urlscan.io logo urlscan.io
SecurityTrails logo

customer-staging.afterprime.eu Open in urlscan Pro
34.36.205.90  Public Scan

Go To Rescan Add Verdict Report
URL: https://customer-staging.afterprime.eu/
Submission: On August 27 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 48 HTTP transactions. The main IP is 34.36.205.90, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is customer-staging.afterprime.eu.
TLS certificate: Issued by GTS CA 1D4 on August 27th 2023. Valid for: 3 months.
This is the only time customer-staging.afterprime.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 34.36.205.90 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.1.91 54113 (FASTLY)
5 95.216.72.81 24940 (HETZNER-AS)
2 2620:1ec:46::44 8075 (MICROSOFT...)
1 1 18.205.222.128 14618 (AMAZON-AES)
5 2600:9000:237... 16509 (AMAZON-02)
1 162.55.95.216 24940 (HETZNER-AS)
3 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 52.152.143.207 8075 (MICROSOFT...)
4 65.21.140.182 24940 (HETZNER-AS)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 157.90.70.117 24940 (HETZNER-AS)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
48 16
15    34.36.205.90 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.205.36.34.bc.googleusercontent.com
customer-staging.afterprime.eu
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.1.91 (United States)

ASN54113 (FASTLY, US)
static.woopra.com
5    95.216.72.81 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.81.72.216.95.clients.your-server.de
widget.helpcrunch.com
2    2620:1ec:46::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    18.205.222.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-222-128.compute-1.amazonaws.com
www.bugherd.com
5    2600:9000:237d:aa00:9:2c88:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)
sidebar.bugherd.com
1    162.55.95.216 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.216.95.55.162.clients.your-server.de
www.woopra.com
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
4    65.21.140.182 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.182.140.21.65.clients.your-server.de
afterprime.helpcrunch.com
1    2a02:26f0:3500:11::215:14df (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ucarecdn.com
1    157.90.70.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.70.90.157.clients.your-server.de
helpcrunch.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
15 afterprime.eu
customer-staging.afterprime.eu
2 MB
10 helpcrunch.com
widget.helpcrunch.com — Cisco Umbrella Rank: 105273
afterprime.helpcrunch.com
helpcrunch.com — Cisco Umbrella Rank: 55854
386 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 891
o.clarity.ms — Cisco Umbrella Rank: 8184
c.clarity.ms — Cisco Umbrella Rank: 1512
27 KB
6 bugherd.com
www.bugherd.com — Cisco Umbrella Rank: 18338
sidebar.bugherd.com — Cisco Umbrella Rank: 24167
22 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2412
335 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
2 KB
2 woopra.com
static.woopra.com — Cisco Umbrella Rank: 51011
www.woopra.com — Cisco Umbrella Rank: 40391
13 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
157 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
762 B
1 ucarecdn.com
ucarecdn.com — Cisco Umbrella Rank: 16843
6 KB
1 gstatic.com
www.gstatic.com
183 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
48 12
Domain Requested by
15 customer-staging.afterprime.eu customer-staging.afterprime.eu
5 sidebar.bugherd.com customer-staging.afterprime.eu
www.bugherd.com
sidebar.bugherd.com
5 widget.helpcrunch.com customer-staging.afterprime.eu
widget.helpcrunch.com
4 afterprime.helpcrunch.com widget.helpcrunch.com
3 o.clarity.ms www.clarity.ms
3 region1.google-analytics.com www.googletagmanager.com
2 c.clarity.ms 1 redirects
2 fonts.googleapis.com widget.helpcrunch.com
client
2 www.clarity.ms customer-staging.afterprime.eu
www.clarity.ms
2 www.googletagmanager.com customer-staging.afterprime.eu
www.googletagmanager.com
1 c.bing.com 1 redirects
1 helpcrunch.com customer-staging.afterprime.eu
1 ucarecdn.com customer-staging.afterprime.eu
1 www.woopra.com static.woopra.com
1 www.bugherd.com 1 redirects
1 static.woopra.com customer-staging.afterprime.eu
1 www.gstatic.com www.google.com
1 www.google.com customer-staging.afterprime.eu
48 18

This site contains links to these domains. Also see Links.

Domain
app.afterprime.com
afterprime.com
Subject Issuer Validity Valid
customer-staging.afterprime.eu
GTS CA 1D4		 2023-08-27 -
2023-11-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
static.woopra.com
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
*.helpcrunch.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-25 -
2024-05-30		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
www.woopra.com
R3		 2023-08-05 -
2023-11-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
sidebar.bugherd.com
Amazon RSA 2048 M02		 2023-06-01 -
2024-06-30		 a year crt.sh
cps3.ucarecdn.com
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://customer-staging.afterprime.eu/
Frame ID: 67B9D0C2A0C8B7314073A4821282B96D
Requests: 32 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
Frame ID: 88DB8BA7A972BF2424C9D83AD70528EE
Requests: 10 HTTP requests in this frame

Frame: https://sidebar.bugherd.com/sidebar/embed_html?apikey=kgb2xxvtgyjefg7ykgl5dw
Frame ID: 76E0066475BB3BFB8427276EF153459D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Afterprime Client Portal

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • static\.woopra\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

