sso-staging.albertapp.com Open in urlscan Pro
51.83.96.6  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sso-staging.albertapp.com/	4 KB 2 KB	186ms 35ms	Document text/html	51.83.96.6 OVH
General Check archive.org Show headers Download Go to Full URL https://sso-staging.albertapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.96.6 , France, ASN16276 (OVH, FR), Reverse DNS ns3147620.ip-51-83-96.eu Software nginx / Resource Hash 70a0f4c987133be03d7ea8f83ada63d787b5bb35335db1afc4675f9e9816c660 Security Headers Name Value Content-Security-Policy default-src https:; base-uri 'self'; img-src 'self' https://tags.albertapp.com data:; object-src 'none'; script-src 'self' https://tags.albertapp.com stonly.com *.stonly.com 'nonce-iYFlbbz3SfvXAR_EbvP2fA' 'sha256-LVbtizYRN7/8q0EiuRp3CB70Gh6Phanq4GkzfBMdiXg=' 'sha256-s6Xx8dPlGC4AEeUoY3eCWU+XHAfRW0f/8k2vx02XNso=' 'strict-dynamic'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src data: https://fonts.gstatic.com; form-action 'self'; connect-src 'self' stonly.com *.stonly.com; frame-src 'self' https://www.google.com stonly.com *.stonly.com; frame-ancestors 'none'; media-src 'self'; manifest-src 'none' Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 content-encoding gzip content-security-policy default-src https:; base-uri 'self'; img-src 'self' https://tags.albertapp.com data:; object-src 'none'; script-src 'self' https://tags.albertapp.com stonly.com *.stonly.com 'nonce-iYFlbbz3SfvXAR_EbvP2fA' 'sha256-LVbtizYRN7/8q0EiuRp3CB70Gh6Phanq4GkzfBMdiXg=' 'sha256-s6Xx8dPlGC4AEeUoY3eCWU+XHAfRW0f/8k2vx02XNso=' 'strict-dynamic'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src data: https://fonts.gstatic.com; form-action 'self'; connect-src 'self' stonly.com *.stonly.com; frame-src 'self' https://www.google.com stonly.com *.stonly.com; frame-ancestors 'none'; media-src 'self'; manifest-src 'none' content-type text/html date Wed, 03 Jul 2024 22:26:06 GMT etag W/"668428a9-e0b" last-modified Tue, 02 Jul 2024 16:19:53 GMT referrer-policy same-origin server nginx strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block
GET H2	200	polyfills-BK4YYgWX.js Show response sso-staging.albertapp.com/assets/	105 KB 46 KB	72ms 70ms	Script application/javascript	51.83.96.6 OVH
General Check archive.org Show headers Download Go to Full URL https://sso-staging.albertapp.com/assets/polyfills-BK4YYgWX.js Requested by Host: sso-staging.albertapp.com URL: https://sso-staging.albertapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.96.6 , France, ASN16276 (OVH, FR), Reverse DNS ns3147620.ip-51-83-96.eu Software nginx / Resource Hash f19ad171ced059c750db4b3360f7d89e209f6708804b4d266e153588bf3b7702 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sso-staging.albertapp.com/ Origin https://sso-staging.albertapp.com Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:06 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 02 Jul 2024 16:19:53 GMT server nginx etag W/"668428a9-1a4c8" x-frame-options DENY content-type application/javascript cache-control max-age=31536000 expires Thu, 03 Jul 2025 22:26:06 GMT
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	110ms 37ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap Requested by Host: sso-staging.albertapp.com URL: https://sso-staging.albertapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 03 Jul 2024 22:26:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 03 Jul 2024 21:00:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 03 Jul 2024 22:26:06 GMT
GET H2	200	front.js Show response sso-staging.albertapp.com/api/config/	349 B 450 B	70ms 69ms	Script application/javascript	51.83.96.6 OVH
General Check archive.org Show headers Download Go to Full URL https://sso-staging.albertapp.com/api/config/front.js Requested by Host: sso-staging.albertapp.com URL: https://sso-staging.albertapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.96.6 , France, ASN16276 (OVH, FR), Reverse DNS ns3147620.ip-51-83-96.eu Software nginx / Resource Hash 2571b7e223f25f7f6205365d7e310af5d7ad01cb21e05930efe3f464149738aa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sso-staging.albertapp.com/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff server nginx etag W/"15d-amZpBcWMqIPHRW4ODQfV7SzU0ho" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=utf-8 content-length 349
