app.staging.vanta.com Open in urlscan Pro
35.172.75.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app.staging.vanta.com/
Effective URL:
https://app.staging.vanta.com/
Submission: On December 11 via api (December 11th 2023, 10:25:23 pm UTC) from US — Scanned from DE

Summary HTTP 30 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 7 domains to perform 30 HTTP transactions. The main IP is 35.172.75.111, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.staging.vanta.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 25th 2023. Valid for: a year.

This is the only time app.staging.vanta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	35.172.75.111 35.172.75.111	14618 (AMAZON-AES) (AMAZON-AES)
12	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:24e... 2600:1f18:24e6:b902:c108:ff4e:a7bb:c586	14618 (AMAZON-AES) (AMAZON-AES)
1	18.239.69.16 18.239.69.16	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	100.25.175.139 100.25.175.139	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:24e... 2600:1f18:24e6:b900:b586:9871:e096:4c1b	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:24e... 2600:1f18:24e6:b901:a641:958d:b1f1:5d3f	14618 (AMAZON-AES) (AMAZON-AES)
30	11

4 35.172.75.111 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-75-111.compute-1.amazonaws.com

app.staging.vanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.staging.vanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b902:c108:ff4e:a7bb:c586 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

csp-report.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.69.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-16.ams58.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

fast.trychameleon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.25.175.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-175-139.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b900:b586:9871:e096:4c1b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b901:a641:958d:b1f1:5d3f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

session-replay.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	vanta.com 1 redirects app.staging.vanta.com static.staging.vanta.com	7 MB
4	gstatic.com fonts.gstatic.com	138 KB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 878 heapanalytics.com — Cisco Umbrella Rank: 784	38 KB
3	browser-intake-datadoghq.com csp-report.browser-intake-datadoghq.com — Cisco Umbrella Rank: 18376 rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 1966 session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 7550	610 B
1	trychameleon.com fast.trychameleon.com — Cisco Umbrella Rank: 15169	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
30	7

	Domain	Requested by
12	static.staging.vanta.com	app.staging.vanta.com static.staging.vanta.com
4	fonts.gstatic.com	app.staging.vanta.com fonts.googleapis.com
4	app.staging.vanta.com	1 redirects static.staging.vanta.com
2	heapanalytics.com
1	session-replay.browser-intake-datadoghq.com	static.staging.vanta.com
1	rum.browser-intake-datadoghq.com	static.staging.vanta.com
1	fast.trychameleon.com	static.staging.vanta.com
1	cdn.heapanalytics.com	app.staging.vanta.com
1	csp-report.browser-intake-datadoghq.com	app.staging.vanta.com
1	fonts.googleapis.com	app.staging.vanta.com
0	static.cloudflareinsights.com Failed	app.staging.vanta.com
30	11

This site contains links to these domains. Also see Links.

Domain
www.vanta.com

Subject Issuer	Validity	Valid
staging.vanta.com Amazon RSA 2048 M01	`2023-03-25` - `2024-04-22`	a year	crt.sh
static.staging.vanta.com E1	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
fast.trychameleon.com R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app.staging.vanta.com/
Frame ID: FC586DDD7371E969621C3650AD6DA48F
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

STAGING Vanta

Page URL History Show full URLs

http://app.staging.vanta.com/ HTTP 301
https://app.staging.vanta.com/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

30
Requests

90 %
HTTPS

60 %
IPv6

7
Domains

11
Subdomains

11
IPs

2
Countries

7638 kB
Transfer

31218 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vanta.com/demo
Title: Contact us.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app.staging.vanta.com/ HTTP 301
https://app.staging.vanta.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.staging.vanta.com/
Redirect Chain

http://app.staging.vanta.com/
https://app.staging.vanta.com/

2 KB
2 KB

387ms
177ms

Document
text/html

35.172.75.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.staging.vanta.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.172.75.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-172-75-111.compute-1.amazonaws.com