48
Requests

96 %
HTTPS

50 %
IPv6

12
Domains

18
Subdomains

16
IPs

4
Countries

2828 kB
Transfer

4786 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.bugherd.com/sidebarv2.js?apikey=kgb2xxvtgyjefg7ykgl5dw HTTP 302
  • https://sidebar.bugherd.com/embed.js?apikey=kgb2xxvtgyjefg7ykgl5dw
Request Chain 42
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D31CBD07A1F44F0396DDE1EAD785F143&RedC=c.clarity.ms&MXFR=36B2682DB8736EC902AF7B57BC736006 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D31CBD07A1F44F0396DDE1EAD785F143&MUID=2AC04C9029356759115F5FEA289966A0

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
customer-staging.afterprime.eu/ 		2 KB
1019 B 		Document
General
Check archive.org
Download Go to
Full URL
https://customer-staging.afterprime.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
491320a6fd1bcb10f474e042e000a7dc670a9815874e07adba0af7d30cf8250f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-type
text/html
date
Sun, 27 Aug 2023 20:51:36 GMT
etag
W/"64e83201-8cb"
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
vary
Accept-Encoding
via
1.1 google
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c99f08a2b6e9e3db74c882e447e6c2b632d9d596b771aae67c6df600e2a6b771
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
835
x-xss-protection
1; mode=block
expires
Sun, 27 Aug 2023 20:51:36 GMT
index.60981329.js
customer-staging.afterprime.eu/assets/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customer-staging.afterprime.eu/assets/index.60981329.js
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
3e5ca27415856df118279693ec20287a33440738df0b29b4ea6f79a68d84b26f

Request headers

Referer
https://customer-staging.afterprime.eu/
Origin
https://customer-staging.afterprime.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
etag
W/"64e83201-acb9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vendor.4ed8094e.js
customer-staging.afterprime.eu/assets/ 		730 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customer-staging.afterprime.eu/assets/vendor.4ed8094e.js
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
be6533646d2128809d6c05b994f40943b6d34f3226769517620842708b7c9a1d

Request headers

Referer
https://customer-staging.afterprime.eu/
Origin
https://customer-staging.afterprime.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
etag
W/"64e83201-b6609"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
index.a6f3522a.css
customer-staging.afterprime.eu/assets/ 		44 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://customer-staging.afterprime.eu/assets/index.a6f3522a.css
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9bc495c77ee9f9d5a36d1dbc76752bdd5b8a3883055797443e3a211a6ded8ba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
etag
W/"64e83201-ae13"
vary
Accept-Encoding
content-type
text/css
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
recaptcha__de.js
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 		454 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://customer-staging.afterprime.eu/
Origin
https://customer-staging.afterprime.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 12:46:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186637
x-xss-protection
0
last-modified
Mon, 21 Aug 2023 02:02:34 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 26 Aug 2024 12:46:31 GMT
bg-light-dashboard.png
customer-staging.afterprime.eu/images/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://customer-staging.afterprime.eu/images/bg-light-dashboard.png
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
bf93baf11535ba02176f2bfeb7a9616f0d9a66e1cd5088f7991c613ff6f31353

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:51 GMT
server
Google Frontend
etag
"64e831ff-19d4e8"
content-type
image/png
x-cloud-trace-context
61cdcaa4fc60523b94b4a3633295362b
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1692904
gtm.js
www.googletagmanager.com/ 		218 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MPVX3X3
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/assets/index.60981329.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
91886a9a26d042214edd9332057ca31bfeeadc7a40272dd38d111805b5225eda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76791
x-xss-protection
0
last-modified
Sun, 27 Aug 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 27 Aug 2023 20:51:36 GMT
w.js
static.woopra.com/js/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.woopra.com/js/w.js
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/assets/index.60981329.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.1.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.2.15 (Red Hat) /
Resource Hash
b6193714f26d0151aba02d310cd70e91059988161bcbb53bd78c4a9489006bf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
48238
x-cache
HIT, HIT
content-length
12937
x-served-by
cache-iad-kjyo7100087-IAD, cache-fra-etou8220105-FRA
last-modified
Fri, 24 Mar 2023 01:00:33 GMT
server
Apache/2.2.15 (Red Hat)
x-timer
S1693169497.892270,VS0,VE0
etag
"21dbc-9471-5f79aeba10565"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-cache-hits
821, 351
version.txt
customer-staging.afterprime.eu/ 		17 B
34 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://customer-staging.afterprime.eu/version.txt
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/assets/index.60981329.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
0b750a96b9a30a5c6bee2e5c01a74f0bff8e7229b9dab8c5a01975db02bd350f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
etag
"64e83201-11"
content-type
text/plain
x-cloud-trace-context
a5c44bffa62b97b8950f117d6b044c02
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17
/
widget.helpcrunch.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.helpcrunch.com/
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/assets/index.60981329.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.72.81 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.72.216.95.clients.your-server.de
Software
nginx /
Resource Hash
24135a9f88f6ea7f3aec5386447248688caea31cb8c5e513e854becb9f6e522c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Sun, 27 Aug 2023 20:51:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 09:13:24 GMT
Server
nginx
ETag
W/"64a685b4-24ec"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=1, no-cache
Connection
keep-alive
Expires
Sun, 27 Aug 2023 20:51:38 GMT
index.a1df2de9.js
customer-staging.afterprime.eu/assets/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customer-staging.afterprime.eu/assets/index.a1df2de9.js
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/assets/index.60981329.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e7ceb0493c77db31988916b2f350b1f8161e5052b700e89b176a8f0851dff048