GET H2	200	index-CuzjlQ6y.js Show response sso-staging.albertapp.com/assets/	5 MB 2 MB	101ms 100ms	Script application/javascript	51.83.96.6 OVH
General Check archive.org Show headers Download Go to Full URL https://sso-staging.albertapp.com/assets/index-CuzjlQ6y.js Requested by Host: sso-staging.albertapp.com URL: https://sso-staging.albertapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.96.6 , France, ASN16276 (OVH, FR), Reverse DNS ns3147620.ip-51-83-96.eu Software nginx / Resource Hash 0f4b8541036b5b51447a9942f2f1c4f9db3a3a263392c0034663f4ec5f67e31a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sso-staging.albertapp.com/ Origin https://sso-staging.albertapp.com Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:06 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 02 Jul 2024 16:19:53 GMT server nginx etag W/"668428a9-4bd3b5" x-frame-options DENY content-type application/javascript cache-control max-age=31536000 expires Thu, 03 Jul 2025 22:26:06 GMT
GET H2	200	index-DEiQROXg.css sso-staging.albertapp.com/assets/	262 KB 45 KB	39ms 38ms	Stylesheet text/css	51.83.96.6 OVH
General Check archive.org Show headers Download Go to Full URL https://sso-staging.albertapp.com/assets/index-DEiQROXg.css Requested by Host: sso-staging.albertapp.com URL: https://sso-staging.albertapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.96.6 , France, ASN16276 (OVH, FR), Reverse DNS ns3147620.ip-51-83-96.eu Software nginx / Resource Hash 52208892360c387c1b3990451ccc186dd8e262b57f0cca958c440d5a3a3916b5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sso-staging.albertapp.com/ Origin https://sso-staging.albertapp.com Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:06 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 02 Jul 2024 16:19:53 GMT server nginx etag W/"668428a9-4167c" x-frame-options DENY content-type text/css cache-control max-age=31536000 expires Thu, 03 Jul 2025 22:26:06 GMT
GET H2	200	version Show response stonly.com/js/widget/v2/	8 B 468 B	167ms 63ms	XHR application/octet-stream	2600:9000:2249:a600:18:1316:6b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stonly.com/js/widget/v2/version?v=1720045566241 Requested by Host: sso-staging.albertapp.com URL: https://sso-staging.albertapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2249:a600:18:1316:6b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 624cf94eb11ce7df064e10be1ba102aa20e7dfa72beef7fb155ab8ebac896b60 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:06 GMT via 1.1 7403235773a9b23f307196c589d62dac.cloudfront.net (CloudFront) strict-transport-security max-age=31536000 x-amz-cf-pop MXP63-P4 x-cache Miss from cloudfront content-length 8 x-xss-protection 1; mode=block last-modified Tue, 02 Jul 2024 13:10:16 GMT server nginx etag "6683fc38-8" content-type application/octet-stream access-control-allow-origin * access-control-expose-headers * cache-control no-cache accept-ranges bytes x-amz-cf-id 9ftOAFmAng1qumebwFVrm5vyy_I7zaa3_4RqHCfC3TxDgNFjtQXGhA== expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	stonly-widget.js Show response stonly.com/js/widget/v2/	41 KB 14 KB	108ms 39ms	Script application/javascript	2600:9000:2249:a600:18:1316:6b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stonly.com/js/widget/v2/stonly-widget.js?v=689ac823 Requested by Host: sso-staging.albertapp.com URL: https://sso-staging.albertapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2249:a600:18:1316:6b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash a7d0e2c931079a8fa2da9b2964142eb7ec1da65539121918f2d678dfe3cbeacd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 13:10:15 GMT content-encoding gzip via 1.1 e57379aeeaf825df3f0a6972a5cb719c.cloudfront.net (CloudFront) strict-transport-security max-age=31536000 x-amz-cf-pop MXP63-P4 age 119751 x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Tue, 02 Jul 2024 12:58:39 GMT server nginx etag W/"6683f97f-a435" vary Accept-Encoding, Origin content-type application/javascript cache-control max-age=1209600 x-amz-cf-id h64azlIgMx9gyZPx1uTJaa8P3zqIPhicLoCtHG0hIkgOvSNaDXQi_Q== expires Tue, 16 Jul 2024 13:10:15 GMT