Software

cloudflare /

Resource Hash

169137726ee7b69483833afe08f9801bfee882d76da24eddb4224df43d9ee902

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 83412484cc2a3b32-IAD
content-encoding: br
content-length: 680
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
content-type: text/html; charset=utf-8
date: Mon, 11 Dec 2023 22:25:17 GMT
etag: W/"e193b4bb0888520f0a61784ac8c563d2"
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCPAe%2FS99QyvIrwLGhKsA5%2Bg4cDDZSbB409iaDTiQR22ATvrZXbCl2q2DeQZftXuU9lZits1pFjt60jManMw3WlANYq7QkQSeSZoz6cBbFl70xCGmvg0YcaEePD%2F7FWi2YnbIddtgK2EZUE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
uuid: 2989d070-9874-11ee-8793-89123b76e19c
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: noindex
x-xss-protection: 0

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Mon, 11 Dec 2023 22:25:17 GMT
Location: https://app.staging.vanta.com:443/
Server: awselb/2.0

GET
H2 200 index.607bf026.css
static.staging.vanta.com/static/ 44 KB
13 KB 148ms
43ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staging.vanta.com/static/index.607bf026.css

Requested by

Host: app.staging.vanta.com
URL: https://app.staging.vanta.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8cff5af4be77e694fc14c165da9fdf9afd33b8062a0f5d94b0c3f0dc7dca9f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:25:17 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"0b409b23401097de80848185f2b1d568"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddBmFWLH8Om%2BAT5TSPC%2FOpc96FBBp3hEg%2FHRscUM0APfFHB4Sbl827PRsfXi3sVUYvwouWvh2EEPrltDivWJ8Mj0np756sNILBzOEIMznbKldsi%2BSd8T0gOtDOLFGdfV6NgOt6LEtR367fAf32GC1lQSxF7Jc%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 834124863e171da0-FRA

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 36ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: app.staging.vanta.com
URL: https://app.staging.vanta.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.staging.vanta.com/
Origin: https://app.staging.vanta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:09:46 GMT
x-content-type-options: nosniff
age: 249331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37780
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:09:46 GMT

GET
H2 200 L0x8DFMnlVwD4h3hu_qnZypEiw.woff2
fonts.gstatic.com/s/domine/v19/ 27 KB
27 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/domine/v19/L0x8DFMnlVwD4h3hu_qnZypEiw.woff2

Requested by

Host: app.staging.vanta.com
URL: https://app.staging.vanta.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331215b2d754c35f93a1868c74124b059095b34b1b49625c9bf149a0e8a19518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.staging.vanta.com/
Origin: https://app.staging.vanta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 08:54:16 GMT
x-content-type-options: nosniff
age: 48661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27612
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:06:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 08:54:16 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Domine:wght@400;600&family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: app.staging.vanta.com
URL: https://app.staging.vanta.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d9bc2391abb0e14534cbcfee3862c75266ed014a916fe44bb0961bc2f09ae05a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Dec 2023 22:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 22:25:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Dec 2023 22:25:17 GMT

GET
H2 200 index.ace714ac.css
static.staging.vanta.com/static/ 480 KB
81 KB 151ms
47ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staging.vanta.com/static/index.ace714ac.css

Requested by

Host: app.staging.vanta.com
URL: https://app.staging.vanta.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caf80cb134d99356b98f4f97ec1c3826b735f6d02a0cd7063540303ddd3c329a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:25:17 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"769d855f92ea0911252491461f42751a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6gCOzWMa%2BkzAkTc3VPjRa0Dv1VCMnrYotA7GXFAQUoRaFqt7lt%2F8ipYOqzjKW8fdikSEchdY%2Fj8gpVgwM0JFxLgqny1eTtWyxc6uGnLce6c9wwgWmvBLPVRZ3y2nDG1s77ly77NCgtr8eKwHEI0NKrjJwT4Mp8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 834124864e1c1da0-FRA