Request headers

Referer
Origin
https://customer-staging.afterprime.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
etag
W/"64e83201-acd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
index.3bd29f43.js
customer-staging.afterprime.eu/assets/ 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customer-staging.afterprime.eu/assets/index.3bd29f43.js
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/assets/index.60981329.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
d79ca60a67e222ba0223f7fa83b708ca77473826171eeb08a0ecc35515324ebc

Request headers

Referer
Origin
https://customer-staging.afterprime.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
etag
W/"64e83201-10275"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
AuthLayout.03fc8d43.js
customer-staging.afterprime.eu/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://customer-staging.afterprime.eu/assets/AuthLayout.03fc8d43.js
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/assets/index.60981329.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
d5325a20afd492eed0030d5578b1068094376100c0a6bedefaa4608849e6a32d

Request headers

Referer
Origin
https://customer-staging.afterprime.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
etag
W/"64e83201-8fe"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Checkbox.5629e03a.js
customer-staging.afterprime.eu/assets/ 		1 KB
788 B 		Script
General
Check archive.org
Download Go to
Full URL
https://customer-staging.afterprime.eu/assets/Checkbox.5629e03a.js
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/assets/index.60981329.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
78709e4b56009f94d64228fa639e7cfbdc1b5e300b7d6244beee04e333858e20

Request headers

Referer
Origin
https://customer-staging.afterprime.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
etag
W/"64e83201-51c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Eina02-Medium.009bf236.woff2
customer-staging.afterprime.eu/assets/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://customer-staging.afterprime.eu/assets/Eina02-Medium.009bf236.woff2
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/assets/index.a6f3522a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
009bf23689cdb327b7324034431fd8738c1c64a59bf57525e185d580ad66610e

Request headers

Referer
https://customer-staging.afterprime.eu/assets/index.a6f3522a.css
Origin
https://customer-staging.afterprime.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
etag
"64e83201-8540"
content-type
font/woff2
x-cloud-trace-context
17803be7c2f8b8914de0c8483b9803ca
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34112
Eina02-Light.802f35b5.woff2
customer-staging.afterprime.eu/assets/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://customer-staging.afterprime.eu/assets/Eina02-Light.802f35b5.woff2
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/assets/index.a6f3522a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
802f35b5cd3b027af7a543a19501a902e4f407b8f872a74523a15ffcff76dd7f

Request headers

Referer
https://customer-staging.afterprime.eu/assets/index.a6f3522a.css
Origin
https://customer-staging.afterprime.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
etag
"64e83201-8978"
content-type
font/woff2
x-cloud-trace-context
3b17551c20aaedbe9a0067805683cc12
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35192
logo-title.f89d8d05.svg
customer-staging.afterprime.eu/assets/ 		48 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://customer-staging.afterprime.eu/assets/logo-title.f89d8d05.svg
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
f89d8d0573a1fdc18af1d572667fa3fb6b6d12add964e92f3d7ebf1c62090dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
content-encoding
gzip
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
etag
W/"64e83201-c19e"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
lock.5682f813.png
customer-staging.afterprime.eu/assets/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://customer-staging.afterprime.eu/assets/lock.5682f813.png
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5682f81309ba0caa2b6c5a2eb90f67fa0870fa8f05d0b94f708603ad7dfb979c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
etag
"64e83201-41da"
content-type
image/png
x-cloud-trace-context
ad16c043a7f698c52361a3b3235734b5
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16858
Eina02-Thin.05eef4e8.woff2
customer-staging.afterprime.eu/assets/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://customer-staging.afterprime.eu/assets/Eina02-Thin.05eef4e8.woff2
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/assets/index.a6f3522a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.36.205.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
90.205.36.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
05eef4e84a9273c91c30cbe1638b73ba613777489173458b5b5081f3cd1c8204

