Normal
cache-control
max-age=604800
cf-ray
8283e3a4fb8f18e4-FRA
trix.css
cdn.upcoach.com/public_assets/vendor/trix/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.upcoach.com/public_assets/vendor/trix/trix.css
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a154158a5f69f18e09dbbeec2aecbae8c0b7e202a7d3ff7562b067903f75c82
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000000000000060ff44f2-006557cf48-4d303663-nyc3b
age
91362
x-envoy-upstream-healthchecked-cluster
last-modified
Fri, 17 Nov 2023 10:47:06 GMT
server
cloudflare
etag
W/"a9ce1b76f66b146d5cbba7aea6e870cf"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/css
x-do-cdn-uuid
ce1b2e3c-2b94-40cb-aa67-074dab242ea1
x-rgw-object-type
Normal
cache-control
max-age=604800
cf-ray
8283e3a4fb8918e4-FRA
trix.js
cdn.upcoach.com/public_assets/vendor/trix/ 		221 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.upcoach.com/public_assets/vendor/trix/trix.js
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df5d2930446e54ced5654760885ded3e7086ca55d4011d900ad37ab2c7a2f7ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000000000000060fe7dc9-006557cf48-4cff3ece-nyc3b
age
91362
x-envoy-upstream-healthchecked-cluster
last-modified
Fri, 17 Nov 2023 10:47:07 GMT
server
cloudflare
etag
W/"be6741f33795fe52d12cf97b35e37797"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript
x-do-cdn-uuid
ce1b2e3c-2b94-40cb-aa67-074dab242ea1
x-rgw-object-type
Normal
cache-control
max-age=604800
cf-ray
8283e3a4fb8e18e4-FRA
cropper.css
cdn.upcoach.com/public_assets/vendor/cropperjs/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.upcoach.com/public_assets/vendor/cropperjs/cropper.css
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
662dda311d4f6cc6bdbf05843b7b55bd0d391e7ade25383c3a291f4c5899758d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000000000000060fe73f5-006557cf48-4d33653d-nyc3b
age
91362
x-envoy-upstream-healthchecked-cluster
last-modified
Fri, 17 Nov 2023 10:47:08 GMT
server
cloudflare
etag
W/"34885bebf21f14f01c1829be7f412376"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/css
x-do-cdn-uuid
ce1b2e3c-2b94-40cb-aa67-074dab242ea1
x-rgw-object-type
Normal
cache-control
max-age=604800
cf-ray
8283e3a4fb8d18e4-FRA
cropper.js
cdn.upcoach.com/public_assets/vendor/cropperjs/ 		111 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.upcoach.com/public_assets/vendor/cropperjs/cropper.js
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47dfda36ba083ef89533556e2b2bcb4f8418002a9e675c3edfd00cc23515d527
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000000000000060fe7dca-006557cf48-4cff3ece-nyc3b
age
91362
x-envoy-upstream-healthchecked-cluster
last-modified
Fri, 17 Nov 2023 10:47:09 GMT
server
cloudflare
etag
W/"7e3f56e540ee7c329eb280acff065738"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/javascript
x-do-cdn-uuid
ce1b2e3c-2b94-40cb-aa67-074dab242ea1
x-rgw-object-type
Normal
cache-control
max-age=604800
cf-ray
8283e3a4fb9018e4-FRA
css
fonts.googleapis.com/ 		4 KB
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:400,500&display=swap&subset=latin-ext
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
659f048fbcf432896aa1068a4eaf8f33392ce7a148eadc3e676afbf8536dc763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 18 Nov 2023 23:10:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 23:10:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Nov 2023 23:10:51 GMT
css2
fonts.googleapis.com/ 		4 KB
679 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat+Alternates:wght@700;800&display=swap
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f65570a765a4b23b1647913b4fa6cb44fc5d036847d8a01f246d807d51cc37b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 18 Nov 2023 23:10:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 23:10:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Nov 2023 23:10:51 GMT
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 18 Nov 2023 23:10:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 21:28:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Nov 2023 23:10:51 GMT
c5eb441150.js
kit.fontawesome.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/c5eb441150.js
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f51d9393c53029ade3ddb5824637f86918b2de59627805f0232ffc9c54d442

Request headers

Referer