GET
H2 200 index.eacbb1dd.css
static.staging.vanta.com/static/ 566 B
658 B 148ms
44ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staging.vanta.com/static/index.eacbb1dd.css

Requested by

Host: app.staging.vanta.com
URL: https://app.staging.vanta.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c01280f9576bb2b4345371612a26e18c5e98882b0c87609ee4ef80d5dc1fadc6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:25:17 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"39c821bae70af05485657d8633d9bb28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uyvlyfcye9HWWEdyFB9LyzDwieTaG2zNfon9AJip2KRswHw9NkjYBJfFGdKej4wiVH4bWFvlkyEbFfOSYVZUBFxpOC21tsrzKh%2BSSIMNmhkWC2Vg52Aq52LwJyrb4xXv%2BImSjwnjhBpmMRTe6J%2BVC%2Bf4xA3uyfg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 834124863e191da0-FRA

GET
H2 200 index.ded7c140.css
static.staging.vanta.com/static/ 574 B
657 B 161ms
57ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staging.vanta.com/static/index.ded7c140.css

Requested by

Host: app.staging.vanta.com
URL: https://app.staging.vanta.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

677e4be0fc2fdbad6485158c8228e26da01ead0f0ee351856b3acfc3dc0687f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:25:17 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2e19c2f5ccb58feca0d0b7d6793f5a47"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcL76M1r8xLFk6H1OhI9vik53aP90FM7yDA2mPnYixE%2BE9Aa%2F%2BMCAbtUBeMTRMztlLOpUAYRauFnAMrXOiL41qC2uajCw76NsZbsW%2BCYwIy5nHTuNXv80HgbvPIoubypiRcmj5BJ8a2KK11Y17OXYBTkd1FnmOo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 834124864e1a1da0-FRA

GET
H2 200 entry.js Show response
static.staging.vanta.com/static/ 632 B
599 B 40ms
39ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staging.vanta.com/static/entry.js

Requested by

Host: app.staging.vanta.com
URL: https://app.staging.vanta.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9327d937d1509b81a8edbc35d464ed07ed3c1e8aa9ac66705fd4748295ba164

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:25:17 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"4a31fc37ee0edf82d329b36d0078496a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1vPs6RRpPjolWRkjQJ2ATvAp18c0u844Sg5IGSLizqA9p9aEj0xkbj3tRS%2B02gONRwDEe0FwCqHhdFVxpWxJOctz1N3KRJKtnf7iA22%2FAA3bDf3gfh6wcRJsQ%2BxMt5AXhWZvrg0MXDUQU5v0jsL9xdmV1dW%2Bug%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 83412486ae681da0-FRA

POST
H2 202 logs
csp-report.browser-intake-datadoghq.com/api/v2/ 0
0 373ms
161ms Other
application/json 2600:1f18:24e6:b902:c108:ff4e:a7bb:c586
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined
Requested by: Host: app.staging.vanta.com
URL: https://app.staging.vanta.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:c108:ff4e:a7bb:c586 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.staging.vanta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

GET beacon.min.js
static.cloudflareinsights.com/ 0
0

GET
H3 200 index.f9ab2a0a.js Show response
static.staging.vanta.com/static/ 9 MB
3 MB 393ms
393ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staging.vanta.com/static/index.f9ab2a0a.js

Requested by

Host: static.staging.vanta.com
URL: https://static.staging.vanta.com/static/entry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db41be94475de846469c88dd0564b282947a4fbe31a6c3539ebe31caca5c7f6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:25:18 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"afc270c8c25d5496ffece6596e6f5ab7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlRPGZkApQostH6OAnGRPBkKtTCkuoIskRkJ3AdjdcG%2BAxRahGtdP8eE0WJH4y%2FMcbjC2YJUpX8XmI82wJqi5tuNORyWZpQfTLKy1nQitaJiU%2BmTBzZfVl0KMWAIl%2BbFCdDgGanUqC%2BeRsI3JkJ9hTeO2iiqX9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 83412486ff6a6ff3-CDG