GET H2	200	vendors~widget-3902cc5a737366904b2f.stonly.js Show response stonly.com/js/widget/v2/	183 KB 65 KB	41ms 41ms	Script application/javascript	2600:9000:2249:a600:18:1316:6b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stonly.com/js/widget/v2/vendors~widget-3902cc5a737366904b2f.stonly.js Requested by Host: stonly.com URL: https://stonly.com/js/widget/v2/stonly-widget.js?v=689ac823 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2249:a600:18:1316:6b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 0a3a1f40cc935d971f7ad1c22ad88aa80829d0da9d3ed916dd02671c4a4133ff Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 28 Jun 2024 05:49:10 GMT content-encoding gzip via 1.1 e57379aeeaf825df3f0a6972a5cb719c.cloudfront.net (CloudFront) strict-transport-security max-age=31536000 x-amz-cf-pop MXP63-P4 age 491816 x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Thu, 27 Jun 2024 07:55:17 GMT server nginx etag W/"667d1ae5-2dd8e" vary Accept-Encoding, Origin content-type application/javascript cache-control max-age=1209600 x-amz-cf-id h4iHblLe_mKiyqrdySlOCX-eh7DJeLYr_Yauw7hbs4JgzW1YNzihEw== expires Fri, 12 Jul 2024 05:49:10 GMT
GET H2	200	widget-8fcad18a3d02e5149898.stonly.js Show response stonly.com/js/widget/v2/	184 KB 54 KB	83ms 83ms	Script application/javascript	2600:9000:2249:a600:18:1316:6b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://stonly.com/js/widget/v2/widget-8fcad18a3d02e5149898.stonly.js Requested by Host: stonly.com URL: https://stonly.com/js/widget/v2/stonly-widget.js?v=689ac823 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2249:a600:18:1316:6b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash f0da0257d5eac3cdec6390df04e22129071b5fec4e9607facb8b08aa085a8780 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 13:08:56 GMT content-encoding gzip via 1.1 e57379aeeaf825df3f0a6972a5cb719c.cloudfront.net (CloudFront) strict-transport-security max-age=31536000 x-amz-cf-pop MXP63-P4 age 119830 x-cache Hit from cloudfront x-xss-protection 1; mode=block last-modified Tue, 02 Jul 2024 12:58:39 GMT server nginx etag W/"6683f97f-2de53" vary Accept-Encoding, Origin content-type application/javascript cache-control max-age=1209600 x-amz-cf-id mx926p653o8FcfMPS-2M1Osuq4gSzHEYAv6AlRQGQANGFvfV_SOaww== expires Tue, 16 Jul 2024 13:08:56 GMT
GET H2	200	resources.json Show response sso-staging.albertapp.com/api/translations/	153 KB 36 KB	49ms 49ms	Fetch application/json	51.83.96.6 OVH
General Check archive.org Show headers Download Go to Full URL https://sso-staging.albertapp.com/api/translations/resources.json?lng=en Requested by Host: sso-staging.albertapp.com URL: https://sso-staging.albertapp.com/assets/index-CuzjlQ6y.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.96.6 , France, ASN16276 (OVH, FR), Reverse DNS ns3147620.ip-51-83-96.eu Software nginx / Resource Hash 92ff9edaf417de6fa6eb08d6904d8f8db9c2816c83588e07d1ce89a55166fd7d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sso-staging.albertapp.com/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:06 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload server nginx etag W/"263fe-CGWJTXCfVkQrnJUWWaphUIsntt8" vary Accept-Encoding x-frame-options DENY content-type application/json; charset=utf-8
GET H2	200	conf Show response tags.albertapp.com/	65 KB 21 KB	180ms 39ms	Script text/javascript	91.121.63.201 OVH
General Check archive.org Show headers Download Go to Full URL https://tags.albertapp.com/conf Requested by Host: sso-staging.albertapp.com URL: https://sso-staging.albertapp.com/assets/index-CuzjlQ6y.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 91.121.63.201 , France, ASN16276 (OVH, FR), Reverse DNS ip201.ip-91-121-63.eu Software Apache/2.4.57 (Debian) / Resource Hash b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:06 GMT content-encoding gzip last-modified Thu, 07 Mar 2024 23:35:49 GMT server Apache/2.4.57 (Debian) etag "1042f-6131a8902bf40-gzip" vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 21709
