urlscan.io logo urlscan.io
SecurityTrails logo

api-pentst.supplierassurance.dev Open in urlscan Pro
34.120.169.217  Public Scan

Go To Rescan Add Verdict Report
URL: https://api-pentst.supplierassurance.dev/
Submission: On July 06 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 80 HTTP transactions. The main IP is 34.120.169.217, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is api-pentst.supplierassurance.dev.
TLS certificate: Issued by WR3 on July 5th 2024. Valid for: 3 months.
This is the only time api-pentst.supplierassurance.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

35    34.120.169.217 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.169.120.34.bc.googleusercontent.com
api-pentst.supplierassurance.dev
2    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
amp.azure.net
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
35 supplierassurance.dev
api-pentst.supplierassurance.dev
pentst.supplierassurance.dev Failed
794 KB
2 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1557
1 KB
2 azure.net
amp.azure.net — Cisco Umbrella Rank: 15000
388 KB
1 gstatic.com
www.gstatic.com
212 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 3667
249 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 87
832 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
8 KB
80 7
Domain Requested by
35 api-pentst.supplierassurance.dev api-pentst.supplierassurance.dev
2 www.recaptcha.net api-pentst.supplierassurance.dev
www.gstatic.com
2 amp.azure.net api-pentst.supplierassurance.dev
1 www.gstatic.com www.recaptcha.net
1 ajax.aspnetcdn.com api-pentst.supplierassurance.dev
1 fonts.googleapis.com api-pentst.supplierassurance.dev
1 code.jquery.com api-pentst.supplierassurance.dev
0 pentst.supplierassurance.dev Failed api-pentst.supplierassurance.dev
80 8
Subject Issuer Validity Valid
api-pentst.supplierassurance.dev
WR3		 2024-07-05 -
2024-10-03		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
misc.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://api-pentst.supplierassurance.dev/
Frame ID: F3BBE67FEE74B6166197EA15AA4667A9
Requests: 91 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfA194dAAAAALx2j5kKNqN8W5tAvIjT-60pF_O7&co=aHR0cHM6Ly9hcGktcGVudHN0LnN1cHBsaWVyYXNzdXJhbmNlLmRldjo0NDM.&hl=en-GB&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&sa=submit&cb=2od6xdmwhuje
Frame ID: EB1B32C865C99978225D47D50F822F4E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SUPPLIERASSURANCE

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

80
Requests

54 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

1653 kB
Transfer

3726 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

80 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
api-pentst.supplierassurance.dev/ 		1 MB
209 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api-pentst.supplierassurance.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
fa528b31bf77e415a6f0af32af0791224d750fd810a7c78ff69ef9c74a8da192
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-methods
POST, GET
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate,max-age=0, no-store, no-cache, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sat, 06 Jul 2024 08:11:48 GMT
expect-ct
enforce,max-age=31536000
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer
server
Apache
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
azuremediaplayer.min.css
amp.azure.net/libs/amp/2.3.11/skins/amp-default/ 		50 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amp.azure.net/libs/amp/2.3.11/skins/amp-default/azuremediaplayer.min.css
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE1) / ASP.NET
Resource Hash
53d748cf9d4fd113d4f5dad81b5fb9cc8c1a1e58d2e65876f4dcbff3298ec73f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://api-pentst.supplierassurance.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:48 GMT
content-encoding
gzip
last-modified
Wed, 07 Sep 2022 22:54:30 GMT
server
ECAcc (frc/4CE1)
age
440044
etag
"057cbc9cc3d81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
14378
azuremediaplayer.min.js
amp.azure.net/libs/amp/2.3.11/ 		1 MB
373 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amp.azure.net/libs/amp/2.3.11/azuremediaplayer.min.js
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C90) / ASP.NET
Resource Hash
5fc93229b01ff7568c1306fddd56674a3ca22f302d3c4acf7be74e8d614a4b75

