urlscan.io logo urlscan.io
SecurityTrails logo

app.staging.creditglory.com Open in urlscan Pro
159.89.91.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://staging.creditglory.com/
Effective URL: https://app.staging.creditglory.com/admins/sign_in
Submission: On April 29 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 159.89.91.183, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is app.staging.creditglory.com.
TLS certificate: Issued by R3 on April 29th 2022. Valid for: 3 months.
This is the only time app.staging.creditglory.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 159.89.91.183 14061 (DIGITALOC...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 35.188.42.15 396982 (GOOGLE-CL...)
12 5
Apex Domain
Subdomains		 Transfer
8 creditglory.com
staging.creditglory.com
app.staging.creditglory.com
513 KB
2 sentry.io
sentry.io — Cisco Umbrella Rank: 331
1 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 309
54 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 804
10 KB
12 4
Domain Requested by
7 app.staging.creditglory.com app.staging.creditglory.com
2 sentry.io maps.googleapis.com
app.staging.creditglory.com
1 maps.googleapis.com app.staging.creditglory.com
maps.googleapis.com
1 use.fontawesome.com app.staging.creditglory.com
1 staging.creditglory.com 1 redirects
12 5

This site contains no links.

Subject Issuer Validity Valid
app.staging.creditglory.com
R3		 2022-04-29 -
2022-07-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2020-06-02 -
2022-06-07		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://app.staging.creditglory.com/admins/sign_in
Frame ID: 9E90846FC5869168AF129CCD24DCE4BE
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Credit Glory

Page URL History Show full URLs

  1. https://staging.creditglory.com/ HTTP 302
    https://app.staging.creditglory.com/admins/sign_in Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

