Submitted URL: https://sharesies.page.link/Truscreen-rights-offer
Effective URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Submission: On March 10 via api from US — Scanned from DE

Summary

This website contacted 18 IPs in 4 countries across 17 domains to perform 51 HTTP transactions. The main IP is 2606:4700::6812:1b55, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.sharesies.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 6th 2023. Valid for: a year.
This is the only time app.sharesies.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
18 sharesies.com
app.sharesies.com
rs.sharesies.com
1 MB
5 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1155
m.stripe.com — Cisco Umbrella Rank: 1134
170 KB
4 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1628
api-iam.intercom.io — Cisco Umbrella Rank: 1963
10 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2656
343 B
4 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 3272
897 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
77 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2000
290 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1243
18 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1245
10 KB
1 uriports.com
157qg4dy.uriports.com
457 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
255 B
1 growthbook.io
cdn.growthbook.io — Cisco Umbrella Rank: 8142
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
94 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 788
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
775 B
1 page.link
sharesies.page.link
1 KB
0 google.de Failed
www.google.de Failed
51 17
Domain Requested by
14 app.sharesies.com app.sharesies.com
4 region1.analytics.google.com www.googletagmanager.com
4 sdk.iad-05.braze.com app.sharesies.com
4 rs.sharesies.com app.sharesies.com
3 api-iam.intercom.io js.intercomcdn.com
3 connect.facebook.net app.sharesies.com
connect.facebook.net
3 js.stripe.com app.sharesies.com
js.stripe.com
2 js.intercomcdn.com widget.intercom.io
2 m.stripe.com m.stripe.network
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.redditstatic.com app.sharesies.com
1 widget.intercom.io app.sharesies.com
1 157qg4dy.uriports.com app.sharesies.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 cdn.growthbook.io app.sharesies.com
1 www.googletagmanager.com app.sharesies.com
1 static.cloudflareinsights.com app.sharesies.com
1 fonts.googleapis.com app.sharesies.com
1 sharesies.page.link 1 redirects
0 www.google.de Failed app.sharesies.com
51 20

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-06 -
2024-05-04
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-02-07 -
2024-05-09
3 months crt.sh
cloudflareinsights.com
GTS CA 1P5
2024-03-10 -
2024-06-08
3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-01-08 -
2024-07-06
6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-12-19 -
2024-03-18
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.iad-05.braze.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-07-27 -
2024-08-27
a year crt.sh
cdn.growthbook.io
R3
2024-01-28 -
2024-04-27
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
*.uriports.com
R3
2024-02-18 -
2024-05-18
3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-26 -
2024-05-23
3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03
2024-01-15 -
2025-02-11
a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02
2023-12-01 -
2024-12-29
a year crt.sh

This page contains 4 frames:

Primary Page: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Frame ID: ED2A2EC22C34B21369E52B8488637C91
Requests: 36 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 35F99BCC0E20D949DEA19EC8351CB6DD
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 8C39A37EF426E2FCF9D0F1A46C9353B1
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.f69469bf.js
Frame ID: 13F8147A74D32A808C7B41A1D8D07A54
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Log in - Sharesies

Page URL History Show full URLs

  1. https://sharesies.page.link/Truscreen-rights-offer HTTP 302
    https://app.sharesies.com/learn/articles/truscreen-rights-offer Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