GET
H3 200 index.runtime.13e9dfb5.js Show response
static.staging.vanta.com/static/ 4 KB
4 KB 82ms
82ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staging.vanta.com/static/index.runtime.13e9dfb5.js

Requested by

Host: static.staging.vanta.com
URL: https://static.staging.vanta.com/static/entry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5424f91899429ed5e7ac231e75e53ce9af5117809dc8f9775bfeaf11e9b19c28

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:25:17 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"596c1a8d5e8226fd2cc39dcefbbabd3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1up2%2FAgsoIgWUKSvngkOvOKcygVce0g%2BnvnJcrDplWZ%2BYRObKpi94ZRfKEvyAfPfENaBIVC9rRAvktf4A1nCD0hfCcgHQuL5hXtCVzCQOafb%2BJ2pzRiZ08hWNlhs52aCPsOcYtQOKX8lb0fDT9S3vI%2BR5eIzYNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 83412486ff6c6ff3-CDG

GET
H3 200 index.runtime.d6011600.js Show response
static.staging.vanta.com/static/ 30 KB
11 KB 81ms
81ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staging.vanta.com/static/index.runtime.d6011600.js

Requested by

Host: static.staging.vanta.com
URL: https://static.staging.vanta.com/static/entry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e944c43bdec0ec8fd281bf66c3fe64892e3e4c36704de5c4323471ec9736325

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:25:17 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c068afc4bcc82fccecb070297fefdba9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nt4P5zKy9LslRHZ2svJ03bLxT32uxGkI5FWNnMnxKuRrn9zy5fQQpxv%2BC%2FzmiYqFrhBZnTi4RfK5smsQA%2Fr%2BXSRosAj6JGVyVg0q1T2oRbzD3CPvNyyIupkvtGQF3yKOWvXASyeZgNfqEEf4imlrXLTGhZV25rk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 83412486ff6d6ff3-CDG

GET
H3 200 index.84fdb6cb.js Show response
static.staging.vanta.com/static/ 20 MB
4 MB 631ms
631ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staging.vanta.com/static/index.84fdb6cb.js

Requested by

Host: static.staging.vanta.com
URL: https://static.staging.vanta.com/static/entry.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48e5fba56b7359456ce757a7f8c1143d191ddd245785556f0d903fd26ce2e6b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:25:18 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"6df913284ed0cddf2be226f843acff4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zikV7fJmSrVKgJpGeRB12Sy2vt9Z0d8p6hrMboSBZZZKxngyXmFDoXQiSw1Ns66piOy51IrSW6t5ZCXnCX2KpkpDDvHeZ%2BvnZrdToH0B4BVivxSoDI6MRE5IEN6jwhGGBd7aluo8s0yq1Da7CVxyRFZPnBpsRiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 83412486ff6e6ff3-CDG

GET
H2 200 heap-1961210921.js Show response
cdn.heapanalytics.com/js/ 116 KB
37 KB 167ms
116ms Script
application/javascript 18.239.69.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1961210921.js

Requested by

Host: app.staging.vanta.com
URL: https://app.staging.vanta.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.69.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-69-16.ams58.r.cloudfront.net

Software

nginx / Express

Resource Hash

c9b3a8501bc542787e5538c6302f2542ef905a8f34accef2023380a73d2f9b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:24:19 GMT
content-encoding: br
via: 1.1 58fc6cf05625e5ee74a288151d13c370.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: AMS58-P4
age: 61
x-powered-by: Express
etag: W/"1ce4d-hCRPcVrRn7bhBbABQoxgKi0k5Zo"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5x7eTMTVhUXOlq_mTg4qzvcM48-xUUmaWssM2RovBZVl2_Y0XjD-VQ==