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://api-pentst.supplierassurance.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:48 GMT
content-encoding
gzip
last-modified
Fri, 28 Oct 2022 17:23:15 GMT
server
ECAcc (frc/4C90)
age
441246
etag
"40adbaf6f1ead81:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
382010
jquery-ui.css
code.jquery.com/ui/1.13.2/themes/base/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.13.2/themes/base/jquery-ui.css
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c8c2157918c9fed0bb9dcc56c96b52dc7af70b05ca0228e467eaf91777751ad7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://api-pentst.supplierassurance.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
25451304
x-cache
HIT, HIT
content-length
8356
x-served-by
cache-lga21933-LGA, cache-fra-etou8220132-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1720253509.939886,VS0,VE0
etag
W/"28feccc0-8d03"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
55, 27527
css2
fonts.googleapis.com/ 		1 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jul 2024 08:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 07:02:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jul 2024 08:11:48 GMT
jquery.js
api-pentst.supplierassurance.dev/javascripts/libraries/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-pentst.supplierassurance.dev/javascripts/libraries/jquery.js
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://api-pentst.supplierassurance.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:48 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30361
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Fri, 21 Jun 2024 15:27:47 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"155ec-61b6812d8a2c0-gzip"
expect-ct
enforce,max-age=31536000
vary
Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=10800, private
accept-ranges
bytes
jquery-ui.min.js
ajax.aspnetcdn.com/ajax/jquery.ui/1.13.2/ 		249 KB
249 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.ui/1.13.2/jquery-ui.min.js
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE5) /
Resource Hash
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://api-pentst.supplierassurance.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Jul 2022 20:54:20 GMT
server
ECAcc (frc/4CE5)
age
8915319
etag
"cae017e27a9cd81:0"
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
255084
x-xss-protection
1; mode=block
api.js
www.recaptcha.net/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api.js?hl=en_GB
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6caf8c98b86a58cffdd7a3a1a50c62fffccf7a84de592e3bd64259417769ef09
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 06 Jul 2024 08:11:49 GMT
f2d93c0aa5style.css
pentst.supplierassurance.dev/stylesheets/ 		0
0
f2d93c0aa5components.css
pentst.supplierassurance.dev/stylesheets/ 		0
0
bmw-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/bmw-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
99babd74af5b4a13f42c206d95707e7d3b5a985798e3601ab04106d808bb1159
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:48 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8259
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"2043-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
gwm-group-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/gwm-group-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
bb6852502867e8544800481606466298fcca816d50728623bcef744e11cd1128
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:48 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12826
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"321a-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
volkswagen-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/volkswagen-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
940e58034fe42a4354f290df1278dab4a68deedfc21220be8234718756afd22a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8076
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"1f8c-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
jaguar-land-rover-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/jaguar-land-rover-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
45422f97a99c34410567167faa59bb2f59bdf9b5d999d6ec90a6a5bc2d565cf6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1914
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"77a-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
honda-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/honda-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
bdb83652b7e8ca510ebeadaa303ffea75348cad765c60e465446af38198a5ffa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6871
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"1ad7-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
scania-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/scania-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
3367097f1b968d8f4f87f98d0eda3bbbdc04c1455784abde27c597cf54f34341
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10671
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"29af-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
ford-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/ford-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
63d46a41ebdc615690bf9390365b666a3e6559c8bfd9bf743a0ff6b8e26b0522
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11559
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"2d27-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
mercedes-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/mercedes-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
5b776debee53e490481820241a6aeff46fa94315efc3ebcdbb2c451a1258d521
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12899
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"3263-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
daimler_truck-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/daimler_truck-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
9e8715d3aaf3e48c1c10d672e778e8ca035be67c6713fe63da04314f1d32c903
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5703
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"1647-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