51
Requests

98 %
HTTPS

61 %
IPv6

17
Domains

20
Subdomains

18
IPs

4
Countries

2193 kB
Transfer

7932 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sharesies.page.link/Truscreen-rights-offer HTTP 302
    https://app.sharesies.com/learn/articles/truscreen-rights-offer Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request truscreen-rights-offer
app.sharesies.com/learn/articles/
Redirect Chain
  • https://sharesies.page.link/Truscreen-rights-offer
  • https://app.sharesies.com/learn/articles/truscreen-rights-offer
5 KB
5 KB
Document
General
Full URL
https://app.sharesies.com/learn/articles/truscreen-rights-offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
761a0f931d8ff01d2399d8fe6198bf4f2a5b8474f538e7cf3e6b4334da65fcdb
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache
cf-cache-status
DYNAMIC
cf-ray
86273855fec02c22-FRA
content-encoding
gzip
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
content-type
text/html; charset=utf-8
date
Sun, 10 Mar 2024 23:52:45 GMT
last-modified
Sun, 10 Mar 2024 22:43:38 GMT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
V8aHgRNGREbTV92avtoKy2mm1LqqP8CUrhWe98ZrOAmvQXdDdguAwSiFvUI8FEKL7TMnmZpHVvg=
x-amz-request-id
BCE6GJ0SDVW6EPG0
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
x-frame-options
deny
x-sharesies-router
cf
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport script-src 'report-sample' 'nonce-PJE0orXXTbmo_3OtyM_Rzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist
content-type
application/binary
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Sun, 10 Mar 2024 23:52:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://app.sharesies.com/learn/articles/truscreen-rights-offer
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
icon
fonts.googleapis.com/
569 B
775 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Mar 2024 23:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Mar 2024 23:52:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Mar 2024 23:52:45 GMT
/
js.stripe.com/v3/
605 KB
168 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
78cbe967c1f4e24b0a586fff03fbcd4a98069b27ad23bfe0ef8aef9a9fa22739
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 10 Mar 2024 23:52:45 GMT
via
1.1 varnish
age
6
x-cache
HIT
content-length
171169
x-request-id
1d4c3470-cfc6-4632-acae-b9dd8708a0db
x-served-by
cache-fra-etou8220080-FRA
last-modified
Sat, 09 Mar 2024 03:17:41 GMT
server
Fastly
etag
"0d82e47134264113b6f556b7b393025a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
vendors~app-0d1b32ab51e3ff9b6a57.css
app.sharesies.com/s/css/
76 KB
16 KB
Stylesheet
General
Full URL
https://app.sharesies.com/s/css/vendors~app-0d1b32ab51e3ff9b6a57.css
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
577c7fc4363283f1e22f11d363f90a59e6cd2fa1b4552dd6c2c9ee29ec1b805d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/learn/articles/truscreen-rights-offer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-sharesies-router
cf
date
Sun, 10 Mar 2024 23:52:47 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
x-amz-request-id
JMZ9HT36X89279YP
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
grJl083FLSLFEDRyFotIUwBUypsQl4ZIKs07S8410NMiplx3mjk/ris4cGL5yh4WCfiA/n3Pmds=
x-xss-protection
1; mode=block
last-modified
Sun, 10 Mar 2024 22:43:33 GMT
server
cloudflare
etag
W/"ef5edcce564c35f824837819afffc05c"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/css; charset=utf-8
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
86273863d9d52c22-FRA
app-f1d5032f48aea9d467e9.css
app.sharesies.com/s/css/
430 KB
74 KB
Stylesheet
General
Full URL
https://app.sharesies.com/s/css/app-f1d5032f48aea9d467e9.css
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0c1cd563ce9ad5b22720d8e25c6c9227a1afa7d1e9ae04e060c01cf9fce52e2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/learn/articles/truscreen-rights-offer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-sharesies-router
cf
date
Sun, 10 Mar 2024 23:52:47 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
x-amz-request-id
JMZ1FYSQ7DB7GFYV
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
Q7oaSQVM8hXEeRzzl33Q2+TEiIxpzCN0E6JY9eJue1auv1ugfuOoJ41RA+/3kSJEUMN46d4wEl0=
x-xss-protection
1; mode=block
last-modified
Sun, 10 Mar 2024 22:43:33 GMT
server
cloudflare
etag
W/"1d968f20546b488d35918d9be3dcc2e8"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/css; charset=utf-8
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
86273863d9d62c22-FRA
vendors~app~error-7564440c50700eb037f4.js
app.sharesies.com/s/js/
84 KB
28 KB
Script
General
Full URL
https://app.sharesies.com/s/js/vendors~app~error-7564440c50700eb037f4.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ef60c1fdff21dcb1621139a1243609f619ddff101bdc236c4893e7dfd9b9fb8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/learn/articles/truscreen-rights-offer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-sharesies-router
cf
date
Sun, 10 Mar 2024 23:52:47 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
x-amz-request-id
JMZEH2W97NNW82Q8
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
Ul/2hMITFrX6GlzFLdztGl493G35cjjNu7I3q0Zu/znJQTKLkqf1cnea9xEjEFSF4jNjOF3+FOc=
x-xss-protection
1; mode=block
last-modified
Sun, 10 Mar 2024 22:43:34 GMT
server
cloudflare
etag
W/"a10eb867075794ac3ce4e97c7f8456c0"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
86273863d9d92c22-FRA
error-0b3b6423a3c8243212ba.js
app.sharesies.com/s/js/
8 KB
6 KB
Script
General
Full URL
https://app.sharesies.com/s/js/error-0b3b6423a3c8243212ba.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2743574acc1ee7225cda60b11684aafa84b9092087e2377f25503827cfb8d9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/learn/articles/truscreen-rights-offer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-sharesies-router
cf
date
Sun, 10 Mar 2024 23:52:46 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
x-amz-request-id
JMZ8YR6JAHWH873K
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
Hp7eCBCFspsbSyxZTYVyoDTCeca9AfjMcxOw4BrRom01PEBBkqLiegqootm5moxrCAzvTB+OYzw=
x-xss-protection
1; mode=block
last-modified
Sun, 10 Mar 2024 22:43:34 GMT
server
cloudflare
etag
W/"800df207c6d5585c49bc85536d5cd34f"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