12
Requests

92 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

576 kB
Transfer

2098 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://staging.creditglory.com/ HTTP 302
    https://app.staging.creditglory.com/admins/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
app.staging.creditglory.com/admins/
Redirect Chain
  • https://staging.creditglory.com/
  • https://app.staging.creditglory.com/admins/sign_in
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.staging.creditglory.com/admins/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.91.183 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69d37e71a5a9d0a2a0a808cad8f0b8e437a2d31033c1945032fb7157d1a9dee7
Security Headers
Name Value
Content-Security-Policy default-src *; child-src 'self' https://creditglory.s3.amazonaws.com https://creditglory-test.s3.amazonaws.com https://creditglory-development.s3.amazonaws.com https://creditglory-staging.s3.amazonaws.com https://*.creditglory.com https://www.smartcredit.com *.freshchat.com; connect-src 'self' *.freshchat.com https://*.authorize.net api.zippopotam.us https://*.google-analytics.com https://*.google.com https://*.doubleclick.net https://gtm.creditglory.com; font-src * data: 'unsafe-inline'; frame-ancestors 'self' https://flex.twilio.com https://crm.creditglory.com; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.freshchat.com https: data:; style-src * 'unsafe-inline'; report-uri https://sentry.io/api/5219874/security/?sentry_key=5f2c764011ab45028a283129bd9bc6a8
Strict-Transport-Security max-age=631138519 max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM flex.twilio.com
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-security-policy
default-src *; child-src 'self' https://creditglory.s3.amazonaws.com https://creditglory-test.s3.amazonaws.com https://creditglory-development.s3.amazonaws.com https://creditglory-staging.s3.amazonaws.com https://*.creditglory.com https://www.smartcredit.com *.freshchat.com; connect-src 'self' *.freshchat.com https://*.authorize.net api.zippopotam.us https://*.google-analytics.com https://*.google.com https://*.doubleclick.net https://gtm.creditglory.com; font-src * data: 'unsafe-inline'; frame-ancestors 'self' https://flex.twilio.com https://crm.creditglory.com; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.freshchat.com https: data:; style-src * 'unsafe-inline'; report-uri https://sentry.io/api/5219874/security/?sentry_key=5f2c764011ab45028a283129bd9bc6a8
content-type
text/html; charset=utf-8
date
Fri, 29 Apr 2022 15:03:14 GMT
etag
W/"69d37e71a5a9d0a2a0a808cad8f0b8e4"
server
nginx/1.18.0 (Ubuntu)
strict-transport-security
max-age=631138519 max-age=15768000
vary
Origin
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
ALLOW-FROM flex.twilio.com
x-permitted-cross-domain-policies
none
x-request-id
578257dd-785a-4a27-9823-f78061496b1a
x-runtime
0.140258
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-security-policy
default-src *; child-src 'self' https://creditglory.s3.amazonaws.com https://creditglory-test.s3.amazonaws.com https://creditglory-development.s3.amazonaws.com https://creditglory-staging.s3.amazonaws.com https://*.creditglory.com https://www.smartcredit.com *.freshchat.com; connect-src 'self' *.freshchat.com https://*.authorize.net api.zippopotam.us https://*.google-analytics.com https://*.google.com https://*.doubleclick.net https://gtm.creditglory.com; font-src * data: 'unsafe-inline'; frame-ancestors 'self' https://flex.twilio.com https://crm.creditglory.com; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.freshchat.com https: data:; style-src * 'unsafe-inline'; report-uri https://sentry.io/api/5219874/security/?sentry_key=5f2c764011ab45028a283129bd9bc6a8
content-type
text/html; charset=utf-8
date
Fri, 29 Apr 2022 15:03:14 GMT
location
https://app.staging.creditglory.com/admins/sign_in
server
nginx/1.18.0 (Ubuntu)
strict-transport-security
max-age=631138519 max-age=15768000
vary
Origin
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
ALLOW-FROM flex.twilio.com
x-permitted-cross-domain-policies
none
x-request-id
2e4a0e98-8fbe-4796-823f-b0f7b4c98800
x-runtime
0.009406
x-xss-protection
1; mode=block
runtime-b2a8cec4eecb02825364.js
app.staging.creditglory.com/packs/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.staging.creditglory.com/packs/js/runtime-b2a8cec4eecb02825364.js
Requested by
Host: app.staging.creditglory.com
URL: https://app.staging.creditglory.com/admins/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.91.183 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4646ec4c5c8b55dff422634b538ea29f55c1235403bb235dcb1a5e2dda1b4612
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.staging.creditglory.com/admins/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 15:03:14 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 08:19:25 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"626b9f8d-363"
strict-transport-security
max-age=15768000
content-type
application/javascript
cache-control
max-age=315360000
content-length
867
expires
Thu, 31 Dec 2037 23:55:55 GMT
954-c3cb74375022bfa56a33.js
app.staging.creditglory.com/packs/js/ 		273 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.staging.creditglory.com/packs/js/954-c3cb74375022bfa56a33.js
Requested by
Host: app.staging.creditglory.com
URL: https://app.staging.creditglory.com/admins/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.91.183 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
460c414eadd2a3c395b98ccea8e9bfa17bc44d330ad75e2dd5fe542ae103f313
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.staging.creditglory.com/admins/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 15:03:14 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 08:19:25 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"626b9f8d-13f57"
strict-transport-security
max-age=15768000
content-type
application/javascript
cache-control
max-age=315360000
content-length
81751
expires
Thu, 31 Dec 2037 23:55:55 GMT
142-ec5523716385cd018d82.js
app.staging.creditglory.com/packs/js/ 		240 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.staging.creditglory.com/packs/js/142-ec5523716385cd018d82.js
Requested by
Host: app.staging.creditglory.com
URL: https://app.staging.creditglory.com/admins/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.91.183 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7d9fafd9c258486db444243060559ea75ccadcd3fa737505d22311eb4289f682
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.staging.creditglory.com/admins/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 15:03:15 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 08:19:25 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"626b9f8d-dc96"
strict-transport-security
max-age=15768000
content-type
application/javascript
cache-control
max-age=315360000
content-length
56470
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-784ccfad19f10f7c06aa.js
app.staging.creditglory.com/packs/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.staging.creditglory.com/packs/js/application-784ccfad19f10f7c06aa.js
Requested by
Host: app.staging.creditglory.com