magna-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/magna-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
0e656502510acaac21a37eab75fcfe946ce2b1718ec68364950ab40fcb396642
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6800
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"1a90-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
stellantis-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/stellantis-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
9e38de7cac8d8b7512c0d8962810cf6a1b5d25aae5828e9d9ee2c993b7ac62bf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4138
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"102a-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
continental-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/continental-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
1d0903b0313e1a5ff2d6a582fb6d805d9ea38d8e72f3ebda273f4c5422e23368
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3250
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"cb2-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
antolin-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/antolin-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
2800b572df6584a2e2125ec4a1debce3e89d6528678bbe5b86b66f5cda5eec8b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4763
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"129b-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
gkn-automotive-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/gkn-automotive-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
0da393293142f10489bd623ddd83b8b79d7914ae23f69c7d45bca2e159d002d1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7993
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"1f39-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
knorr-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/knorr-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
10edcb3cfb9b5b346129a6a8e0e91d7dc41a0acbbe1ac8dd3867b9ec3d3822b1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4746
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"128a-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
kongsberg-automotive-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/kongsberg-automotive-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
c122bce26e7c77f369306104f3dac94e4f517e577a01dbaf79c0d08404e7ed29
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11900
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"2e7c-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
schaeffler-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/schaeffler-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
ee61bcc17719972240a9f0e33da5d7b92f24d2d2a3b14f9fb76a103adcba7550
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3046
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"be6-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
pierer-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/pierer-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
1513ce7b876d1cdb8a89e736dd2ea527af324565dcd4c450a2890ffa46ce03a2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7580
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"1d9c-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
lear-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/lear-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
571e97dca9bd7d2c8fa343776bbd7efd57171a1ff35857ece8fb12fff4c91383
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4015
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"faf-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
geely-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/geely-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a678f630ac544a8796296feed1cf0b7505f5511516851fcc9d3b7fbaa6488b72
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2044
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"7fc-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
cargotec-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/cargotec-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
3ebe7ad5a3847d225a94d208e2390c678e7ef449208a8c90ec36a7956b484c38
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6003
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"1773-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
autoneum-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/autoneum-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
0e971b564499ac7b1436a682515d7e36e01d475e1eeb8572a72e54f63f865071
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4351
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"10ff-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
neapco-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/neapco-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
609b6a5f7a9ddf11e92bf1c1d100b1e5c40867416d5ad63c850aa5a33622b435
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17131
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"42eb-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
hexagon-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/hexagon-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
f7b75589633050eb34651c9bcac8fb2226c26ca358a5f84a84582f7d3cd55b48
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9879
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"2697-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
agrati-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/agrati-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a1a6ba1adb7082e9ffc443e54fcc2a8eb06b2214d052ad114f1fb8a05309da3b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9077
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"2375-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
schulte-co-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/schulte-co-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
0e88511a1e6d8acd322d09ce47ee2442b354ffa338d91171119eb1e52379c4e8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14382
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"382e-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