86273863d9da2c22-FRA
vendors~app-0d1b32ab51e3ff9b6a57.js
app.sharesies.com/s/js/
2 MB
594 KB
Script
General
Full URL
https://app.sharesies.com/s/js/vendors~app-0d1b32ab51e3ff9b6a57.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a281383a57fe5413664c09c50aeafee41a1de28533e7d39d515e9bc3fe2e4865
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/learn/articles/truscreen-rights-offer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-sharesies-router
cf
date
Sun, 10 Mar 2024 23:52:46 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
x-amz-request-id
JMZFF9EYQEVMN0SP
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
Z1XUMkXT6/Y1J9w3TDuAA56+GKUAHqA1M3rUz4enPt4PBlBuuZfBSOxi/abQF4PiK/JVdpl3WLI=
x-xss-protection
1; mode=block
last-modified
Sun, 10 Mar 2024 22:43:34 GMT
server
cloudflare
etag
W/"451e59592503b0d1a54a0d57250a102c"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
86273863d9db2c22-FRA
app-f1d5032f48aea9d467e9.js
app.sharesies.com/s/js/
3 MB
672 KB
Script
General
Full URL
https://app.sharesies.com/s/js/app-f1d5032f48aea9d467e9.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86da9da9a2f5d88de1eb033da64c7dc4dc2ecb097d35377f863c84ed2e8e3dd5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/learn/articles/truscreen-rights-offer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-sharesies-router
cf
date
Sun, 10 Mar 2024 23:52:46 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
x-amz-request-id
JMZ349GV8M89Y5Q1
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
1DumtF+dJo1xll4Gkap4puULC1OcibySemlJpdlCIZsXh8pRNYxjGiVvAmbTOFklIRwgjKOxTBw=
x-xss-protection
1; mode=block
last-modified
Sun, 10 Mar 2024 22:43:34 GMT
server
cloudflare
etag
W/"23882a71ecdb29590be68f8b7a198f63"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
86273863d9dd2c22-FRA
fallback-398469e79258640db781.js
app.sharesies.com/s/js/
2 KB
4 KB
Script
General
Full URL
https://app.sharesies.com/s/js/fallback-398469e79258640db781.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6f58bbdd4513b18193d23917c80779c4c1328fa6cf54e01cb24b6ba81bdb4e0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/learn/articles/truscreen-rights-offer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-sharesies-router
cf
date
Sun, 10 Mar 2024 23:52:45 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
211565
x-amz-request-id
BRD2A38MJBTANWAH
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
6ZXns2xZgjtAGhsYxwayS/6fipDceXvl+F/wgNRMjojhzPbVQfDq6DBrJysbiUVBuCcLzLK80m0=
x-xss-protection
1; mode=block
last-modified
Fri, 08 Mar 2024 02:12:16 GMT
server
cloudflare
etag
W/"30aafd71bdc6ba0ae167881dd434421c"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
86273863d9de2c22-FRA
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/
20 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://app.sharesies.com/
Origin
https://app.sharesies.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 23:52:45 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
86273864abdfbbc7-FRA
/
rs.sharesies.com/sourceConfig/ Frame
0
0
Preflight
General
Full URL
https://rs.sharesies.com/sourceConfig/?p=npm&v=2.42.4&writeKey=26RJB2tgq04F90dDrn4cqDgKHn5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://app.sharesies.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-ray
862738761c6c39e0-FRA
content-length
0
date
Sun, 10 Mar 2024 23:52:48 GMT
server
cloudflare
vary
Accept-Encoding
/
rs.sharesies.com/sourceConfig/
2 KB
1 KB
XHR
General
Full URL
https://rs.sharesies.com/sourceConfig/?p=npm&v=2.42.4&writeKey=26RJB2tgq04F90dDrn4cqDgKHn5
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-0d1b32ab51e3ff9b6a57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae4e7ab082362c5bc939f18dc3c6b0229cd08b2e98a1c155ccfc9dda0d1a36fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic MjZSSkIydGdxMDRGOTBkRHJuNGNxRGdLSG41Og==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 23:52:48 GMT
content-encoding
gzip
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
age
82
x-amz-cf-pop
FRA60-P3
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
1ba67dd0-df39-11ee-be6f-35119cda654e
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding,Origin, Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
cf-ray
862738764c8c39e0-FRA
x-amz-cf-id
W5FZP2l5Jl4zCwp0nQ5Z4N36heY_chHYCu_VrBGD5ZsPGx5BYfBdyQ==
12-281fe4802b77d6eddfa1.js
app.sharesies.com/s/js/
8 KB
5 KB
Script
General
Full URL
https://app.sharesies.com/s/js/12-281fe4802b77d6eddfa1.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/app-f1d5032f48aea9d467e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f709a83fcbf95b3fb1081fe5961f083774c8e425aae02141e9d586009b7c06
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/learn/articles/truscreen-rights-offer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-sharesies-router
cf
date
Sun, 10 Mar 2024 23:52:48 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
79077
x-amz-request-id
TB2E3D94DYYVF28M
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
XS1lOyUYFj7G70VY3UugF4mOKM70FLmPRcfTU2LSLk2RNpkI0s+1bY+Tc+sG7ZJY4SDFEmdTNe8=
x-xss-protection
1; mode=block
last-modified
Fri, 08 Mar 2024 02:12:16 GMT
server
cloudflare
etag
W/"cb6fef9fc726e68c8ab038e35ebf12ff"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
862738761e962c22-FRA
pixel.js
www.redditstatic.com/ads/
28 KB
9 KB
Script
General
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-0d1b32ab51e3ff9b6a57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 23:52:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Feb 2024 20:38:48 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"9a680c8c475d8bba600d4d87b4fa7ee5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
8702
check
app.sharesies.com/api/identity/
52 B
336 B
Fetch
General
Full URL
https://app.sharesies.com/api/identity/check?initialisation_check=true
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/app-f1d5032f48aea9d467e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
224aab1317bb73221bfa4d8e714c3a3d54d6b33b66d0623cf665ad4d031daf05
Security Headers
Name Value
Content-Security-Policy default-src 'none'; object-src 'self'; style-src 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