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 988 B	101ms 41ms	Script text/javascript	142.250.186.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LeII7cdAAAAALOFxirtinZPIVowYkLmTWNyGWlz Requested by Host: sso-staging.albertapp.com URL: https://sso-staging.albertapp.com/assets/index-CuzjlQ6y.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f4.1e100.net Software GSE / Resource Hash dedf9b3a524d2b902a486ddacbd7baf26470f139f327a62bc5fb5c8152a72ea6 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:06 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Wed, 03 Jul 2024 22:26:06 GMT
GET H2	200	logo.svg sso-staging.albertapp.com/img/	3 KB 1 KB	44ms 43ms	Image image/svg+xml	51.83.96.6 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://sso-staging.albertapp.com/img/logo.svg Requested by Host: sso-staging.albertapp.com URL: https://sso-staging.albertapp.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.96.6 , France, ASN16276 (OVH, FR), Reverse DNS ns3147620.ip-51-83-96.eu Software nginx / Resource Hash 01d6d07f46eed720a5fd14bb620d0a562f25ff93bdaa2c118bd7d2f7c5d12ed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sso-staging.albertapp.com/login Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:06 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 02 Jul 2024 16:19:41 GMT server nginx etag W/"6684289d-acd" x-frame-options DENY content-type image/svg+xml cache-control max-age=2592000 expires Fri, 02 Aug 2024 22:26:06 GMT
GET H2	200	homePage.svg sso-staging.albertapp.com/img/	38 KB 12 KB	47ms 47ms	Image image/svg+xml	51.83.96.6 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://sso-staging.albertapp.com/img/homePage.svg Requested by Host: sso-staging.albertapp.com URL: https://sso-staging.albertapp.com/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.96.6 , France, ASN16276 (OVH, FR), Reverse DNS ns3147620.ip-51-83-96.eu Software nginx / Resource Hash b0b982a9fbb2cdf162ed2751f80532138daf2fd6d122867e5661205adfba47bc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sso-staging.albertapp.com/login Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:06 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Tue, 02 Jul 2024 16:19:41 GMT server nginx etag W/"6684289d-9752" x-frame-options DENY content-type image/svg+xml cache-control max-age=2592000 expires Fri, 02 Aug 2024 22:26:06 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	98ms 35ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://sso-staging.albertapp.com Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 27 Jun 2024 07:43:41 GMT x-content-type-options nosniff age 571345 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 27 Jun 2025 07:43:41 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	90ms 27ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://sso-staging.albertapp.com Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 27 Jun 2024 17:31:01 GMT x-content-type-options nosniff age 536105 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 27 Jun 2025 17:31:01 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	119ms 56ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://sso-staging.albertapp.com Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 27 Jun 2024 20:58:55 GMT x-content-type-options nosniff age 523631 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 27 Jun 2025 20:58:55 GMT