Request headers

Referer
https://customer-staging.afterprime.eu/assets/index.a6f3522a.css
Origin
https://customer-staging.afterprime.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
via
1.1 google
last-modified
Fri, 25 Aug 2023 04:45:53 GMT
server
Google Frontend
etag
"64e83201-84a0"
content-type
font/woff2
x-cloud-trace-context
5634476b9c3ab986b6c032f255c26d1b
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33952
dj5y4y6g9z
www.clarity.ms/tag/ 		1023 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/dj5y4y6g9z?ref=gtm2
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e76bb7558687d0fc8ca80528eb9e58cc8fc2b1f12e53b8a651f1e0a5bda3ebe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires
-1
date
Sun, 27 Aug 2023 20:51:37 GMT
x-azure-ref
20230827T205137Z-7q69w4ydrh1r90vzrttkg8d9u8000000029g00000002p3vf
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1023
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
embed.js
sidebar.bugherd.com/
Redirect Chain
  • https://www.bugherd.com/sidebarv2.js?apikey=kgb2xxvtgyjefg7ykgl5dw
  • https://sidebar.bugherd.com/embed.js?apikey=kgb2xxvtgyjefg7ykgl5dw
17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sidebar.bugherd.com/embed.js?apikey=kgb2xxvtgyjefg7ykgl5dw
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/login
Protocol
H2
Server
2600:9000:237d:aa00:9:2c88:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
637d691a0ae9a6bc57cc212b5776bf7d26d7cb47c972ab6feba6817bb9b82b91
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:18 GMT
access-control-request-method
*
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
via
1.1 vegur, 1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
19
x-cache
Hit from cloudfront
p3p
CP="NOI ADM DEV COM NAV OUR STP"
x-xss-protection
1; mode=block
x-request-id
674383ba-de7b-43cf-b387-054d817cc7e9
x-runtime
0.003168
referrer-policy
origin
server
Cowboy
etag
W/"201e2cf321b00de6dad495ff86d72d23"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT, OPTIONS, GET, DELETE, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
http://sidebar.bugherd.com
cache-control
max-age=600, public, min-age=0
access-control-allow-credentials
true
access-control-max-age
1728000
access-control-allow-headers
x-csrf-token, Content-Type, X-Pusher-Socket-ID
vary
Accept-Encoding
x-amz-cf-id
_JJynrBmmESMwxzJkUKyE8D5cgTY2iZpW8Jhg5bi_zz3cppNjxaBrw==