x-known-device-key
46c150d1-1202-4a36-bddd-6d4e7a213742
x-version
25246
x-git-hash
5566c6864d79ce61ac449cc6b4fcdeec844009dc
Referer
https://app.sharesies.com/learn/articles/truscreen-rights-offer
x-api-version
33
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 23:52:49 GMT
content-security-policy
default-src 'none'; object-src 'self'; style-src 'unsafe-inline'
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/json
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
862738767ee32c22-FRA
x-xss-protection
1; mode=block
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
215 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-0d1b32ab51e3ff9b6a57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 10 Mar 2024 23:52:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57348
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
plBLb3VuUZ33pJJQYf4YqZMLUU3jKxNqTbm3n8TGXZnVv1F/YdojjsZ+5Ml0OQh+TBmmne5rhmpljm8dm+pDmg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
284 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TT1S4W5EWQ
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-0d1b32ab51e3ff9b6a57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f3889fc2f6e0a1a342b4cdb6ce1c785076f391f4f0004e7c3376979bd4b973c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 23:52:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95779
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 10 Mar 2024 23:52:48 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 35F9
200 B
841 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.sharesies.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3538489
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 10 Mar 2024 23:52:48 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
385254
x-content-type-options
nosniff
x-request-id
63c20ceb-d061-4f2c-95e2-91cad5dc7d84
x-served-by
cache-fra-etou8220080-FRA
/
sdk.iad-05.braze.com/api/v3/data/
730 B
675 B
XHR
General
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-7564440c50700eb037f4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a85f5be1442b1483ff398464390abb49fedaf5a0076b1a3ded3a21198c1522a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
dec3b92c-8d79-432b-9ff2-d2743d0b8014
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type
application/json
Referer
https://app.sharesies.com/
X-Requested-With
XMLHttpRequest