leax-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/leax-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
6468b6506943c1e58d918d187782e6ccc2babefcef848bfb5a06437d32b4efe9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5095
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"13e7-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
standard-metallwerke-logo.png
api-pentst.supplierassurance.dev/images/brand_logos/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/brand_logos/standard-metallwerke-logo.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
c287068f8d42423babe9916b3fc8b1dea21d3bb96860ff3d2b64f6031578e6dc
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21650
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"5492-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
drive_sustainability.png
api-pentst.supplierassurance.dev/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/drive_sustainability.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
c7e42243b99c09b36b2c03560f2965e265433172f7ed83a94b4222ee65e3e799
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7263
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"1c5f-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
completing-the-SAQ.jpg
api-pentst.supplierassurance.dev/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/completing-the-SAQ.jpg
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
9c967712f4e75f06d44e3b05022709ff341c085c2770afd2a636fc4d85ce460d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52243
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 13 Dec 2023 17:37:57 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"cc13-60c67a0ab2740"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/jpeg
cache-control
max-age=10800, private
accept-ranges
bytes
raw-material-rocks.png
api-pentst.supplierassurance.dev/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/raw-material-rocks.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
65d5fa78ec9c4331a48c44d75c5a293e1e8df4dd65ed3a97841f1bc7b24ae938
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14097
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Mon, 04 Dec 2023 14:49:43 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"3711-60bb03a728fc0"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
screens.png
api-pentst.supplierassurance.dev/images/new_home_page/ 		184 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/new_home_page/screens.png
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
7341891ed24266b845e0471f69f22b9289b3bf902fbfa354a22f34ceea76e249
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
188673
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Thu, 30 Sep 2021 16:07:28 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"2e101-5cd38a4a9b000"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/png
cache-control
max-age=10800, private
accept-ranges
bytes
video-thumbnail.jpg
api-pentst.supplierassurance.dev/images/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-pentst.supplierassurance.dev/images/video-thumbnail.jpg
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.169.217 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
217.169.120.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
4ebd347408d60eef7011543777292ce9d9fbbf60fc1567d569148a67df87cdc2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 08:11:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
via
1.1 google
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78397
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Wed, 13 Dec 2023 17:37:57 GMT
server
Apache
cross-origin-opener-policy
same-origin
etag
"1323d-60c67a0ab2740"
expect-ct
enforce,max-age=31536000
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET
content-type
image/jpeg
cache-control
max-age=10800, private
accept-ranges
bytes
19cde074-6c04-4d5d-97d8-12c64a796c6a
https://api-pentst.supplierassurance.dev/ 		13 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://api-pentst.supplierassurance.dev/19cde074-6c04-4d5d-97d8-12c64a796c6a
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2fb6c605d1ef197f9bd7677f5e0c2a37a7a6a66df262ab8044b44540847be6e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
12995
Content-Type
text/javascript
de8968ab-8199-4b59-a744-20e453493e62
https://api-pentst.supplierassurance.dev/ 		963 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://api-pentst.supplierassurance.dev/de8968ab-8199-4b59-a744-20e453493e62
Requested by
Host: api-pentst.supplierassurance.dev
URL: https://api-pentst.supplierassurance.dev/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d013d957c4604dcfe91c2d250c0222c84c01511d3b3d692b264d6328618cd8d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
963
Content-Type
text/javascript
f2d93c0aa5graph.css
pentst.supplierassurance.dev/stylesheets/ 		0
0
main.css
pentst.supplierassurance.dev/stylesheets/ 		0
0
marketing.css
pentst.supplierassurance.dev/stylesheets/ 		0
0
gadgets.js
pentst.supplierassurance.dev/javascripts/ 		0
0
global.js
pentst.supplierassurance.dev/javascripts/ 		0
0
gadgetcontrols.js
pentst.supplierassurance.dev/javascripts/ 		0
0
popup_dialog.js
pentst.supplierassurance.dev/javascripts/ 		0
0
datepicker.js
pentst.supplierassurance.dev/javascripts/ 		0
0
inputs.js
pentst.supplierassurance.dev/javascripts/ 		0
0
tracker.js
pentst.supplierassurance.dev/javascripts/ 		0
0
floating_menu.js
pentst.supplierassurance.dev/javascripts/ 		0
0
carousels.js
pentst.supplierassurance.dev/javascripts/ 		0
0
overlay.js
pentst.supplierassurance.dev/javascripts/ 		0
0
display_toggle.js
pentst.supplierassurance.dev/javascripts/ 		0
0
ajaxhandler.js
pentst.supplierassurance.dev/javascripts/ 		0
0
scroll_watch.js
pentst.supplierassurance.dev/javascripts/ 		0
0
cookies.js
pentst.supplierassurance.dev/javascripts/ 		0
0
search_inputs.js
pentst.supplierassurance.dev/javascripts/ 		0
0
prevent_double_click.js
pentst.supplierassurance.dev/javascripts/ 		0
0
chat-icon.png
pentst.supplierassurance.dev/images/ 		0
0
truncated
/ 		1014 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
582209ef669439f453f97a4ff467414e70c98f954c73070af46c0c3a14f1c873