https://client.sacredbusinessflow.com/
Origin
https://client.sacredbusinessflow.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:52 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8283e3a4dcbd1d9c-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F5jadDlBQnVVnySZqpBh
app.css
cdn.upcoach.com/public_assets/css/ 		2 MB
200 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.upcoach.com/public_assets/css/app.css?id=e71a594c6dd36873e2303b0ab5400973
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e18ffe652933feeb7447562a240c844f7f6e85049e00c187d9ae35be567077d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000000000000060ffebbe-006557d035-4d3039d8-nyc3b
age
91362
x-envoy-upstream-healthchecked-cluster
last-modified
Fri, 17 Nov 2023 10:47:05 GMT
server
cloudflare
etag
W/"e71a594c6dd36873e2303b0ab5400973"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/css
x-do-cdn-uuid
ce1b2e3c-2b94-40cb-aa67-074dab242ea1
x-rgw-object-type
Normal
cache-control
max-age=604800
cf-ray
8283e3a4fb8a18e4-FRA
admin.css
cdn.upcoach.com/public_assets/css/ 		900 B
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.upcoach.com/public_assets/css/admin.css?id=d3d752f17fc06b06ad9a7b0122403d30
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
313b78e7fc0d1d219065b3ad96df0804c56b173b41965efd16e19ffdb4ce97a6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
tx000000000000060fe7dcb-006557cf48-4cff3ece-nyc3b
age
91362
x-envoy-upstream-healthchecked-cluster
last-modified
Fri, 17 Nov 2023 10:47:04 GMT
server
cloudflare
etag
W/"d3d752f17fc06b06ad9a7b0122403d30"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/css
x-do-cdn-uuid
ce1b2e3c-2b94-40cb-aa67-074dab242ea1
x-rgw-object-type
Normal
cache-control
max-age=604800
cf-ray
8283e3a4fb8c18e4-FRA
pikaday.css
cdn.jsdelivr.net/npm/pikaday/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/pikaday/css/pikaday.css
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c1e90dad6a7cf7aea83622e85032b766db7470604ea348dfa966cdf443bc7b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15586
x-jsd-version
1.8.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230107-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"1144-lmZWiNEnny3m2IZB7OGs5gx2b+k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIeoKrzGlmnAVWzNhnlH8fQJlBUhsnDuy6%2FXMCZP6D%2FuitpD9Glshxyd92%2B1Yr0hw%2FCMCKbQTeM5OZ0mwYDcs66dwrzIgqeOXoOv0KxfQEPGkrIfCei9K080AgJsH%2BrohXfuN9aVqBez2T69d4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8283e3a4dd519028-FRA
livewire.js
client.sacredbusinessflow.com/vendor/livewire/ 		171 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.sacredbusinessflow.com/vendor/livewire/livewire.js?id=90730a3b0e7144480175
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.51.42 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy, nginx/1.22.1 /
Resource Hash
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Nov 2023 10:48:00 GMT
server
Caddy, nginx/1.22.1
etag
W/"655744e0-2aae3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
x-up-cdproxy-server
custom-domain-proxy-1
livewire-sortable.js
cdn.jsdelivr.net/gh/livewire/sortable@v0.x.x/dist/ 		50 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/livewire/sortable@v0.x.x/dist/livewire-sortable.js
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a6f5f134dcd3c56845711d8376d255dd1dd613375f173561f8d88be9302aa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26084
x-jsd-version
0.2.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230054-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"c9f3-SnmQ2DsurEPhZ+LvEUTYMNqe2BQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PG833N7XFx8rXcFOPkBs%2FP4erKOGohfWc9rXUoVLxtuWpC4y6PEn%2BTAHfEjWj9NxSzFhdWEbbwIPbIwzdzUdA5JhwlTrZl7W52Mj7L0%2B3T17JdFS%2BTAzrwHKTwdf7GoCHe8UJAgg55ri9rp7kFo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8283e3a4dd529028-FRA
alpine.js
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.4.1/dist/ 		68 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.4.1/dist/alpine.js
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a35fc7f0a0718cb3516843602c8824eadc665daf52f4c62cc3111a66c33f1226
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
627824
x-jsd-version