Response headers

date
Sun, 10 Mar 2024 23:52:49 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
MISS
x-request-id
11dceca1-93b0-40ea-9169-39ccb7aa8ce5
x-served-by
cache-fra-eddf8230110-FRA
x-runtime
0.149734
etag
W/"5a85f5be1442b1483ff398464390abb4"
access-control-max-age
7200
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
vary
Origin,Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
/
sdk.iad-05.braze.com/api/v3/data/ Frame
0
0
Preflight
General
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://app.sharesies.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-encoding
gzip
date
Sun, 10 Mar 2024 23:52:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230110-FRA
key_prod_6ace3c178a54a8a3
cdn.growthbook.io/api/features/
4 KB
1 KB
Fetch
General
Full URL
https://cdn.growthbook.io/api/features/key_prod_6ace3c178a54a8a3
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-7564440c50700eb037f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
65456244570a1a864bf2313cff147aba2e4e156c41e65ad4242fc8efc1bb275f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 23:52:48 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
76
x-powered-by
Express
x-cache
HIT, HIT
content-length
1127
x-served-by
cache-iad-kiad7000071-IAD, cache-fra-eddf8230062-FRA
x-timer
S1710114769.500430,VS0,VE1
etag
W/"ea7-Y1XwNPg1votJRdWnJEjIOsYpRT0"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
accept-ranges
bytes
x-cache-hits
100225, 1
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 35F9
526 B
451 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 10 Mar 2024 23:52:48 GMT
via
1.1 varnish
age
3526398
x-cache
HIT
content-length
315
x-request-id
27171503-9bdb-4f52-a32f-eaf7571b16c0
x-served-by
cache-fra-etou8220080-FRA
last-modified
Fri, 11 Nov 2022 20:25:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
367084
page
rs.sharesies.com/v1/ Frame
0
0
Preflight
General
Full URL
https://rs.sharesies.com/v1/page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymousid,authorization,content-type
Access-Control-Request-Method
POST
Origin
https://app.sharesies.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers
anonymousid,authorization,content-type
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-ray
862738770dae39e0-FRA
content-length
0
date
Sun, 10 Mar 2024 23:52:48 GMT
server
cloudflare
vary
Accept-Encoding
page
rs.sharesies.com/v1/
2 B
226 B
XHR
General
Full URL
https://rs.sharesies.com/v1/page
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-7564440c50700eb037f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://app.sharesies.com/
accept-language
de-DE,de;q=0.9
Authorization
Basic MjZSSkIydGdxMDRGOTBkRHJuNGNxRGdLSG41Og==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
AnonymousId
NDRjYmRjOTctMTg3NC00ZDRmLTg2N2UtODJkOGIwNDg1MDRl
Content-Type
application/json