GET
H2 200 messo.min.js Show response
fast.trychameleon.com/messo/SOeAVlYm1Kff6u9J5AFDbaPsfTr9EOOBq2sZLM1LYalxB9-1KFOH1-CwwKM1tlygzuj0fF/ 4 KB
2 KB 41ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.trychameleon.com/messo/SOeAVlYm1Kff6u9J5AFDbaPsfTr9EOOBq2sZLM1LYalxB9-1KFOH1-CwwKM1tlygzuj0fF/messo.min.js

Requested by

Host: static.staging.vanta.com
URL: https://static.staging.vanta.com/static/index.84fdb6cb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

990151cb10e0ca555e02f771cfdcd347522fbff5a89de93bf8043b3c99d6f03c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:25:20 GMT
content-encoding: br
via: 1.1 chameleon.io (Hyoid)
strict-transport-security: max-age=31557600
last-modified: Fri, 22 Sep 2023 21:19:38 GMT
etag: "d712cb51ddca79bec27267c5dda35ad1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, no-cache
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1476

GET
BLOB 200
OK 90eb8c4b-4836-45da-87b3-89eb53db432d
https://app.staging.vanta.com/ 86 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.staging.vanta.com/90eb8c4b-4836-45da-87b3-89eb53db432d
Requested by: Host: app.staging.vanta.com
URL: https://app.staging.vanta.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66d92b2b6b4a659a501d58b1824731e4a745c7fca2fa635069019c903246a5ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 86
Content-Type: application/javascript

GET
BLOB 200
OK dc36e764-951c-4ead-baaa-7e5772950d6d
https://app.staging.vanta.com/ 25 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.staging.vanta.com/dc36e764-951c-4ead-baaa-7e5772950d6d
Requested by: Host: app.staging.vanta.com
URL: https://app.staging.vanta.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef42f4aa8f0b88e6d1cf013c7b79133dc4e036a011a70a25fb3113d7685520f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 25814
Content-Type

POST
H2 200 graphql Show response
app.staging.vanta.com/ 25 B
502 B 93ms
93ms Fetch
application/json 35.172.75.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.staging.vanta.com/graphql?operation=userContext

Requested by

Host: static.staging.vanta.com
URL: https://static.staging.vanta.com/static/index.f9ab2a0a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.172.75.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-172-75-111.compute-1.amazonaws.com

Software

Resource Hash

c7682fb89236766d039f9c72f89dca916ef0003a9c43eba22ca9704194c15115

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
accept-language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
x-datadog-sampling-priority: 1
content-type: application/json
accept: */*
Referer: https://app.staging.vanta.com/
apollographql-client-version: d4f9c4
x-datadog-parent-id: 24965151013235877
x-datadog-trace-id: 4297986731030543650
graphql-schema-version: d4f9c4

Response headers

date: Mon, 11 Dec 2023 22:25:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
uuid: 2b414470-9874-11ee-b156-835a52811e63
content-length: 25
x-xss-protection: 0
referrer-policy: same-origin
etag: W/"19-AWcZ0/oWRZgbXds9xsp8WpnG9lI"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.staging.vanta.com
x-download-options: noopen
access-control-allow-credentials: true
x-robots-tag: noindex

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 286ms
92ms Image
image/gif 100.25.175.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1961210921&u=8850021585378831&v=2257823670592212&s=4933104522656773&b=web&tv=4.0&z=0&h=%2F&d=app.staging.vanta.com&t=STAGING%20Vanta&ts=1702333520402&st=1702333520404

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.175.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-175-139.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:25:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
305 B 406ms
204ms Fetch
application/json 2600:1f18:24e6:b900:b586:9871:e096:4c1b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.46.0%2Capi%3Afetch%2Cenv%3Astaging%2Cservice%3Aweb-client%2Cversion%3A802968d895b9b268a1602ac3cba80560c222a826&dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin-version=4.46.0&dd-evp-origin=browser&dd-request-id=2a581d10-b561-429c-b7b9-786b9fe435f7&batch_time=1702333520486