Redirect headers

Date
Sun, 27 Aug 2023 20:51:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=0; includeSubDomains
Via
1.1 vegur
X-Permitted-Cross-Domain-Policies
none
P3p
CP="NOI ADM DEV COM NAV OUR STP"
Connection
close
X-Xss-Protection
1; mode=block
X-Request-Id
e76a99f5-f882-4fb9-8ac4-a3aa4236cf91
X-Runtime
0.008364
Referrer-Policy
origin
Server
Cowboy
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Location
https://sidebar.bugherd.com/embed.js?apikey=kgb2xxvtgyjefg7ykgl5dw
Cache-Control
no-cache
js
www.googletagmanager.com/gtag/ 		236 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HEY7V85S14&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPVX3X3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0062586145a849088a53d4838f0e10fa3fee9ba47d349709bda01e48b2f9daa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83562
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 27 Aug 2023 20:51:36 GMT
/
www.woopra.com/track/ce/ 		67 B
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.woopra.com/track/ce/?project=afterprime.com&instance=woopra&meta=&screen=1600x1200&language=en-US&app=js-client&referer=&cookie=49taFkYqnOOq&event=login&timeout=600000&idptnc=BcggCAzJjAL5
Requested by
Host: static.woopra.com
URL: https://static.woopra.com/js/w.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.95.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.216.95.55.162.clients.your-server.de
Software
/
Resource Hash
3e99b129ea61e1f4763a0010353b8b9421c810d6dcf7d85fac4908e78051ec4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 27 Aug 2023 20:51:37 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
67
content-type
text/javascript; charset=utf-8
collect
region1.google-analytics.com/g/ 		0
264 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HEY7V85S14&gtm=45je38n0&_p=661113811&cid=3932111.1693169497&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693169497&sct=1&seg=0&dl=https%3A%2F%2Fcustomer-staging.afterprime.eu%2Flogin&dt=Afterprime%20Client%20Portal&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HEY7V85S14&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 20:51:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://customer-staging.afterprime.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.10/ 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.10/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dj5y4y6g9z?ref=gtm2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:37 GMT
content-encoding
br
last-modified
Thu, 24 Aug 2023 11:35:03 GMT
etag
W/"0x8DBA49628800261"
vary
Accept-Encoding
x-azure-ref
20230827T205137Z-7q69w4ydrh1r90vzrttkg8d9u8000000029g00000002p3wg
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
cf15c723-d01e-006a-3083-d6f6f3000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
css2
fonts.googleapis.com/ Frame 88DB 		29 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap
Requested by
Host: widget.helpcrunch.com
URL: https://widget.helpcrunch.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
61eeaf3752ec4a775d833ab1ffe79787a750f59cb9c2933aad9cc276a36eb5fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 27 Aug 2023 20:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 27 Aug 2023 20:14:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Aug 2023 20:51:37 GMT
sdk-code._dbadwyv0k.js
widget.helpcrunch.com/ Frame 88DB 		726 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.helpcrunch.com/sdk-code._dbadwyv0k.js
Requested by
Host: widget.helpcrunch.com
URL: https://widget.helpcrunch.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.72.81 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.72.216.95.clients.your-server.de
Software
nginx /
Resource Hash
3082530aa8465770932bf83679abd2a6791220609f43e10937d5e3b6b739699a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Sun, 27 Aug 2023 20:51:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 09:13:24 GMT
Server
nginx
ETag
W/"64a685b4-b59f5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HEY7V85S14&gtm=45je38n0&_p=661113811&cid=3932111.1693169497&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=2&sid=1693169497&sct=1&seg=1&dl=https%3A%2F%2Fcustomer-staging.afterprime.eu%2Flogin&dt=Afterprime%20Client%20Portal&en=page_view&_et=6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HEY7V85S14&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 20:51:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://customer-staging.afterprime.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
o.clarity.ms/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://customer-staging.afterprime.eu/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://customer-staging.afterprime.eu
Date
Sun, 27 Aug 2023 20:51:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
2
afterprime.helpcrunch.com/api/v2/applications/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://afterprime.helpcrunch.com/api/v2/applications/2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.21.140.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.182.140.21.65.clients.your-server.de
Software
nginx / PHP/7.3.33
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
GET
Origin
https://customer-staging.afterprime.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AUTHORIZATION,CONTENT-TYPE
access-control-allow-methods
DELETE, GET, POST, PUT, PATCH
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
no-cache, private
content-encoding
gzip
content-security-policy
frame-ancestors 'none';
content-type
text/html; charset=UTF-8
date
Sun, 27 Aug 2023 20:51:37 GMT
server
nginx
vary
Accept-Encoding Accept-Encoding
x-powered-by
PHP/7.3.33
x-request-id
64ebb759a011c
893.js
widget.helpcrunch.com/ Frame 88DB 		0
92 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://widget.helpcrunch.com/893.js
Requested by
Host: widget.helpcrunch.com
URL: https://widget.helpcrunch.com/sdk-code._dbadwyv0k.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.72.81 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.72.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Sun, 27 Aug 2023 20:51:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 09:13:24 GMT
Server
nginx
ETag
W/"64a685b4-a0cd8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
widget-window.chunk.d8d1b2e42f06601e5144.js
widget.helpcrunch.com/ Frame 88DB 		0
30 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://widget.helpcrunch.com/widget-window.chunk.d8d1b2e42f06601e5144.js
Requested by
Host: widget.helpcrunch.com
URL: https://widget.helpcrunch.com/sdk-code._dbadwyv0k.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.72.81 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.72.216.95.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Sun, 27 Aug 2023 20:51:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 09:13:24 GMT
Server
nginx
ETag
W/"64a685b4-23b35"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
2
afterprime.helpcrunch.com/api/v2/applications/ Frame 88DB 		238 KB
44 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://afterprime.helpcrunch.com/api/v2/applications/2
Requested by
Host: widget.helpcrunch.com
URL: https://widget.helpcrunch.com/sdk-code._dbadwyv0k.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.21.140.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.182.140.21.65.clients.your-server.de
Software
nginx / PHP/7.3.33
Resource Hash
90baf3005eaac08cac46a3ff648ce916c055e1b3db3ffc99cadf7dcc494a3fe8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
Authorization
Bearer product="2" secret="undefined"
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 27 Aug 2023 20:51:37 GMT
content-security-policy
frame-ancestors 'none';
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.3.33
vary
Accept-Encoding, Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
cache-control
no-cache, private
access-control-allow-credentials
true
x-request-id
64ebb759c2242
embed_html
sidebar.bugherd.com/sidebar/ Frame 76E0 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sidebar.bugherd.com/sidebar/embed_html?apikey=kgb2xxvtgyjefg7ykgl5dw
Requested by
Host: www.bugherd.com
URL: https://www.bugherd.com/sidebarv2.js?apikey=kgb2xxvtgyjefg7ykgl5dw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:aa00:9:2c88:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
68a803391d6144a554e5185b21bffaa5da7b411269748908cd2d461eaea50a74
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://customer-staging.afterprime.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-csrf-token, Content-Type, X-Pusher-Socket-ID
access-control-allow-methods
PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin
http://sidebar.bugherd.com
access-control-max-age
1728000
access-control-request-method
*
cache-control
max-age=600, public, min-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 27 Aug 2023 20:51:37 GMT
etag
W/"ae2c5ff86eb7c76a0ba0a953f429029b"
p3p
CP="NOI ADM DEV COM NAV OUR STP"
referrer-policy
origin
server
Cowboy
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
via
1.1 vegur, 1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
x-amz-cf-id
WCqGBJkMfqU0mlVOSSAXeFBdJLVcW5dIvvBq5G_prruQ68NFLWdjxA==
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
81d722ca-cd61-4cd2-8933-2f24b6ecf99f
x-runtime
0.002925
x-xss-protection
1; mode=block
time
afterprime.helpcrunch.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://afterprime.helpcrunch.com/time
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.21.140.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.182.140.21.65.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://customer-staging.afterprime.eu
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
AUTHORIZATION,CONTENT-TYPE
access-control-allow-methods
DELETE, GET, POST, PUT, PATCH
access-control-allow-origin
*
access-control-max-age
1728000
content-length
32 0
content-type
application/octet-stream
date
Sun, 27 Aug 2023 20:51:37 GMT
server
nginx
locale_en-IE.js
widget.helpcrunch.com/locales/ Frame 88DB 		1 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.helpcrunch.com/locales/locale_en-IE.js
Requested by
Host: widget.helpcrunch.com
URL: https://widget.helpcrunch.com/sdk-code._dbadwyv0k.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.216.72.81 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.72.216.95.clients.your-server.de
Software
nginx /
Resource Hash
1cecd67f70c498896970e77d4f23a157ad94a15c25ed3c8a5d23cae88967dfb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Sun, 27 Aug 2023 20:51:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 09:13:24 GMT
Server
nginx
ETag
W/"64a685b4-433"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ Frame 88DB 		2 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 27 Aug 2023 20:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 27 Aug 2023 20:07:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Aug 2023 20:51:37 GMT
time
afterprime.helpcrunch.com/ Frame 88DB 		32 B
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://afterprime.helpcrunch.com/time
Requested by
Host: widget.helpcrunch.com
URL: https://widget.helpcrunch.com/sdk-code._dbadwyv0k.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.21.140.182 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.182.140.21.65.clients.your-server.de
Software
nginx /
Resource Hash
9eb6a63ad2a02e9b9307aecb92ca588bba2f151f0e1fd9f2ca4f9a74a3a6bc08