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		933 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e26e425ff5dba66e4642b7fecc0989487bf23aa039d7aa4f7fa55b6b234f3c75

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		918 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51a141f1634012f673304a7b028ee8ccbeaa406951a400116d1f3ef2ea4aa723

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		968 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6991b8f918ac94d8fe7e373aa3564e79886c2e5d1ed0b66e53ad2772d6342a3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		502 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67564febde504e137af1b00876777dba7479b7f66de957cfc0e85cf08c601bbf

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		408 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8bbf24a6626be08fe17c1b00e58fa5276362d0ec04a828d25a6e1a9c7e5047c9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		462 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b802bd6bdcaf2fb255f226296435c2d9f1559952da3239f0ddb5b0104bbb9571

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		399 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44b9ab5f6b61c05337715c9b5ad7ae0b66e58117e0c8e1427c31c50ca847f6c9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		459 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39daf7ef055c6e880af12ad0047b29b5e52af701ff662470327500306f2653ea

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b324da87c0e25ad1e6ebe32d63b0121b3ba9c7b1f38da94421671c3ef52e6acf

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		462 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c52cf790e50ba2117f6ae70e011df6f0b393dcbc63c116cbc638471d5a7d25ec

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		413 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6bb658241ac1439b08ff67502f608e8d907045df762cdcb1bb3063b9ed8abd4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
file-loading.gif
pentst.supplierassurance.dev/images/skins/sa/ 		0
0
file-loading.gif
pentst.supplierassurance.dev/images/skins/sa/ 		0
0
cn.svg
pentst.supplierassurance.dev/images/maps/flags/4x3/ 		0
0
gb.svg
pentst.supplierassurance.dev/images/maps/flags/4x3/ 		0
0
de.svg
pentst.supplierassurance.dev/images/maps/flags/4x3/ 		0
0
us.svg
pentst.supplierassurance.dev/images/maps/flags/4x3/ 		0
0
es.svg
pentst.supplierassurance.dev/images/maps/flags/4x3/ 		0
0
fr.svg
pentst.supplierassurance.dev/images/maps/flags/4x3/ 		0
0
it.svg
pentst.supplierassurance.dev/images/maps/flags/4x3/ 		0
0
pt.svg
pentst.supplierassurance.dev/images/maps/flags/4x3/ 		0
0
jp.svg
pentst.supplierassurance.dev/images/maps/flags/4x3/ 		0
0
custom_event_handlers.js
pentst.supplierassurance.dev/javascripts/ 		0
0
recaptcha__en_gb.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		534 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en_gb.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?hl=en_GB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf0a39159d2b03cc84f6154230300b56129eba1602d6d1137245e51ae9322ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin
https://api-pentst.supplierassurance.dev
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 06:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216183
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Jul 2025 06:23:12 GMT
anchor
www.recaptcha.net/recaptcha/api2/ Frame EB1B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LfA194dAAAAALx2j5kKNqN8W5tAvIjT-60pF_O7&co=aHR0cHM6Ly9hcGktcGVudHN0LnN1cHBsaWVyYXNzdXJhbmNlLmRldjo0NDM.&hl=en-GB&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&sa=submit&cb=2od6xdmwhuje
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__en_gb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mv_ejLZ4MhfqFn4-Z1c9Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-mv_ejLZ4MhfqFn4-Z1c9Gg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 08:11:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nqc.ico
pentst.supplierassurance.dev/images/styles/nqc/favicon/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/stylesheets/f2d93c0aa5style.css
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/stylesheets/f2d93c0aa5components.css
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/stylesheets/f2d93c0aa5graph.css
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/stylesheets/main.css?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/stylesheets/marketing.css?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/gadgets.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/global.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/gadgetcontrols.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/popup_dialog.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/datepicker.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/inputs.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/tracker.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/floating_menu.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/carousels.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/overlay.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/display_toggle.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/ajaxhandler.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/scroll_watch.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/cookies.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/search_inputs.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/prevent_double_click.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/images/chat-icon.png
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/images/skins/sa/file-loading.gif
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/images/skins/sa/file-loading.gif
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/images/maps/flags/4x3/cn.svg
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/images/maps/flags/4x3/gb.svg
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/images/maps/flags/4x3/de.svg
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/images/maps/flags/4x3/us.svg
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/images/maps/flags/4x3/es.svg
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/images/maps/flags/4x3/fr.svg
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/images/maps/flags/4x3/it.svg
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/images/maps/flags/4x3/pt.svg
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/images/maps/flags/4x3/jp.svg
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/javascripts/custom_event_handlers.js?v=f2d93c0aa5
Domain
pentst.supplierassurance.dev
URL
https://pentst.supplierassurance.dev/images/styles/nqc/favicon/nqc.ico?v=f2d93c0aa5