Response headers

date
Sun, 10 Mar 2024 23:52:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://app.sharesies.com
access-control-allow-credentials
true
cf-ray
862738771dcd39e0-FRA
content-length
2
t2_37csa6l_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/
86 B
700 B
XHR
General
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_37csa6l_telemetry
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-7564440c50700eb037f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 23:52:48 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
98
inner.html
m.stripe.network/ Frame 8C39
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
164
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 10 Mar 2024 23:50:06 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id
sPP9KcW_zgDP5PmcZ2ZreWTUv6s9dWphyyZtwW6NuH3lhjqK58x6Ig==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
1442682735793758
connect.facebook.net/signals/config/
61 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1442682735793758?v=2.9.148&r=stable&domain=app.sharesies.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
22e89552b33a8b9614eab7141531a52bc232216adae831c790c102e78c0a1f8d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 10 Mar 2024 23:52:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=63, mss=1326, tbw=62455, tp=-1, tpl=-1, uplat=130, ullat=0
pragma
public
x-fb-debug
ky5U2CM+KrO7hssM2IOdYg8YRxyAIujlA0pnB15ljHVI30QxzQKx9RZWWnyTmMdhCdKW4C9trIxNlQpEVU/Ztw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
255 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TT1S4W5EWQ&gtm=45je4360v887819618za200&_p=1710114768514&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1174164077.1710114769&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1710114768&sct=1&seg=0&dl=https%3A%2F%2Fapp.sharesies.com%2Flearn%2Farticles%2Ftruscreen-rights-offer&dt=Sharesies&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.debug_mode=false&tfd=5677
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TT1S4W5EWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 23:52:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.sharesies.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
255 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TT1S4W5EWQ&cid=1174164077.1710114769&gtm=45je4360v887819618za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TT1S4W5EWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 23:52:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.sharesies.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
enforce
157qg4dy.uriports.com/reports/
0
457 B
Other
General
Full URL
https://157qg4dy.uriports.com/reports/enforce
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:678:6a0::3:101 , Netherlands, ASN207647 (INTENTION-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.sharesies.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 10 Mar 2024 23:52:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-frame-options
SAMEORIGIN
report-to
{"group":"default","max_age":2592000,"endpoints":[{"url":"https://leemankuiper.uriports.com/reports"}],"include_subdomains":true}
permissions-policy
microphone=(), camera=(), fullscreen=(self), payment=(self)
cross-origin-resource-policy
cross-origin
x-xss-protection
0
reporting-endpoints
default="https://leemankuiper.uriports.com/reports"
ga-audiences
www.google.de/ads/
0
0

out-4.5.43.js
m.stripe.network/ Frame 8C39
87 KB
16 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Sun, 10 Mar 2024 23:51:54 GMT
content-encoding
gzip
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
54
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
eITFWHnWaCHQWLIFpRRFK5Jd7qAY2pQ9QdRo435PF_0LHW_ltDkOuA==
6
m.stripe.com/ Frame 8C39
156 B
669 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.123.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-123-46.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9423adf035231d78346956c0ff9c02baf579843acb1692f844181f4c835ccb08
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Sun, 10 Mar 2024 23:52:49 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1710114769046438
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1710114769046152
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
2484139198546837
connect.facebook.net/signals/config/
33 KB
6 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2484139198546837?v=2.9.148&r=stable&domain=app.sharesies.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C118%2C170%2C172%2C107%2C129%2C132%2C113%2C166%2C206%2C101%2C171%2C111%2C130%2C151%2C139%2C104%2C207%2C144%2C105%2C127%2C120%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c95d26e9a33c6b7e1aff587721229544cd1ec0c7c701854c25166db04e3ba6e7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 10 Mar 2024 23:52:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4644, tp=12, tpl=0, uplat=134, ullat=0
pragma
public
x-fb-debug
splO7VrdpRIZM8Ea91YQFEhkyIdELVyS1473wE9+AfT/U12Vy2Xne3cLflGqjFaaKhDALqrpRVVsFRNr83Nazg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rum
app.sharesies.com/cdn-cgi/
0
177 B
XHR
General
Full URL
https://app.sharesies.com/cdn-cgi/rum?
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-7564440c50700eb037f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.sharesies.com/learn/articles/truscreen-rights-offer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
content-type
application/json