GET H2	200	stonly-stat-id.html s.stonly.com/ Frame C874	0 0	134ms 38ms	Document text/html	108.138.192.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.stonly.com/stonly-stat-id.html?widgetId=2ef37d0e-bff7-11ec-9fb8-0ae9fa2a18a2&v=1.6 Requested by Host: stonly.com URL: https://stonly.com/js/widget/v2/widget-8fcad18a3d02e5149898.stonly.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.192.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-192-9.mxp64.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 49501 content-encoding gzip content-type text/html date Wed, 03 Jul 2024 18:46:52 GMT etag W/"1e842d41cd8ee7cd85e02b77ea373737" last-modified Thu, 27 Jun 2024 07:53:51 GMT server AmazonS3 vary Accept-Encoding Origin via 1.1 27674c645904e04ed5860bd3bff6d214.cloudfront.net (CloudFront) x-amz-cf-id uF45elnwlPId4y4tNO-x6fVGfYzGCy4f2QJmNMhStjHIym7Pl2JHWw== x-amz-cf-pop MXP64-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H2	200	recaptcha__fr.js Show response www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/	537 KB 213 KB	95ms 29ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__fr.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LeII7cdAAAAALOFxirtinZPIVowYkLmTWNyGWlz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e8619cdd37794e9a407e2e5ff4de787a119eb395c459b5c6ce0b4d936d266cc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://sso-staging.albertapp.com Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 27 Jun 2024 13:01:48 GMT content-encoding gzip x-content-type-options nosniff age 552259 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 217667 x-xss-protection 0 last-modified Sun, 23 Jun 2024 08:01:07 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 27 Jun 2025 13:01:48 GMT
POST H2	200	identify Show response api.stonly.com/api/v1/targeting/	38 B 457 B	66ms 27ms	XHR application/json	35.180.5.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.stonly.com/api/v1/targeting/identify Requested by Host: stonly.com URL: https://stonly.com/js/widget/v2/widget-8fcad18a3d02e5149898.stonly.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.180.5.163 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-180-5-163.eu-west-3.compute.amazonaws.com Software nginx / Resource Hash d2d7b962231a739105665b0b4d7ca5dc566beb4354a10c477ec8b1b12d955bbe Security Headers Name Value Strict-Transport-Security max-age=2592000; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 timestamp 1720045567036 Referer sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:07 GMT strict-transport-security max-age=2592000; x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin content-encoding gzip server nginx etag W/"26-NFKChCaGCPgLuaMJn62pKH75t6U" vary Accept-Encoding, Origin content-type application/json; charset=utf-8 access-control-allow-origin https://sso-staging.albertapp.com cache-control no-cache access-control-allow-credentials true x-xss-protection 1; mode=block expires Thu, 01 Jan 1970 00:00:01 GMT
OPTIONS H2	204	identify api.stonly.com/api/v1/targeting/ Frame	0 0	78ms 22ms	Preflight	35.180.5.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.stonly.com/api/v1/targeting/identify Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.180.5.163 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-180-5-163.eu-west-3.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type,timestamp Access-Control-Request-Method POST Origin https://sso-staging.albertapp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,timestamp access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://sso-staging.albertapp.com cache-control no-cache date Wed, 03 Jul 2024 22:26:07 GMT expires Thu, 01 Jan 1970 00:00:01 GMT referrer-policy strict-origin-when-cross-origin server nginx strict-transport-security max-age=2592000; vary Origin, Access-Control-Request-Headers x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	anchor www.google.com/recaptcha/api2/ Frame 39E8	0 0	101ms 50ms	Document text/html	142.250.186.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeII7cdAAAAALOFxirtinZPIVowYkLmTWNyGWlz&co=aHR0cHM6Ly9zc28tc3RhZ2luZy5hbGJlcnRhcHAuY29tOjQ0Mw..&hl=fr&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=5wefi2r8a23k Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__fr.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Af1DSpfaztdo1pHJ4REVlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-Af1DSpfaztdo1pHJ4REVlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 03 Jul 2024 22:26:07 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	integration Show response api.stonly.com/api/v2/widget/	631 B 874 B	34ms 34ms	XHR application/json	35.180.5.