2.4.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230067-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"10eb8-wGBe9E9vkY2XJHNwk3P/2xW1xUU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUFRhWU9t37cvS1UOi1Kjim1MGGXLBz8jR%2B2yhu9xCCnyhZ9B4oaSputg8cW%2BlQLwHZXij5%2FWKmHPsbbbs2QJMjlfdlEFijuldOhcYlbWAfWa1F07EvlBeUjZp7XVCUB8RtRM6NUjk2zwOpcM3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8283e3a64e089028-FRA
pikaday.js
cdn.jsdelivr.net/npm/pikaday/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/pikaday/pikaday.js
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ed889b78e8e965ae782fac78b03f0ae2fe49a130f4b1a85391e535cc984a1ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18856
x-jsd-version
1.8.2
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230052-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"a630-vxM2xi2w0jCxQo2oniAgndqFyt0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PB4w%2FvTgH108j7XBtaScKUW5EaNPAoEd3fduRwoahRIFMcm0HCKVkald4hhNlDHif7kuFEPvc%2F1pZgBbJ1k5G%2FX8ZaAfOsPFk0BbqERrttqG3fcUUs7K652Xjt6AkWjPKIXZbcnFixvKsC1n2rU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8283e3a4dd539028-FRA
/
js.stripe.com/v3/ 		556 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:46 GMT
content-encoding
br
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
6
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:38:13 GMT
server
Cloudfront
etag
W/"b2cc65458b2c4ec73e91a4fb930e6217"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
1j02EYIaOpCpV66xHFBJifEe6ZuspkAIjkvfURjivTppqblReLcq1Q==
plausible.js
wa.upcoach.com/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wa.upcoach.com/js/plausible.js
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.205.189.57 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:10:52 GMT
x-content-type-options
nosniff
Server
nginx/1.22.1
X-Cache
MISS
Content-Type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
1332
script.exclusions.js
wa.upcoach.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wa.upcoach.com/js/script.exclusions.js
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.205.189.57 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
a3e927df40bc67e41f4bf2e116c07bed8b2edeb9a25a07162b9cf3afdd9afbc6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 23:10:52 GMT
x-content-type-options
nosniff
Server
nginx/1.22.1
Content-Type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
1565
wuWHuaG8NrI3D4JL7afjDMSYC99ScQAA3mzSex3d.png
cdn.upcoach.com/organizations/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.upcoach.com/organizations/wuWHuaG8NrI3D4JL7afjDMSYC99ScQAA3mzSex3d.png
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aba7755ad4c7149b39f80b7b0d8f9f364f04d8274554f8825a2b49d3e492caf8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
x-amz-request-id
tx000000000000061fc9b64-006558eef5-4d3039d8-nyc3b
x-envoy-upstream-healthchecked-cluster
content-length
73201
last-modified
Sun, 24 Sep 2023 16:37:10 GMT
server
cloudflare
etag
"033fba7e173c29a6feeb176df1913984"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-do-cdn-uuid
ce1b2e3c-2b94-40cb-aa67-074dab242ea1
x-rgw-object-type
Normal
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
8283e3a4fb9418e4-FRA
pro.min.css
ka-p.fontawesome.com/releases/v5.15.4/css/ 		315 KB
53 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=c5eb441150
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c5eb441150.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:52 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
"610ae215-d3b2"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8283e3a7becc1d9c-FRA
content-length
54194
controller-3132e16734973ccb58066950185c0af5.html
js.stripe.com/v3/ Frame 67E5 		325 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
43930e37bce5cf2bdc0406301b3170eb11dd357514ceae95a703a0fe034aaae1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://client.sacredbusinessflow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
21
cache-control
max-age=60
content-length
325
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:10:33 GMT
etag
"3132e16734973ccb58066950185c0af5"
last-modified
Fri, 17 Nov 2023 21:03:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-id
lFQEkV-w2n7yow-q8eGbVVDA7hYqYa674MMjG8woZXB-6s22YAqrgQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hotjar-2311321.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2311321.js?sv=6