Response headers

date
Sun, 10 Mar 2024 23:52:48 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://app.sharesies.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8627387938ff2c22-FRA
n1goyeo2
widget.intercom.io/widget/
7 KB
3 KB
Script
General
Full URL
https://widget.intercom.io/widget/n1goyeo2
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-0d1b32ab51e3ff9b6a57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.88.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-88-124.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7faad9e0b6bcb6d5e896cbb45103dcfaf503bd11a579aeb8385e0d914121cfe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
2I_EIocvevHlE3netp6QzfeDCjjOkAFW
content-encoding
gzip
via
1.1 086da553b96e728b869925910597a098.cloudfront.net (CloudFront)
date
Sun, 10 Mar 2024 23:49:20 GMT
x-amz-cf-pop
MUC50-C1
age
215
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2704
last-modified
Fri, 08 Mar 2024 16:42:25 GMT
server
AmazonS3
etag
"4a15632d12cf8693cefed8682a4a546d"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
ZRDQCAviPqo1NgI7Wacq8IOd_IgC6J95RwtnPhLWTYPkirSjanyAew==
frame-modern.f69469bf.js
js.intercomcdn.com/ Frame 13F8
513 KB
142 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.f69469bf.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/n1goyeo2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
673484e7834a02e14d924b0e98c9dd7fd88e3d5f8914b0957889565e566a9000
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
y_DpbaC6RKXHa2y6NGpJhyUs.Mn1_Dt.
content-encoding
gzip
via
1.1 129f13101f12370407d42127c62b1bd8.cloudfront.net (CloudFront)
date
Sun, 10 Mar 2024 22:42:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
4221
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
144416
last-modified
Fri, 08 Mar 2024 16:37:36 GMT
server
AmazonS3
etag
"f347334babd98aa8534e88af7d9f40b4"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
Tw1QZiDi6DKVjOXEzjbQZPv1Tl7Vyg0HCtSVrPLvWI5ZJRt5bM0FIw==
vendor-modern.ab1cff98.js
js.intercomcdn.com/ Frame 13F8
483 KB
148 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.ab1cff98.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/n1goyeo2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07c13919dc0bd3159299c2a0ac252dcb42c18c90fb1279fae3896a51263d18ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id
xQcNygn9VBM1v8q0PMstUaLMMoZ62C4D
content-encoding
gzip
via
1.1 129f13101f12370407d42127c62b1bd8.cloudfront.net (CloudFront)
date
Sun, 10 Mar 2024 23:22:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
1823
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
151124
last-modified
Fri, 08 Mar 2024 16:37:37 GMT
server
AmazonS3
etag
"a7cb1d56f10e5b947f1b4b781721abf0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
YBzMxK4CtAB_PgTq3ABD6nb1fGmEdFxMn95M14Gdw3yX0S9sxI0vmw==
ping
api-iam.intercom.io/messenger/web/ Frame 13F8
4 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f69469bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.65.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-65-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b07054f05202d6f42f1164a2cfe11a067c5dd5abddcfa8972dae29079d8188fb
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 10 Mar 2024 23:52:49 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-04e75d817d474162f
status
200 OK
x-xss-protection
1; mode=block
x-request-id
000b30fu9t30o33olrhg
x-runtime
0.256987
server
nginx
etag
W/"b07054f05202d6f42f1164a2cfe11a06"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.sharesies.com
x-intercom-version
78bebaa2a6f2c10de117917c0706cc161ad7a47f
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
sync
sdk.iad-05.braze.com/api/v3/content_cards/
85 B
222 B
XHR
General
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-7564440c50700eb037f4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a1000167109596f7fc1d400664287c8cdb27f58e91df9a64903a2c8378cc9697
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
dec3b92c-8d79-432b-9ff2-d2743d0b8014
X-Braze-DataRequest
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://app.sharesies.com/
X-Requested-With
XMLHttpRequest
X-Braze-ContentCardsRequest
true