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| ajaxOnLoad function| ObjectIron function| X2JS object| AzureHtml5JS object| Uint8ArrayUtil function| __extends object| AzureHtml5JSTech undefined| silverlightSSLoaded undefined| onSilverlightError object| UrlRewriter object| AMP object| Dash object| forge object| org function| amp function| videojs object| videojs_hotkeys object| ADSVAST object| vttjs function| VTTRegion function| WebVTT string| user_lang string| show_icon string| hide_icon string| google_cloud_map_id object| amp_videos object| amp_videos_defaults object| map_interface object| all_purposes string| mapping_key function| $ function| jQuery object| dynamicValues function| _0x3c9b function| _0x19a6 object| cookieaccept object| cookiereject object| cookiecustomise function| onSubmit object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_141477

0 Cookies

36 Console Messages

Source Level URL
Text
security error URL: https://api-pentst.supplierassurance.dev/(Line 18)
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/styles/nqc/favicon/nqc.ico?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".
security error URL: https://api-pentst.supplierassurance.dev/(Line 21)
Message:
Refused to load the stylesheet 'https://pentst.supplierassurance.dev/stylesheets/f2d93c0aa5style.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/(Line 22)
Message:
Refused to load the stylesheet 'https://pentst.supplierassurance.dev/stylesheets/f2d93c0aa5components.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/(Line 26)
Message:
Refused to load the stylesheet 'https://pentst.supplierassurance.dev/stylesheets/f2d93c0aa5graph.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/(Line 47)
Message:
Refused to load the stylesheet 'https://pentst.supplierassurance.dev/stylesheets/main.css?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/(Line 48)
Message:
Refused to load the stylesheet 'https://pentst.supplierassurance.dev/stylesheets/marketing.css?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/gadgets.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/global.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/gadgetcontrols.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/popup_dialog.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/datepicker.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/inputs.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/tracker.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/floating_menu.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/carousels.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/overlay.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/display_toggle.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/ajaxhandler.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/scroll_watch.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/cookies.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/search_inputs.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/prevent_double_click.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/(Line 263)
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/chat-icon.png' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".
security error URL: https://api-pentst.supplierassurance.dev/(Line 5317)
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/skins/sa/file-loading.gif' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".
security error URL: https://api-pentst.supplierassurance.dev/(Line 5317)
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/skins/sa/file-loading.gif' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".
security error URL: https://api-pentst.supplierassurance.dev/(Line 5400)