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.stonly.com/api/v2/widget/integration?widgetId=2ef37d0e-bff7-11ec-9fb8-0ae9fa2a18a2&stonlyAnonymousId=84f4b24e-35b6-4506-a3a5-b40a49e169a6&url=https%3A%2F%2Fsso-staging.albertapp.com%2Flogin Requested by Host: stonly.com URL: https://stonly.com/js/widget/v2/widget-8fcad18a3d02e5149898.stonly.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.180.5.163 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-180-5-163.eu-west-3.compute.amazonaws.com Software nginx / Resource Hash c5080d4092de3ef4cb5a50d89fac75bc00b7a429d7df185cb46ef3d3cd912a50 Security Headers Name Value Strict-Transport-Security max-age=2592000; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" timestamp 1720045567221 Referer Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:07 GMT strict-transport-security max-age=2592000; x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin content-encoding gzip server nginx etag W/"277-z8L4NyCrYqMMCxr01Lm0m1fKqfg" vary Accept-Encoding, Origin content-type application/json; charset=utf-8 access-control-allow-origin https://sso-staging.albertapp.com cache-control no-cache access-control-allow-credentials true x-xss-protection 1; mode=block expires Thu, 01 Jan 1970 00:00:01 GMT
OPTIONS H2	204	integration api.stonly.com/api/v2/widget/ Frame	0 0	22ms 22ms	Preflight	35.180.5.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.stonly.com/api/v2/widget/integration?widgetId=2ef37d0e-bff7-11ec-9fb8-0ae9fa2a18a2&stonlyAnonymousId=84f4b24e-35b6-4506-a3a5-b40a49e169a6&url=https%3A%2F%2Fsso-staging.albertapp.com%2Flogin Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.180.5.163 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-180-5-163.eu-west-3.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers timestamp Access-Control-Request-Method GET Origin https://sso-staging.albertapp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers timestamp access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://sso-staging.albertapp.com cache-control no-cache date Wed, 03 Jul 2024 22:26:07 GMT expires Thu, 01 Jan 1970 00:00:01 GMT referrer-policy strict-origin-when-cross-origin server nginx strict-transport-security max-age=2592000; vary Origin, Access-Control-Request-Headers x-content-type-options nosniff x-xss-protection 1; mode=block
POST H2	200	stat Show response api.stonly.com/api/v1/	28 B 391 B	22ms 22ms	XHR application/json	35.180.5.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.stonly.com/api/v1/stat Requested by Host: stonly.com URL: https://stonly.com/js/widget/v2/widget-8fcad18a3d02e5149898.stonly.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.180.5.163 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-180-5-163.eu-west-3.compute.amazonaws.com Software nginx / Resource Hash eb365de41c99f002d621030f1ed923378b7e02880f0e6446258d33306f594570 Security Headers Name Value Strict-Transport-Security max-age=2592000; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json;charset=UTF-8 timestamp 1720045567289 Referer sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:07 GMT strict-transport-security max-age=2592000; x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin content-encoding gzip server nginx etag W/"1c-ByTQlyo2Qy1Btr155OVZJfDYTX0" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache x-xss-protection 1; mode=block expires Thu, 01 Jan 1970 00:00:01 GMT
OPTIONS H2	204	stat api.stonly.com/api/v1/ Frame	0 0	22ms 21ms	Preflight	35.180.5.163 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.stonly.com/api/v1/stat Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.180.5.163 Paris, France, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-180-5-163.eu-west-3.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000; X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type,timestamp Access-Control-Request-Method POST Origin https://sso-staging.albertapp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,timestamp access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://sso-staging.albertapp.com cache-control no-cache date Wed, 03 Jul 2024 22:26:07 GMT expires Thu, 01 Jan 1970 00:00:01 GMT referrer-policy strict-origin-when-cross-origin server nginx strict-transport-security max-age=2592000; vary Origin, Access-Control-Request-Headers x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	favicon-32x32.png sso-staging.albertapp.com/statics/favicon/	3 KB 3 KB	38ms 37ms	Other image/png	51.83.96.6 OVH