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 27 Aug 2023 20:51:37 GMT
access-control-allow-credentials
true
server
nginx
content-length
32
content-type
application/octet-stream
/
ucarecdn.com/d9dcc479-28e9-46fc-9fb1-a21a8d6c283d/-/scale_crop/120x120/center/ Frame 88DB 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucarecdn.com/d9dcc479-28e9-46fc-9fb1-a21a8d6c283d/-/scale_crop/120x120/center/
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14df Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
1bdbf5610d62c35c750f05f4ac1a61c00779a2dcf7f5dd7921fb84b3f24cae66

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:38 GMT
x-image-width
120
server
Uploadcare
etag
"5cd073f89764f78f4f5e162c782f9578"
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=18962663
content-disposition
inline
x-image-height
120
x-robots-tag
noindex, nofollow, nosnippet, noarchive
content-length
5651
HelveticaNeueCyr-Bold.woff
helpcrunch.com/fonts/widget/ Frame 88DB 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://helpcrunch.com/fonts/widget/HelveticaNeueCyr-Bold.woff
Requested by
Host: customer-staging.afterprime.eu
URL: https://customer-staging.afterprime.eu/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.70.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.70.90.157.clients.your-server.de
Software
nginx /
Resource Hash
38c66f7802111e2fdd81e481a77df1c97694e46e784a1eae0a4ebd813035412c

Request headers

Referer
Origin
https://customer-staging.afterprime.eu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:38 GMT
last-modified
Tue, 22 Aug 2023 15:07:08 GMT
server
nginx
etag
"64e4cf1c-3968"
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=30758400
accept-ranges
bytes
content-length
14696
expires
Sat, 17 Aug 2024 20:51:38 GMT
bh_logo_short-1d6af89eca7e694074a6e0bd9201111a89f1683346b813c99cd5b395cf7d7e23.png
sidebar.bugherd.com/assets/ Frame 76E0 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sidebar.bugherd.com/assets/bh_logo_short-1d6af89eca7e694074a6e0bd9201111a89f1683346b813c99cd5b395cf7d7e23.png
Requested by
Host: sidebar.bugherd.com
URL: https://sidebar.bugherd.com/sidebar/embed_html?apikey=kgb2xxvtgyjefg7ykgl5dw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:aa00:9:2c88:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
1d6af89eca7e694074a6e0bd9201111a89f1683346b813c99cd5b395cf7d7e23
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sidebar.bugherd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:38 GMT
via
1.1 vegur, 1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
strict-transport-security
max-age=0; includeSubDomains
last-modified
Tue, 16 May 2023 03:43:09 GMT
server
Cowboy
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
content-length
2267
x-amz-cf-id
4FNirYZL2crUcB22T05TQp_LyRdcTZUGjUPgGii7DNqkEfngl70xyw==
embed.js
sidebar.bugherd.com/ Frame 76E0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sidebar.bugherd.com/embed.js?apikey=kgb2xxvtgyjefg7ykgl5dw
Requested by
Host: sidebar.bugherd.com
URL: https://sidebar.bugherd.com/sidebar/embed_html?apikey=kgb2xxvtgyjefg7ykgl5dw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:aa00:9:2c88:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
637d691a0ae9a6bc57cc212b5776bf7d26d7cb47c972ab6feba6817bb9b82b91
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sidebar.bugherd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 20:51:18 GMT
access-control-request-method
*
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
via
1.1 vegur, 1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
19
x-cache
Hit from cloudfront
p3p
CP="NOI ADM DEV COM NAV OUR STP"
x-xss-protection
1; mode=block
x-request-id
674383ba-de7b-43cf-b387-054d817cc7e9
x-runtime
0.003168
referrer-policy
origin
server
Cowboy
etag
W/"201e2cf321b00de6dad495ff86d72d23"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT, OPTIONS, GET, DELETE, POST
content-type
text/javascript; charset=utf-8
access-control-allow-origin
http://sidebar.bugherd.com
cache-control
max-age=600, public, min-age=0
access-control-allow-credentials
true
access-control-max-age
1728000
access-control-allow-headers
x-csrf-token, Content-Type, X-Pusher-Socket-ID
vary
Accept-Encoding
x-amz-cf-id
xw-RLPTePGNiUpHJE4Ye9Cb2g9ILjZ3J5Q7vAEUB_3V5b9FchwFWEg==
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D31CBD07A1F44F0396DDE1EAD785F143&RedC=c.clarity.ms&MXFR=36B2682DB8736EC902AF7B57BC736006
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D31CBD07A1F44F0396DDE1EAD785F143&MUID=2AC04C9029356759115F5FEA289966A0
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D31CBD07A1F44F0396DDE1EAD785F143&MUID=2AC04C9029356759115F5FEA289966A0
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 20:51:38 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
server
Microsoft-IIS/10.0
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 27 Aug 2023 20:51:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DB37698A7E42400C8BAEF314796BC690 Ref B: FRA31EDGE0117 Ref C: 2023-08-27T20:51:38Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D31CBD07A1F44F0396DDE1EAD785F143&MUID=2AC04C9029356759115F5FEA289966A0
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
resources
sidebar.bugherd.com/sidebar/ Frame 76E0 		1022 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sidebar.bugherd.com/sidebar/resources?apikey=kgb2xxvtgyjefg7ykgl5dw
Requested by
Host: sidebar.bugherd.com
URL: https://sidebar.bugherd.com/embed.js?apikey=kgb2xxvtgyjefg7ykgl5dw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:aa00:9:2c88:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
70704268b71a4c90aa357689fe12368d84b50c4ac963549398bd3ca97c540f0c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sidebar.bugherd.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 27 Aug 2023 20:51:38 GMT
access-control-request-method
*
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
via
1.1 vegur, 1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
p3p
CP="NOI ADM DEV COM NAV OUR STP"
x-xss-protection
1; mode=block
x-request-id
d942ca6a-b13f-419a-a992-2a65c5f02561
x-runtime
0.007921
referrer-policy
origin
server
Cowboy
etag
W/"aea38ac29e424e7dacc576a04a540985"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT, OPTIONS, GET, DELETE, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
http://sidebar.bugherd.com
cache-control
no-cache
access-control-allow-credentials
true
access-control-max-age
1728000
access-control-allow-headers
x-csrf-token, Content-Type, X-Pusher-Socket-ID
vary
Accept-Encoding
x-amz-cf-id
NRnuL4CRhzWYxmJD4pbYFb5pfBh9cOMN_I--9W32Xz2KzZxTjzChBQ==
collect
o.clarity.ms/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://customer-staging.afterprime.eu/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://customer-staging.afterprime.eu
Date
Sun, 27 Aug 2023 20:51:38 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
collect
o.clarity.ms/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://customer-staging.afterprime.eu/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://customer-staging.afterprime.eu
Date
Sun, 27 Aug 2023 20:51:40 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HEY7V85S14&gtm=45je38n0&_p=661113811&cid=3932111.1693169497&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1693169497&sct=1&seg=1&dl=https%3A%2F%2Fcustomer-staging.afterprime.eu%2Flogin&dt=Afterprime%20Client%20Portal&en=Clarity&_ee=1&ep.eventCategory=Clarity&ep.eventAction=1rkm64z&ep.nonInteraction=true&ep.claritydimension=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fdj5y4y6g9z%2Fkrreyb%2F1rkm64z&_et=194
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HEY7V85S14&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://customer-staging.afterprime.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 20:51:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://customer-staging.afterprime.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dataLayer function| HelpCrunch function| loadHelpCrunchScript object| UtmForm object| __woo object| woopra object| recaptcha object| google_tag_manager object| google_tag_data function| WoopraTracker function| WoopraLoadScript object| woopraTracker function| clarity object| BugHerdConfig function| onYouTubeIframeAPIReady object| gaGlobal function| helpcrunchDebug function| gtag undefined| _bugHerd_sidebar2021