Requested by

Host: static.staging.vanta.com
URL: https://static.staging.vanta.com/static/index.f9ab2a0a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:b586:9871:e096:4c1b Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

76a7fd5f4d69fe87407f4a07ebde3ef5c51958db367c80ed36fb312c1fa45759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.staging.vanta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 11 Dec 2023 22:25:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

POST
H2 200 graphql Show response
app.staging.vanta.com/ 23 B
500 B 94ms
94ms Fetch
application/json 35.172.75.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.staging.vanta.com/graphql?operation=getUserLogin

Requested by

Host: static.staging.vanta.com
URL: https://static.staging.vanta.com/static/index.f9ab2a0a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.172.75.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-172-75-111.compute-1.amazonaws.com

Software

Resource Hash

6bbaeca3971834b646b6ac5ef10a82be7f6fccb409950f00d40206db70fe329f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
accept-language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
x-datadog-sampling-priority: 1
content-type: application/json
accept: */*
Referer: https://app.staging.vanta.com/login?continue=https%3A%2F%2Fapp.staging.vanta.com%2F
apollographql-client-version: d4f9c4
x-datadog-parent-id: 6470969451197253972
x-datadog-trace-id: 4077202192469739857
graphql-schema-version: d4f9c4

Response headers

date: Mon, 11 Dec 2023 22:25:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
uuid: 2b51e640-9874-11ee-8793-89123b76e19c
content-length: 23
x-xss-protection: 0
referrer-policy: same-origin
etag: W/"17-3u7w0oqvZTJFDVUjVePifsLb5k0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.staging.vanta.com
x-download-options: noopen
access-control-allow-credentials: true
x-robots-tag: noindex

POST
H2 202 replay Show response
session-replay.browser-intake-datadoghq.com/api/v2/ 53 B
305 B 384ms
179ms Fetch
application/json 2600:1f18:24e6:b901:a641:958d:b1f1:5d3f
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.46.0%2Capi%3Afetch%2Cenv%3Astaging%2Cservice%3Aweb-client%2Cversion%3A802968d895b9b268a1602ac3cba80560c222a826&dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin-version=4.46.0&dd-evp-origin=browser&dd-request-id=636c0f60-1af6-42d2-9ae6-3e4e1f5e6a76

Requested by

Host: static.staging.vanta.com
URL: https://static.staging.vanta.com/static/index.f9ab2a0a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:a641:958d:b1f1:5d3f Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e98795d6a390399badf398164a034f1bffc6befaf5e9691cd1d3a133406785a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.staging.vanta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryjQnIldtatrm8CXI1

Response headers

date: Mon, 11 Dec 2023 22:25:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 188ms
93ms Image
image/gif 100.25.175.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1961210921&u=8850021585378831&v=6422453430533115&s=4933104522656773&b=web&tv=4.0&z=2&h=%2Flogin&q=%3Fcontinue%3Dhttps%253A%252F%252Fapp.staging.vanta.com%252F&d=app.staging.vanta.com&t=STAGING%20Vanta&ts=1702333520503&pr=%2F&sp=z&sp=0&sp=ts&sp=1702333520402&sp=d&sp=app.staging.vanta.com&sp=h&sp=%2F&sp=t&sp=STAGING%20Vanta&st=1702333520503

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.175.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-175-139.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Dec 2023 22:25:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H3 200 login-bg.739c3507.png
static.staging.vanta.com/static/ 147 KB
149 KB 46ms
46ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.staging.vanta.com/static/login-bg.739c3507.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6cf50663ee1130f5bd005ef4569175e096afb8f8ec037abce21a5dcea49e8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.staging.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:25:20 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 150990
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "2c3f5c35f6491fe91af16525ac0776e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3h8tf0G91NVK7uKN7igfGIKsWyGT%2BcS%2FeIMbZ%2Bmg5NiqGOpZ3ExE25TitfSXCcEaaCT3HXaoOija92meBZAwxJViVu2lnD1Lt5%2FjOkjpkUScBPRXzmUH3xcSzlusQUQWg%2B3sWn4HNlO8PDIWDwrokR2qoEQVCc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 83412497fe9f6ff3-CDG