URL: https://app.staging.creditglory.com/admins/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.91.183 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0b66dc08bee9f328fd02ce216c3ddd49d9fd2eaf8a65b2b132f1f6eb510ffd4c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.staging.creditglory.com/admins/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 15:03:15 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 08:19:25 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"626b9f8d-e6a"
strict-transport-security
max-age=15768000
content-type
application/javascript
cache-control
max-age=315360000
content-length
3690
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-a77cdb961fcc290138721660bd4b1fd4265309f8a55f3c0ca96c8f6432f04d4f.js
app.staging.creditglory.com/assets/ 		1 MB
316 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.staging.creditglory.com/assets/application-a77cdb961fcc290138721660bd4b1fd4265309f8a55f3c0ca96c8f6432f04d4f.js
Requested by
Host: app.staging.creditglory.com
URL: https://app.staging.creditglory.com/admins/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.91.183 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e7ab885fa1d9b4a1f710ab7f2babd63d6710df633c67fbd0ca2ceefd79a25a20
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.staging.creditglory.com/admins/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 15:03:14 GMT
content-encoding
gzip
last-modified
Mon, 04 Apr 2022 17:47:01 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"624b2f15-4ed40"
strict-transport-security
max-age=15768000
content-type
application/javascript
cache-control
max-age=315360000
content-length
322880
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-cf582c24e773a0afe18a480ca6ef30e987139fd0a223c555af8ed27962e3cec5.css
app.staging.creditglory.com/assets/ 		288 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.staging.creditglory.com/assets/application-cf582c24e773a0afe18a480ca6ef30e987139fd0a223c555af8ed27962e3cec5.css
Requested by
Host: app.staging.creditglory.com
URL: https://app.staging.creditglory.com/admins/sign_in
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.91.183 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5c5d6397dbb6390046618d69a403205f11d09ceaba881d08a35514e60e67075f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.staging.creditglory.com/admins/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 15:03:14 GMT
content-encoding
gzip
last-modified
Thu, 23 Dec 2021 16:57:10 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"61c4aa66-d0f2"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=315360000
content-length
53490
expires
Thu, 31 Dec 2037 23:55:55 GMT
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: app.staging.creditglory.com
URL: https://app.staging.creditglory.com/admins/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer
https://app.staging.creditglory.com/
Origin
https://app.staging.creditglory.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 15:03:15 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
F6T59HM7YSGE0KVW
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
wD+eAjJr3QoJ1yEgCSG9jlCU/vKpNrbSBkJDR6ETxKX+s6cjj6+aJDaT7iAePZQgrJQdVejAJs4=
last-modified
Wed, 30 Jun 2021 15:30:31 GMT
server
cloudflare
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDnljuh7m%2B7aTjb5eKs0p77Wmkb8OCgsLPey5KLk5mb4DEO6Wk%2FTg%2BdekuRa1ZFCLjM7mxReoB7bcggwBBI5FOPcy0EjHV6p2c%2Fm2ZPdXJ6jKLqwAC9yp5bI9IqDyRMCcMDm9IegJSUg%2Fe%2F5pUn1v%2BRL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7038ec5ccbe59bfa-FRA
js
maps.googleapis.com/maps/api/ 		163 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyDyESy9dpJSOG4DeeRQET-SUNayy7IBMRY&libraries=places
Requested by
Host: app.staging.creditglory.com
URL: https://app.staging.creditglory.com/admins/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
a0ce593f2604a7a9c3cc38378a2cf56bdeed504e5219a48079b0ed51b8665b98
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.staging.creditglory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 15:03:14 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54521
x-xss-protection
0
expires
Fri, 29 Apr 2022 15:33:14 GMT
/
sentry.io/api/5219874/security/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/5219874/security/?sentry_key=5f2c764011ab45028a283129bd9bc6a8
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDyESy9dpJSOG4DeeRQET-SUNayy7IBMRY&libraries=places
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.staging.creditglory.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		0
0
/
sentry.io/api/5219874/security/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/5219874/security/?sentry_key=5f2c764011ab45028a283129bd9bc6a8
Requested by
Host: app.staging.creditglory.com
URL: https://app.staging.creditglory.com/admins/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.staging.creditglory.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
maps.googleapis.com
URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| dean_addEvent function| removeEvent function| handleEvent function| fixEvent function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| __guard__ function| __guardMethod__ function| filterTable function| displayAccountHistoryEntryModal function| toggleDisputeItemSelection function| setLetterTemplate function| toggleGlobalDisputeItemSelection function| generateDisputeLetter function| autoSelectPlan function| processDisputeLetterTemplateAutomation function| disputeItemAutomationOn function| disputeItemSelect2AutomationOff function| disputeItemAutomationOff function| disputeDocsAutomationBadgeOff function| autoConnectDocumentToDispute function| preselectedActivePlanSetupId function| debounce function| navigateToCreditReportLink function| stopPropagation boolean| stIsIE number| _timer function| forEach function| _createClass function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded function| setUpMithrilCSRF object| Signup function| $ function| jQuery object| Intercooler function| Popper object| bootstrap function| moment function| Pikaday function| daterangepicker object| ko function| ArticleEditor object| sorttable function| initializeClientSelectize function| updateHiddenClientDocumentFields function| toggleDisputablePersonalInfo function| openCreateDisputeItemModal function| openUpdateDisputeItemModal function| selectDisputableNode function| markDisputedItems function| generateDisputeItems function| updateDisputeItem function| sendPaymentDataToAnet object| ScoreTracker object| CreditReport function| showAllClientNavCreditReports function| editDisputeLetterFile function| createAdditionalFaxNumberField function| createAdditionalAddressField function| updateDisputeLetterFile function| deleteField object| DisputeLetterFileUpload function| searchClients function| useMessageTemplate object| pubsub function| m object| mithrilApp function| Cleave object| ActionCable object| App object| Highcharts object| CreditBureauNames object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$overlayView_OverlayView object| webpackChunkcredit_glory function| clearImmediate function| setImmediate object| regeneratorRuntime function| flatpickr