General Check archive.org Show headers Download Go to Full URL https://sso-staging.albertapp.com/statics/favicon/favicon-32x32.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.96.6 , France, ASN16276 (OVH, FR), Reverse DNS ns3147620.ip-51-83-96.eu Software nginx / Resource Hash 3aebb47192162e673c8357da12bd7dc90406a123d76a966ff9b2101fb49e5710 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://sso-staging.albertapp.com/login Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Jul 2024 22:26:07 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff last-modified Tue, 02 Jul 2024 16:19:41 GMT server nginx etag "6684289d-a3a" x-frame-options DENY content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2618 expires Fri, 02 Aug 2024 22:26:07 GMT

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage object| _env_ string| STONLY_WID function| StonlyWidget function| clearImmediate function| setImmediate number| 2f1acc6c3a606b082e5eef5e54414ffb object| Konva object| jsonpStonlyWidget object| _paq function| onRecaptchaLoadCallback object| regeneratorRuntime object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| recaptcha object| closure_lm_253749

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.api.stonly.com/	1969-12-31 23:59:59	Name: _csrf Value: -N5GDs-Ynb_KEW_yfJf2bdPH

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https:; base-uri 'self'; img-src 'self' https://tags.albertapp.com data:; object-src 'none'; script-src 'self' https://tags.albertapp.com stonly.com *.stonly.com 'nonce-iYFlbbz3SfvXAR_EbvP2fA' 'sha256-LVbtizYRN7/8q0EiuRp3CB70Gh6Phanq4GkzfBMdiXg=' 'sha256-s6Xx8dPlGC4AEeUoY3eCWU+XHAfRW0f/8k2vx02XNso=' 'strict-dynamic'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src data: https://fonts.gstatic.com; form-action 'self'; connect-src 'self' stonly.com *.stonly.com; frame-src 'self' https://www.google.com stonly.com *.stonly.com; frame-ancestors 'none'; media-src 'self'; manifest-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.stonly.com
fonts.googleapis.com
fonts.gstatic.com
s.stonly.com
sso-staging.albertapp.com
stonly.com
tags.albertapp.com
www.google.com
www.gstatic.com
108.138.192.9
142.250.186.100
2600:9000:2249:a600:18:1316:6b80:93a1
2a00:1450:4001:811::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2003
35.180.5.163
51.83.96.6
91.121.63.201
01d6d07f46eed720a5fd14bb620d0a562f25ff93bdaa2c118bd7d2f7c5d12ed6
0a3a1f40cc935d971f7ad1c22ad88aa80829d0da9d3ed916dd02671c4a4133ff
0f4b8541036b5b51447a9942f2f1c4f9db3a3a263392c0034663f4ec5f67e31a
2571b7e223f25f7f6205365d7e310af5d7ad01cb21e05930efe3f464149738aa
31d196afc7bf97b61be0a9881f623b3b8a7b56d4b0c08c6b78c37ce92d7827b2
3aebb47192162e673c8357da12bd7dc90406a123d76a966ff9b2101fb49e5710
52208892360c387c1b3990451ccc186dd8e262b57f0cca958c440d5a3a3916b5
624cf94eb11ce7df064e10be1ba102aa20e7dfa72beef7fb155ab8ebac896b60
70a0f4c987133be03d7ea8f83ada63d787b5bb35335db1afc4675f9e9816c660
92ff9edaf417de6fa6eb08d6904d8f8db9c2816c83588e07d1ce89a55166fd7d
a7d0e2c931079a8fa2da9b2964142eb7ec1da65539121918f2d678dfe3cbeacd
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0b982a9fbb2cdf162ed2751f80532138daf2fd6d122867e5661205adfba47bc
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
c5080d4092de3ef4cb5a50d89fac75bc00b7a429d7df185cb46ef3d3cd912a50
d2d7b962231a739105665b0b4d7ca5dc566beb4354a10c477ec8b1b12d955bbe
dedf9b3a524d2b902a486ddacbd7baf26470f139f327a62bc5fb5c8152a72ea6
e8619cdd37794e9a407e2e5ff4de787a119eb395c459b5c6ce0b4d936d266cc3
eb365de41c99f002d621030f1ed923378b7e02880f0e6446258d33306f594570
f0da0257d5eac3cdec6390df04e22129071b5fec4e9607facb8b08aa085a8780
f19ad171ced059c750db4b3360f7d89e209f6708804b4d266e153588bf3b7702
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615