24 Cookies

Domain/Path Name / Value
widget.helpcrunch.com/locales Name: helpcrunch-widget
Value: samesite
customer-staging.afterprime.eu/ Name: _gpfx_referrer
Value:
customer-staging.afterprime.eu/ Name: _gpfx_last_referrer
Value:
customer-staging.afterprime.eu/ Name: _gpfx_initial_landing_page
Value: https%3A//customer-staging.afterprime.eu/
customer-staging.afterprime.eu/ Name: _gpfx_current_session
Value: true
customer-staging.afterprime.eu/ Name: _gpfx_visits
Value: 1
.customer-staging.afterprime.eu/ Name: wooTracker
Value: 49taFkYqnOOq
.afterprime.eu/ Name: _gcl_au
Value: 1.1.624503543.1693169497
.afterprime.eu/ Name: _ga
Value: GA1.1.3932111.1693169497
www.clarity.ms/ Name: CLID
Value: c5551ab43779493ea0d8af4974c3befc.20230827.20240826
.afterprime.eu/ Name: _clck
Value: krreyb|2|fei|0|1334
.afterprime.eu/ Name: _ga_HEY7V85S14
Value: GS1.1.1693169497.1.1.1693169497.0.0.0
widget.helpcrunch.com/ Name: helpcrunch-widget
Value: samesite
.afterprime.eu/ Name: device-source
Value: https://customer-staging.afterprime.eu/login
.afterprime.eu/ Name: device-referrer
Value:
.afterprime.eu/ Name: _clsk
Value: 1rkm64z|1693169497713|1|1|o.clarity.ms/collect
.bing.com/ Name: MUID
Value: 2AC04C9029356759115F5FEA289966A0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2AC04C9029356759115F5FEA289966A0
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2AC04C9029356759115F5FEA289966A0
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.bugherd.com/ Name: _bugherd_session5
Value: DZKH5kNklENLf4kMAZDd%2FZbQ2KQrFjF%2Bd%2FS6JwMgMpAujT%2Bd%2FEwQGIwlYLhc%2BmnRWkwCjKErkjXtzG%2BlenrsEcrsLn59Ib7pGOfbbqw86VwBx9ilyCNJETiAFPUtdYgdoEvj55tqo7Gxh2%2BhJ4x5atZxxCiVjNC83zcbYC7DlZ%2FT%2B5zkHWCLRYpYHBSfASkQiHsGvpAwcCKb--Mtono3XeTq539oT3--NmmEo0l0STBXIwexEg2oRw%3D%3D