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
9208af0d255de90ca2e378584491b43790c3b8864656771aba1f124c4695b0ea
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:52 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/25992af2909b16de02a22fb7fc94ef18
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
4uwEqJAxmBbjFt3LKIlrlt4z-qzTmzRVwmYopULjHfGsdrUVoHroiw==
mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xTIHFB7xG.woff2
fonts.gstatic.com/s/montserratalternates/v17/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserratalternates/v17/mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xTIHFB7xG.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat+Alternates:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70a6381708a85df53da33a718284ae26f79b0b6ab980a08bb32df3c28896f466
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://client.sacredbusinessflow.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 02:27:49 GMT
x-content-type-options
nosniff
age
74583
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20460
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 02:27:49 GMT
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,500&display=swap&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://client.sacredbusinessflow.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:01:58 GMT
x-content-type-options
nosniff
age
266934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35448
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 21:01:58 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://client.sacredbusinessflow.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 01:43:43 GMT
x-content-type-options
nosniff
age
77229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 01:43:43 GMT
mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xUILFB7xG.woff2
fonts.gstatic.com/s/montserratalternates/v17/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserratalternates/v17/mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xUILFB7xG.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat+Alternates:wght@700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05310548a7b194d49ef3df5f58787d39dd53930f140ef2d649642562d5f000bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://client.sacredbusinessflow.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 19:22:47 GMT
x-content-type-options
nosniff
age
100085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20480
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:45:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 19:22:47 GMT
shared-7cc701e41de11d39c80345b2a8d3fc73.js
js.stripe.com/v3/fingerprinted/js/ Frame 67E5 		534 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
21e0577bdef99274f85366c05b4ed596183789bb3fff63766b84ecae349de050
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:05:21 GMT
content-encoding
br
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
335
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:03:17 GMT
server
Cloudfront
etag
W/"53769739a53ea437a208dabadb1a17b1"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
giFvJlVA3X4L4Y8UPyeF4A7slEwX6zsiyzPRRyrzT_cs1zY6HFjfTw==
controller-d2b86c303c66a70842cb3c54e2f4456f.js
js.stripe.com/v3/fingerprinted/js/ Frame 67E5 		663 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-d2b86c303c66a70842cb3c54e2f4456f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0e2b6ca8941a2593894d63df4a7d687339e3be2dcd891b3f21f22441df2b23d4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 22:48:35 GMT
content-encoding
br
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
1339
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
last-modified
Fri, 17 Nov 2023 21:03:14 GMT
server
Cloudfront
etag
W/"5d94d4fa99a156ddc3ebe1357bee1d9a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
wcDiU-Kjbu2KCnqMFTITjpnFKXYv1_BI_KlWeLdo5j4cvMc5qOJAxA==
csp-report
q.stripe.com/ Frame 67E5 		0
718 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 18 Nov 2023 23:10:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700349052730246
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1700349052729876
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 67E5 		474 B
865 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
879e5a20d16b6c5edeb74bd6ed1123fa8b57d8ae884e4e91b9bf968c6f7bcdfd