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/maps/flags/4x3/cn.svg' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".
security error URL: https://api-pentst.supplierassurance.dev/(Line 5400)
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/maps/flags/4x3/gb.svg' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".
security error URL: https://api-pentst.supplierassurance.dev/(Line 5400)
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/maps/flags/4x3/de.svg' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".
security error URL: https://api-pentst.supplierassurance.dev/(Line 5400)
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/maps/flags/4x3/us.svg' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".
security error URL: https://api-pentst.supplierassurance.dev/(Line 5400)
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/maps/flags/4x3/es.svg' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".
security error URL: https://api-pentst.supplierassurance.dev/(Line 5400)
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/maps/flags/4x3/fr.svg' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".
security error URL: https://api-pentst.supplierassurance.dev/(Line 5400)
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/maps/flags/4x3/it.svg' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".
security error URL: https://api-pentst.supplierassurance.dev/(Line 5400)
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/maps/flags/4x3/pt.svg' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".
security error URL: https://api-pentst.supplierassurance.dev/(Line 5400)
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/maps/flags/4x3/jp.svg' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the script 'https://pentst.supplierassurance.dev/javascripts/custom_event_handlers.js?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://api-pentst.supplierassurance.dev/
Message:
Refused to load the image 'https://pentst.supplierassurance.dev/images/styles/nqc/favicon/nqc.ico?v=f2d93c0aa5' because it violates the following Content Security Policy directive: "img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' blob: 'unsafe-inline' ajax.aspnetcdn.com nqc-content.azureedge.net *.gstatic.com *.googleapis.com *.supplierassurance.com supplierassurance.com *.tinymce.com *.tiny.cloud *.google-analytics.com *.googletagmanager.com *.azureedge.net *.azure.net www.google.com www.youtube.com *.nqc.com services.nvd.nist.gov checkout.stripe.com d3js.org *.cloudflare.com www.gdacs.org unpkg.com/deck.gl@9.0.0/dist.min.js accounts.google.com www.recaptcha.net assets.calendly.com calendly.com 8x8.vc/vpaas-magic-cookie-2260f21c7717499eb85eeeb427bd35b2/external_api.js 8x8.vc acrobatservices.adobe.com viewlicense.adobe.io code.jquery.com; img-src 'self' data: www.gravatar.com maps.gstatic.com *.tinymce.com *.tiny.cloud www.googletagmanager.com data: blob: *.stripe.com; font-src 'self' amp.azure.net fonts.gstatic.com cdn.tiny.cloud; style-src 'self' 'unsafe-inline' amp.azure.net code.jquery.com fonts.googleapis.com www.gstatic.com accounts.google.com cdn.tiny.cloud cdnjs.cloudflare.com; frame-src 'self' www.recaptcha.net accounts.google.com checkout.stripe.com; connect-src 'self' data: *.nqc.com maps.googleapis.com *.google-analytics.com www.gstatic.com cdn.tiny.cloud checkout.stripe.com *.streaming.media.azure.net; media-src 'self' blob:;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
amp.azure.net
api-pentst.supplierassurance.dev
code.jquery.com
fonts.googleapis.com
pentst.supplierassurance.dev
www.gstatic.com
www.recaptcha.net
pentst.supplierassurance.dev
152.199.19.160