1 Console Messages

Source Level URL
Text
network error URL: https://widget.helpcrunch.com/sdk-code._dbadwyv0k.js(Line 1)
Message:
WebSocket connection to 'wss://afterprime.helpcrunch.com/socket.io/?EIO=3&transport=websocket' failed: Error during WebSocket handshake: Unexpected response code: 204

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afterprime.helpcrunch.com
c.bing.com
c.clarity.ms
customer-staging.afterprime.eu
fonts.googleapis.com
helpcrunch.com
o.clarity.ms
region1.google-analytics.com
sidebar.bugherd.com
static.woopra.com
ucarecdn.com
widget.helpcrunch.com
www.bugherd.com
www.clarity.ms
www.google.com
www.googletagmanager.com
www.gstatic.com
www.woopra.com
151.101.1.91
157.90.70.117
162.55.95.216
18.205.222.128
2001:4860:4802:32::36
2600:9000:237d:aa00:9:2c88:9400:93a1
2620:1ec:46::44
2620:1ec:c11::200
2a00:1450:4001:80e::2008
2a00:1450:4001:828::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a02:26f0:3500:11::215:14df
34.36.205.90
52.152.143.207
65.21.140.182
68.219.88.97
95.216.72.81
0062586145a849088a53d4838f0e10fa3fee9ba47d349709bda01e48b2f9daa0
009bf23689cdb327b7324034431fd8738c1c64a59bf57525e185d580ad66610e
05eef4e84a9273c91c30cbe1638b73ba613777489173458b5b5081f3cd1c8204
0b750a96b9a30a5c6bee2e5c01a74f0bff8e7229b9dab8c5a01975db02bd350f
0e76bb7558687d0fc8ca80528eb9e58cc8fc2b1f12e53b8a651f1e0a5bda3ebe
1bdbf5610d62c35c750f05f4ac1a61c00779a2dcf7f5dd7921fb84b3f24cae66
1cecd67f70c498896970e77d4f23a157ad94a15c25ed3c8a5d23cae88967dfb4
1d6af89eca7e694074a6e0bd9201111a89f1683346b813c99cd5b395cf7d7e23
24135a9f88f6ea7f3aec5386447248688caea31cb8c5e513e854becb9f6e522c
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
3082530aa8465770932bf83679abd2a6791220609f43e10937d5e3b6b739699a
38c66f7802111e2fdd81e481a77df1c97694e46e784a1eae0a4ebd813035412c
3e5ca27415856df118279693ec20287a33440738df0b29b4ea6f79a68d84b26f
3e99b129ea61e1f4763a0010353b8b9421c810d6dcf7d85fac4908e78051ec4d
491320a6fd1bcb10f474e042e000a7dc670a9815874e07adba0af7d30cf8250f
5682f81309ba0caa2b6c5a2eb90f67fa0870fa8f05d0b94f708603ad7dfb979c
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
61eeaf3752ec4a775d833ab1ffe79787a750f59cb9c2933aad9cc276a36eb5fb
637d691a0ae9a6bc57cc212b5776bf7d26d7cb47c972ab6feba6817bb9b82b91
68a803391d6144a554e5185b21bffaa5da7b411269748908cd2d461eaea50a74
70704268b71a4c90aa357689fe12368d84b50c4ac963549398bd3ca97c540f0c
78709e4b56009f94d64228fa639e7cfbdc1b5e300b7d6244beee04e333858e20
802f35b5cd3b027af7a543a19501a902e4f407b8f872a74523a15ffcff76dd7f
90baf3005eaac08cac46a3ff648ce916c055e1b3db3ffc99cadf7dcc494a3fe8
91886a9a26d042214edd9332057ca31bfeeadc7a40272dd38d111805b5225eda
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bc495c77ee9f9d5a36d1dbc76752bdd5b8a3883055797443e3a211a6ded8ba3
9eb6a63ad2a02e9b9307aecb92ca588bba2f151f0e1fd9f2ca4f9a74a3a6bc08
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
b6193714f26d0151aba02d310cd70e91059988161bcbb53bd78c4a9489006bf1
be6533646d2128809d6c05b994f40943b6d34f3226769517620842708b7c9a1d
bf93baf11535ba02176f2bfeb7a9616f0d9a66e1cd5088f7991c613ff6f31353
c99f08a2b6e9e3db74c882e447e6c2b632d9d596b771aae67c6df600e2a6b771
d5325a20afd492eed0030d5578b1068094376100c0a6bedefaa4608849e6a32d
d79ca60a67e222ba0223f7fa83b708ca77473826171eeb08a0ecc35515324ebc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ceb0493c77db31988916b2f350b1f8161e5052b700e89b176a8f0851dff048
f89d8d0573a1fdc18af1d572667fa3fb6b6d12add964e92f3d7ebf1c62090dee