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 18 Nov 2023 23:10:43 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified
Fri, 17 Nov 2023 21:38:14 GMT
server
Cloudfront
age
10
x-amz-cf-pop
FRA6-C1
etag
"fff34dce28f81b9d8afc4b96ff54fb36"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
rWl3QAipED2pxQhY9hJcPAl6VknVeicGwAHQWicXaIAuCVSaXRFgcw==
.deploy_status_henson.json
js.stripe.com/v3/ Frame 67E5 		474 B
864 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
879e5a20d16b6c5edeb74bd6ed1123fa8b57d8ae884e4e91b9bf968c6f7bcdfd

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 18 Nov 2023 23:10:43 GMT
via
1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified
Fri, 17 Nov 2023 21:38:14 GMT
server
Cloudfront
age
10
x-amz-cf-pop
FRA6-C1
etag
"fff34dce28f81b9d8afc4b96ff54fb36"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
content-length
474
x-amz-cf-id
PxCPypqomF5sHA3EtjOYDJ8BDSoqWcr9e4yCKX-EslQZyCcs-XEptA==
event
wa.upcoach.com/api/ 		2 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wa.upcoach.com/api/event
Requested by
Host: wa.upcoach.com
URL: https://wa.upcoach.com/js/plausible.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
67.205.189.57 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://client.sacredbusinessflow.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 18 Nov 2023 23:10:52 GMT
Server
nginx/1.22.1
Content-Type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
2
x-request-id
F5jadFrm06zF7IwBrX8S
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 0BA8 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://client.sacredbusinessflow.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1793
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 22:41:06 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 10 Nov 2023 21:04:42 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-id
AX6lLXPuRLlbUG6PAd0iMGaUunrMJ21ITqJuY9MPJpPzp7hrx4IlHQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
modules.78e2d84033035343416f.js
script.hotjar.com/ 		225 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.78e2d84033035343416f.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2311321.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-28.ams54.r.cloudfront.net
Software
/
Resource Hash
d41871d2894dc875d0dad73822efe7d3d43c459d53dde0e0d2006cd5c7427e75
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 13:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 2dc050ab05a5052054de7d000d6c5f50.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
208246
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
57067
last-modified
Thu, 16 Nov 2023 13:19:14 GMT
etag
"7b69405e970c278e52f057627811a838"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
TaR_JuNav0T6bR5VWHvz-CBw034qnRdmJ-6JvmB_3tAKD-LPZzus6Q==
0
r.stripe.com/ Frame 67E5 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 18 Nov 2023 23:10:52 GMT
x-stripe-server-envoy-start-time-us
1700349052892286
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700349052891954
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 67E5 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 18 Nov 2023 23:10:52 GMT
x-stripe-server-envoy-start-time-us
1700349052892583
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1700349052891993
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame 67E5 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 18 Nov 2023 23:10:52 GMT
x-stripe-server-envoy-start-time-us
1700349052892425
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700349052892055
access-control-allow-credentials
true
content-length
0
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 0BA8 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-99.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 22:12:43 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
3494
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
content-length
631
last-modified
Fri, 10 Nov 2023 21:04:40 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
UH2qaNs-p7RvR_RgUPUBtwLai7SLOI9JI73Ga0-GYGPZJgw3_gN_VQ==
csp-report
q.stripe.com/ Frame 0BA8 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 18 Nov 2023 23:10:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700349052730390
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1700349052729921