2 Cookies

Domain/Path Name / Value
staging.creditglory.com/ Name: _credit_glory_session
Value: MXeIdxQeXHdQGTRfv0nluSmNaJoQFOm7M8IFmpwRWfw%2B%2F9p98B6vAhjATvK0YQFqAeWbl%2BU9VtRoLAPgJFfhsU%2Fb0WAfLSzISMcqVt0GSjDagLDFmHiIZ93FPLAetJ%2BgqylWiuxY8iFxZ1gc7fgLPAxdq9LuQyhPUDxnuVhpNRaoqxn9ow3Cid9o6q0m6Pc%2BZBeiKaR%2FoFf2znLX6kZp0xlvUg4toWMH6oacQQrX0GIcUc4CA44ZiWkFYyD4jRs7PlrSwjZRDRzGscEb5Of4P4mN0S8R4X0Z4jaxe0qbdM6yjSgD2AE2v5Kbpg0u8rVXcyC9a75NpEThFq0yj3tCUzvov6aM%2FTTOWWFAsQntQ0pX%2B4NNkPUCIGCaCty%2FEhc6oy2Rg8qi7B%2F%2F--CxQDRrYYuleChaf2--OI88dr00PyUXf6ZzAsMURg%3D%3D
app.staging.creditglory.com/ Name: _credit_glory_session
Value: NpjrINfUPDOgP%2FtCP0F8UkukCCvY%2FPBFzsMmr2sYIa3wX84unXZYdsvDnQvzuqi4mlR74w3eSdXT8tcEfYe7kUvIkJ3kTYMK7y%2F9bIP6a0ydzN5LVMtjPH4Lf7jrq3iK%2BeD7c4mnSiQLJjCjm%2FdXFSi2Tr6QuAzHamed2LlTwT0HK%2BxV7Dmc4g%2FlSTqHT8HYOz32mMarkmXLwrXcW2ogfmK7eUTtGaK4F%2FNDhtD03ZiL6l2CGKuf99zOXekpCFPXkUNRjKwRrZ492rv7BmfAKrdpa%2FsBcPX43LcQUWQ%3D--33Dxea5YcvQb24Co--uGcc5%2FSew9aHG8ioryMLlw%3D%3D

4 Console Messages

Source Level URL
Text
security error URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDyESy9dpJSOG4DeeRQET-SUNayy7IBMRY&libraries=places(Line 337)
Message:
Refused to connect to 'https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true' because it violates the following Content Security Policy directive: "connect-src 'self' *.freshchat.com https://*.authorize.net api.zippopotam.us https://*.google-analytics.com https://*.google.com https://*.doubleclick.net https://gtm.creditglory.com".
security error URL: https://app.staging.creditglory.com/admins/sign_in
Message:
Refused to load media from 'data:audio/mpeg;base64,//OExAAAAAAAAAAAAEluZm8AAAAHAAAABAAAASAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/P39/f39/f39/f39/f39/f39/f39/f39/f3+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/v7+/AAAAAAAAAAAAAAAAAAAAAAAAAAAAJAa/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//MUxAAAAANIAAAAAExBTUUzLjk2LjFV//MUxAsAAANIAAAAAFVVVVVVVVVVVVVV//MUxBYAAANIAAAAAFVVVVVVVVVVVVVV//MUxCEAAANIAAAAAFVVVVVVVVVVVVVV' because it violates the following Content Security Policy directive: "default-src *". Note that 'media-src' was not explicitly set, so 'default-src' is used as a fallback. Note that '*' matches only URLs with network schemes ('http', 'https', 'ws', 'wss'), or URLs whose scheme matches `self`'s scheme. data:' must be added explicitely.
network error URL: https://sentry.io/api/5219874/security/?sentry_key=5f2c764011ab45028a283129bd9bc6a8
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://sentry.io/api/5219874/security/?sentry_key=5f2c764011ab45028a283129bd9bc6a8
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *; child-src 'self' https://creditglory.s3.amazonaws.com https://creditglory-test.s3.amazonaws.com https://creditglory-development.s3.amazonaws.com https://creditglory-staging.s3.amazonaws.com https://*.creditglory.com https://www.smartcredit.com *.freshchat.com; connect-src 'self' *.freshchat.com https://*.authorize.net api.zippopotam.us https://*.google-analytics.com https://*.google.com https://*.doubleclick.net https://gtm.creditglory.com; font-src * data: 'unsafe-inline'; frame-ancestors 'self' https://flex.twilio.com https://crm.creditglory.com; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googletagmanager.com *.freshchat.com https: data:; style-src * 'unsafe-inline'; report-uri https://sentry.io/api/5219874/security/?sentry_key=5f2c764011ab45028a283129bd9bc6a8
Strict-Transport-Security max-age=631138519 max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM flex.twilio.com
X-Xss-Protection 1; mode=block