GET
H2 200 L0x8DFMnlVwD4h3hu_qn.woff2
fonts.gstatic.com/s/domine/v20/ 27 KB
28 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/domine/v20/L0x8DFMnlVwD4h3hu_qn.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Domine:wght@400;600&family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ca7a2bf57b8f60a37d94646e7e67ffda591d8816c58a054d8ff1cc4103ba902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.staging.vanta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 14:09:20 GMT
x-content-type-options: nosniff
age: 29760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28060
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 14:09:20 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Domine:wght@400;600&family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.staging.vanta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:28:22 GMT
x-content-type-options: nosniff
age: 280618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 16:28:22 GMT

GET
H3 200 fa-solid-900.b42d2f37.woff2
static.staging.vanta.com/static/ 318 KB
320 KB 1424ms
1111ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staging.vanta.com/static/fa-solid-900.b42d2f37.woff2

Requested by

Host: static.staging.vanta.com
URL: https://static.staging.vanta.com/static/index.eacbb1dd.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4ce23501f658a336323bd90b52746e73e0ddca6be18651594d169b263db5410

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.staging.vanta.com/static/index.eacbb1dd.css
Origin: https://app.staging.vanta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:25:21 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 325592
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "fe9f0be7aa9c07747ec8302c87649404"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpUdwsPB%2F89eMUtdxGJgNLKY%2FyqkVzZx1qVct4qZNM4FPxBnxqnPl7%2F9CyuE%2B5z%2F6RTQgh%2F2%2FFeclxIjitIMeAHJwez5AFNdNliUzPAuZxBoIsN4FiNmYsXFtP%2F2KdTRbDkWxuixn4vEpNWuwwFi6SNGaAZDF%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8341249a588efac6-SJC

GET
H3 200 fa-regular-400.f00b51d7.woff2
static.staging.vanta.com/static/ 388 KB
390 KB 500ms
188ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.staging.vanta.com/static/fa-regular-400.f00b51d7.woff2