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 0BA8 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 18 Nov 2023 23:10:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700349052730292
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1700349052729896
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame AE33 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
239
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 23:06:54 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-id
RYT1q_xKZN7F2tyxg1CSnO88N3mBIB6c5gBZnaPS8Rj1GWh68kKMgw==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
2311321
vc.hotjar.io/sessions/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2311321?s=0.25&r=0.22341708160623863
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.78e2d84033035343416f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-15.fra56.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.sacredbusinessflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:10:52 GMT
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
1mNOhjO6KaYjrcywYXiLW8ECljyxIdNZghqgcEdmplV-g5WYTpFfMA==
csp-report
q.stripe.com/ Frame AE33 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: client.sacredbusinessflow.com
URL: https://client.sacredbusinessflow.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 18 Nov 2023 23:10:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700349052730778
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1700349052729968
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame AE33 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 23:08:54 GMT
content-encoding
br
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
119
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA56-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
fxdJbYONoez6wMQ-KtbI2WGWWNmmvLW7ACUNgvpcpb-fR2AFiLYvGQ==
6
m.stripe.com/ Frame AE33 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.228.215.240 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-228-215-240.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b657f41d44fd993f51e0c98e17a6c90a026ba95582678227dfe514be6a1825c1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 18 Nov 2023 23:10:53 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700349053071958
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1700349053071372
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
0
r.stripe.com/ Frame 67E5 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 18 Nov 2023 23:10:53 GMT
x-stripe-server-envoy-start-time-us
1700349053064286
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1700349053063797
access-control-allow-credentials
true
content-length
0

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture string| TapfiliateObject function| tap string| _rwq function| rewardful string| PUSHER_APP_KEY string| PUSHER_APP_CLUSTER object| urlParams boolean| _rewardful_loaded function| Rewardful object| webpackChunk function| _ function| Popper function| axios function| Pusher object| Echo function| openModal function| closeModal function| copyToClipboard function| setUrlQueryParameters object| modals function| alpineModal function| alpineCroppie function| alpinePikaday object| Trix function| Cropper object| FontAwesomeKitConfig object| Livewire object| livewire string| livewire_app_url string| livewire_token function| deferLoadingAlpine function| Pikaday object| webpackChunkStripeJSouter function| noop function| Stripe function| plausible function| hj object| _hjSettings object| Alpine object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules

11 Cookies

Domain/Path Name / Value
.client.sacredbusinessflow.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlVMRUxGSjgxMlpaWTdUOVl5MExQcEE9PSIsInZhbHVlIjoiVUNKMWt1bVBDYWNuMWNEQ3RxK2hWT1NJaWtwTnN5WWE1ZXVBUFNiYVhpTFRxbXhTdXBtbEx3QzdaU2crbDJLMk12Z1krbEFJT2Z0dHFlZ2NqZnF5Q1J2MUF0cWdJMHRMUk8yRVZGQ01VcFVzVkdjWmR5emxJMVRvSHZGb3R4YnIiLCJtYWMiOiJkMDUxODVkNWI1OWM3NzQxZTRmN2JhN2FjN2I3MzQ4NmUyYTdmMmEzYTVlNGY2YjI5OWJmZDQ5MTRiMjZlYWYwIiwidGFnIjoiIn0%3D
.client.sacredbusinessflow.com/ Name: upcoach_session
Value: eyJpdiI6InhUVUwvdm5zWjY2b1JoKy9ITlhhSEE9PSIsInZhbHVlIjoidnA0Rk1CdWYycWdCNng0M2tqaUVFU1hhNzIvZ05kSytna1NBNklwK3dEbDgxdklOTlIzQVMxRWJNMEdoZzhTb3cxbGJlK3VPRzYyU0JUYVpZanc0Nnp0a3g3VTNmVkxNMkduVWFiWWYwVFFmTHhIQ0ZEVXZWVFZZUUdmcFdJRDEiLCJtYWMiOiJkODQzMjc1ZTg5ZGFhYzE1NTcxMzAzYmFkZjA1YmU0ODM5MDc1NGZmMWM5MWQ0ZjBiMzkxYWYwOTlmMjg0MGU4IiwidGFnIjoiIn0%3D