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:829::200a
2a04:4e42:200::649
34.120.169.217
0da393293142f10489bd623ddd83b8b79d7914ae23f69c7d45bca2e159d002d1
0e656502510acaac21a37eab75fcfe946ce2b1718ec68364950ab40fcb396642
0e88511a1e6d8acd322d09ce47ee2442b354ffa338d91171119eb1e52379c4e8
0e971b564499ac7b1436a682515d7e36e01d475e1eeb8572a72e54f63f865071
10edcb3cfb9b5b346129a6a8e0e91d7dc41a0acbbe1ac8dd3867b9ec3d3822b1
1513ce7b876d1cdb8a89e736dd2ea527af324565dcd4c450a2890ffa46ce03a2
1d013d957c4604dcfe91c2d250c0222c84c01511d3b3d692b264d6328618cd8d
1d0903b0313e1a5ff2d6a582fb6d805d9ea38d8e72f3ebda273f4c5422e23368
2800b572df6584a2e2125ec4a1debce3e89d6528678bbe5b86b66f5cda5eec8b
3367097f1b968d8f4f87f98d0eda3bbbdc04c1455784abde27c597cf54f34341
39daf7ef055c6e880af12ad0047b29b5e52af701ff662470327500306f2653ea
3e7501d15c3630e791c8b20392eb9dee31a9f65ce3efdde76cef5c710141ab24
3ebe7ad5a3847d225a94d208e2390c678e7ef449208a8c90ec36a7956b484c38
44b9ab5f6b61c05337715c9b5ad7ae0b66e58117e0c8e1427c31c50ca847f6c9
45422f97a99c34410567167faa59bb2f59bdf9b5d999d6ec90a6a5bc2d565cf6
4ebd347408d60eef7011543777292ce9d9fbbf60fc1567d569148a67df87cdc2
51a141f1634012f673304a7b028ee8ccbeaa406951a400116d1f3ef2ea4aa723
53d748cf9d4fd113d4f5dad81b5fb9cc8c1a1e58d2e65876f4dcbff3298ec73f
571e97dca9bd7d2c8fa343776bbd7efd57171a1ff35857ece8fb12fff4c91383
582209ef669439f453f97a4ff467414e70c98f954c73070af46c0c3a14f1c873
5b776debee53e490481820241a6aeff46fa94315efc3ebcdbb2c451a1258d521
5fc93229b01ff7568c1306fddd56674a3ca22f302d3c4acf7be74e8d614a4b75
609b6a5f7a9ddf11e92bf1c1d100b1e5c40867416d5ad63c850aa5a33622b435
63d46a41ebdc615690bf9390365b666a3e6559c8bfd9bf743a0ff6b8e26b0522
6468b6506943c1e58d918d187782e6ccc2babefcef848bfb5a06437d32b4efe9
65d5fa78ec9c4331a48c44d75c5a293e1e8df4dd65ed3a97841f1bc7b24ae938
67564febde504e137af1b00876777dba7479b7f66de957cfc0e85cf08c601bbf
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
6caf8c98b86a58cffdd7a3a1a50c62fffccf7a84de592e3bd64259417769ef09
7341891ed24266b845e0471f69f22b9289b3bf902fbfa354a22f34ceea76e249
8bbf24a6626be08fe17c1b00e58fa5276362d0ec04a828d25a6e1a9c7e5047c9
940e58034fe42a4354f290df1278dab4a68deedfc21220be8234718756afd22a
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
99babd74af5b4a13f42c206d95707e7d3b5a985798e3601ab04106d808bb1159
9c967712f4e75f06d44e3b05022709ff341c085c2770afd2a636fc4d85ce460d
9e38de7cac8d8b7512c0d8962810cf6a1b5d25aae5828e9d9ee2c993b7ac62bf
9e8715d3aaf3e48c1c10d672e778e8ca035be67c6713fe63da04314f1d32c903
a1a6ba1adb7082e9ffc443e54fcc2a8eb06b2214d052ad114f1fb8a05309da3b
a678f630ac544a8796296feed1cf0b7505f5511516851fcc9d3b7fbaa6488b72
b324da87c0e25ad1e6ebe32d63b0121b3ba9c7b1f38da94421671c3ef52e6acf
b802bd6bdcaf2fb255f226296435c2d9f1559952da3239f0ddb5b0104bbb9571
bb6852502867e8544800481606466298fcca816d50728623bcef744e11cd1128
bdb83652b7e8ca510ebeadaa303ffea75348cad765c60e465446af38198a5ffa
bf0a39159d2b03cc84f6154230300b56129eba1602d6d1137245e51ae9322ba4
c122bce26e7c77f369306104f3dac94e4f517e577a01dbaf79c0d08404e7ed29
c287068f8d42423babe9916b3fc8b1dea21d3bb96860ff3d2b64f6031578e6dc
c52cf790e50ba2117f6ae70e011df6f0b393dcbc63c116cbc638471d5a7d25ec
c6991b8f918ac94d8fe7e373aa3564e79886c2e5d1ed0b66e53ad2772d6342a3
c7e42243b99c09b36b2c03560f2965e265433172f7ed83a94b4222ee65e3e799
c8c2157918c9fed0bb9dcc56c96b52dc7af70b05ca0228e467eaf91777751ad7
e26e425ff5dba66e4642b7fecc0989487bf23aa039d7aa4f7fa55b6b234f3c75
e6bb658241ac1439b08ff67502f608e8d907045df762cdcb1bb3063b9ed8abd4
ee61bcc17719972240a9f0e33da5d7b92f24d2d2a3b14f9fb76a103adcba7550
f2fb6c605d1ef197f9bd7677f5e0c2a37a7a6a66df262ab8044b44540847be6e
f7b75589633050eb34651c9bcac8fb2226c26ca358a5f84a84582f7d3cd55b48
fa528b31bf77e415a6f0af32af0791224d750fd810a7c78ff69ef9c74a8da192