Requested by

Host: static.staging.vanta.com
URL: https://static.staging.vanta.com/static/index.ded7c140.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.staging.vanta.com/static/index.ded7c140.css
Origin: https://app.staging.vanta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:25:21 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 397196
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "360b3ff42fc66112960a975a4ed00125"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Femp%2FMFFp3GLFfHCpzyb9l6ynN65XRUH1jUmtfh1QY%2B2W5ThGn2AHe5XZowOiH8lzcaiNoyQxew1aUok0SLngbbneqVru97XoVrZzFFXSp94c4Dra%2FhUtyWlX9aKFZvtzC7dwF1c6oiLMnto7C9hbKPBQuXrKLs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8341249a588cfac6-SJC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vanta.com/	1970-01-21 02:20:11	Name: _hp2_id.1961210921 Value: %7B%22userId%22%3A%228850021585378831%22%2C%22pageviewId%22%3A%226422453430533115%22%2C%22sessionId%22%3A%224933104522656773%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.vanta.com/	1970-01-20 16:52:15	Name: _hp2_ses_props.1961210921 Value: %7B%22ts%22%3A1702333520402%2C%22d%22%3A%22app.staging.vanta.com%22%2C%22h%22%3A%22%2F%22%7D
app.staging.vanta.com/	1970-01-20 16:52:14	Name: _dd_s Value: logs=1&id=5c85e4cb-3da7-4e0b-9bc9-f0e2c8aa8888&created=1702333520099&expire=1702334420101&rum=1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://app.staging.vanta.com/ Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js' because it violates the following Content Security Policy directive: "script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-jrtdbQt61jRorjTJY9mMexgvk49WgJUZqobhkwj9kdk=' 'sha256-kvvcQGCroCRRo4vofSEMCFLlhl4CTJf7jRh5qd+k9do=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:staging%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.staging.vanta.com
cdn.heapanalytics.com
csp-report.browser-intake-datadoghq.com
fast.trychameleon.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
rum.browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com
static.cloudflareinsights.com
static.staging.vanta.com
static.cloudflareinsights.com
100.25.175.139
151.101.130.137
18.239.69.16
2600:1f18:24e6:b900:b586:9871:e096:4c1b
2600:1f18:24e6:b901:a641:958d:b1f1:5d3f
2600:1f18:24e6:b902:c108:ff4e:a7bb:c586
2a00:1450:4001:813::2003
2a00:1450:4001:831::200a
2a06:98c1:3120::3
35.172.75.111
169137726ee7b69483833afe08f9801bfee882d76da24eddb4224df43d9ee902
2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b
331215b2d754c35f93a1868c74124b059095b34b1b49625c9bf149a0e8a19518
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
48e5fba56b7359456ce757a7f8c1143d191ddd245785556f0d903fd26ce2e6b8
4ca7a2bf57b8f60a37d94646e7e67ffda591d8816c58a054d8ff1cc4103ba902
5424f91899429ed5e7ac231e75e53ce9af5117809dc8f9775bfeaf11e9b19c28
66d92b2b6b4a659a501d58b1824731e4a745c7fca2fa635069019c903246a5ce
677e4be0fc2fdbad6485158c8228e26da01ead0f0ee351856b3acfc3dc0687f5
6bbaeca3971834b646b6ac5ef10a82be7f6fccb409950f00d40206db70fe329f
76a7fd5f4d69fe87407f4a07ebde3ef5c51958db367c80ed36fb312c1fa45759
7e944c43bdec0ec8fd281bf66c3fe64892e3e4c36704de5c4323471ec9736325
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
990151cb10e0ca555e02f771cfdcd347522fbff5a89de93bf8043b3c99d6f03c
a4ce23501f658a336323bd90b52746e73e0ddca6be18651594d169b263db5410
a8cff5af4be77e694fc14c165da9fdf9afd33b8062a0f5d94b0c3f0dc7dca9f9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c01280f9576bb2b4345371612a26e18c5e98882b0c87609ee4ef80d5dc1fadc6
c7682fb89236766d039f9c72f89dca916ef0003a9c43eba22ca9704194c15115
c9b3a8501bc542787e5538c6302f2542ef905a8f34accef2023380a73d2f9b20
caf80cb134d99356b98f4f97ec1c3826b735f6d02a0cd7063540303ddd3c329a
d9bc2391abb0e14534cbcfee3862c75266ed014a916fe44bb0961bc2f09ae05a
db41be94475de846469c88dd0564b282947a4fbe31a6c3539ebe31caca5c7f6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98795d6a390399badf398164a034f1bffc6befaf5e9691cd1d3a133406785a9
ef42f4aa8f0b88e6d1cf013c7b79133dc4e036a011a70a25fb3113d7685520f0
f9327d937d1509b81a8edbc35d464ed07ed3c1e8aa9ac66705fd4748295ba164
fb6cf50663ee1130f5bd005ef4569175e096afb8f8ec037abce21a5dcea49e8f

app.staging.vanta.com Open in urlscan Pro 35.172.75.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

90 %HTTPS

60 %IPv6

7 Domains

11 Subdomains

11 IPs

2 Countries

7638 kBTransfer

31218 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.staging.vanta.com Open in urlscan Pro
35.172.75.111 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

90 %
HTTPS

60 %
IPv6

7
Domains

11
Subdomains

11
IPs

2
Countries

7638 kB
Transfer

31218 kB
Size

3
Cookies

30 HTTP transactions
0 data transactions