.cdn.upcoach.com/ Name: __cf_bm
Value: 4bwrR_srgXo7ph6e0jUom8mrU.CgC08pnAXfYqXRRAY-1700349051-0-AX2qg2DzUkjNHLK8qD5chUDdcsw8E3lDsLUQCnrQ9vjTRiroCh63WFsDfSCluZWKtyMSN05xmiKXUTAHbgg3GVk=
.sacredbusinessflow.com/ Name: _hjSessionUser_2311321
Value: eyJpZCI6ImY5MDdhY2ZiLTdmZGYtNWUyYi04NGRlLWU3YWFiZGU3MzBhYiIsImNyZWF0ZWQiOjE3MDAzNDkwNTI1NDEsImV4aXN0aW5nIjpmYWxzZX0=
.sacredbusinessflow.com/ Name: _hjFirstSeen
Value: 1
.sacredbusinessflow.com/ Name: _hjIncludedInSessionSample_2311321
Value: 0
.sacredbusinessflow.com/ Name: _hjSession_2311321
Value: eyJpZCI6IjdlOTY5ZjcyLTgyYzItNDA5My1iYmM2LTlmNGQwMjlmN2FmNSIsImNyZWF0ZWQiOjE3MDAzNDkwNTI1NDIsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.sacredbusinessflow.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
m.stripe.com/ Name: m
Value: abd7a1e5-813f-43fc-a1b5-5c98d60cd57c3b42d0
.client.sacredbusinessflow.com/ Name: __stripe_mid
Value: 63d20a17-0177-4bd3-b7fb-35d9014cac4b10a9e5
.client.sacredbusinessflow.com/ Name: __stripe_sid
Value: 41dfc4f3-6a84-4457-996f-ae8fd31aacaaa8e64d

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdn.upcoach.com
client.sacredbusinessflow.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
ka-p.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
q.stripe.com
r.stripe.com
r.wdfl.co
script.hotjar.com
script.tapfiliate.com
static.hotjar.com
vc.hotjar.io
wa.upcoach.com
13.227.219.28
13.32.121.84
159.89.51.42
18.66.112.15
18.66.97.53
2600:9000:206f:5a00:19:7d10:bd80:93a1
2600:9000:225e:6400:1b:348c:b140:93a1
2606:4700:4400::6812:21b8
2606:4700:4400::6812:2844
2606:4700::6810:5614
2a00:1450:4001:806::2003
2a00:1450:4001:809::200a
44.228.215.240
54.186.23.98
54.187.119.242
67.205.189.57
99.86.4.99
05310548a7b194d49ef3df5f58787d39dd53930f140ef2d649642562d5f000bc
0e2b6ca8941a2593894d63df4a7d687339e3be2dcd891b3f21f22441df2b23d4
21e0577bdef99274f85366c05b4ed596183789bb3fff63766b84ecae349de050
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
313b78e7fc0d1d219065b3ad96df0804c56b173b41965efd16e19ffdb4ce97a6
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
37c65071f378cc9582aabdda3b52979ef901f2925e3f3c3dc597f41eac0f1b6d
38a4dc885f9d1267bbfaf361e24fbf51994bd7f6743784ec3e4a267bbe74a0be
3a154158a5f69f18e09dbbeec2aecbae8c0b7e202a7d3ff7562b067903f75c82
43930e37bce5cf2bdc0406301b3170eb11dd357514ceae95a703a0fe034aaae1
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
44798a517a7c8d28c1e371a1b8b869bae1608bd48df7ed50800cbed8703612c1
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
47dfda36ba083ef89533556e2b2bcb4f8418002a9e675c3edfd00cc23515d527
4e18ffe652933feeb7447562a240c844f7f6e85049e00c187d9ae35be567077d
659f048fbcf432896aa1068a4eaf8f33392ce7a148eadc3e676afbf8536dc763
662dda311d4f6cc6bdbf05843b7b55bd0d391e7ade25383c3a291f4c5899758d
70a6381708a85df53da33a718284ae26f79b0b6ab980a08bb32df3c28896f466
7eec3429c76cb48e5fd457c5afb71b7cf34bc4298d53023bae8aea715443b4a9
7f65570a765a4b23b1647913b4fa6cb44fc5d036847d8a01f246d807d51cc37b
879e5a20d16b6c5edeb74bd6ed1123fa8b57d8ae884e4e91b9bf968c6f7bcdfd
8c1e90dad6a7cf7aea83622e85032b766db7470604ea348dfa966cdf443bc7b2
8ed889b78e8e965ae782fac78b03f0ae2fe49a130f4b1a85391e535cc984a1ac
90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16
9208af0d255de90ca2e378584491b43790c3b8864656771aba1f124c4695b0ea
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a35fc7f0a0718cb3516843602c8824eadc665daf52f4c62cc3111a66c33f1226
a3e927df40bc67e41f4bf2e116c07bed8b2edeb9a25a07162b9cf3afdd9afbc6
aba7755ad4c7149b39f80b7b0d8f9f364f04d8274554f8825a2b49d3e492caf8
b657f41d44fd993f51e0c98e17a6c90a026ba95582678227dfe514be6a1825c1
c8a6f5f134dcd3c56845711d8376d255dd1dd613375f173561f8d88be9302aa7
cbf7a6b85c6deafe7fed06f4909aceb35467364ddd2e5f81e505bf73723e970d
d41871d2894dc875d0dad73822efe7d3d43c459d53dde0e0d2006cd5c7427e75
d84f9fa5fb58ed282776a3c433a45eafc566ba47711fc061ff8b6dcc4df688a7
db68929956fdf19f3c4ee31053627a223e7eabefa3f49527d27477f873fea682
df5d2930446e54ced5654760885ded3e7086ca55d4011d900ad37ab2c7a2f7ce
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f51d9393c53029ade3ddb5824637f86918b2de59627805f0232ffc9c54d442
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328