Response headers

date
Sun, 10 Mar 2024 23:52:50 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
MISS
x-request-id
d61efb7c-ac83-4630-87ed-8f9021961fb3
x-served-by
cache-fra-eddf8230110-FRA
x-runtime
0.067266
etag
W/"a1000167109596f7fc1d400664287c8c"
access-control-max-age
7200
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
vary
Origin,Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame
0
0
Preflight
General
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://app.sharesies.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-encoding
gzip
date
Sun, 10 Mar 2024 23:52:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230110-FRA
ping
api-iam.intercom.io/messenger/web/ Frame 13F8
4 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f69469bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.65.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-65-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
85ddfa398bd9eb696ac30a305a083137a4fadb411c93b1f644908d0079ec34d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 10 Mar 2024 23:52:49 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-04e75d817d474162f
status
200 OK
x-xss-protection
1; mode=block
x-request-id
004cgcgbr0q9mtknmfq0
x-runtime
0.211399
server
nginx
etag
W/"85ddfa398bd9eb696ac30a305a083137"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.sharesies.com
x-intercom-version
78bebaa2a6f2c10de117917c0706cc161ad7a47f
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TT1S4W5EWQ&gtm=45je4360v887819618za200&_p=1710114768514&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1174164077.1710114769&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EEA&_s=2&sid=1710114768&sct=1&seg=0&dl=https%3A%2F%2Fapp.sharesies.com%2Flearn%2Farticles%2Ftruscreen-rights-offer&dt=Sharesies&en=scroll&ep.debug_mode=false&epn.percent_scrolled=90&_et=3&tfd=6851
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TT1S4W5EWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 23:52:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.sharesies.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CentraNo2-Medium-366c42832d3249a7110734304ef38236.woff2
app.sharesies.com/s/i/
29 KB
31 KB
Font
General
Full URL
https://app.sharesies.com/s/i/CentraNo2-Medium-366c42832d3249a7110734304ef38236.woff2
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/css/app-f1d5032f48aea9d467e9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd60d2c48138652ffefd476b2cb07725960d848d32843914c5b3165190e210e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/s/css/app-f1d5032f48aea9d467e9.css
Origin
https://app.sharesies.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-sharesies-router
cf
date
Sun, 10 Mar 2024 23:52:51 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
x-amz-request-id
F5DFB4J5CV9P9YDX
x-amz-server-side-encryption
AES256
content-length
29229
x-amz-id-2
6IAgeFPukX+9W3RBZY1wqGCT9SHOiz4JBaY+ZFBMUjYnO7rf7mNkPAhxv31ocESgV9WRQku9n9c=
x-xss-protection
1; mode=block
last-modified
Sun, 10 Mar 2024 22:43:33 GMT
server
cloudflare
etag
"366c42832d3249a7110734304ef38236"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
font/woff2
access-control-allow-origin
https://app.sharesies.com
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
access-control-max-age
0
accept-ranges
bytes
cf-ray
8627387eeda32c22-FRA
x-frame-options
deny
CentraNo2-Book-93f91169dbfffe3de8dba837c8c7b438.woff2
app.sharesies.com/s/i/
42 KB
45 KB
Font
General
Full URL
https://app.sharesies.com/s/i/CentraNo2-Book-93f91169dbfffe3de8dba837c8c7b438.woff2
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/css/app-f1d5032f48aea9d467e9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ce35451f5bbfac933451f8cd59327226244407438768e442708455d94f8842
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/s/css/app-f1d5032f48aea9d467e9.css
Origin
https://app.sharesies.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-sharesies-router
cf
date
Sun, 10 Mar 2024 23:52:51 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
x-amz-request-id
F5D9W3DD6XH1G19M
x-amz-server-side-encryption
AES256
content-length
43353
x-amz-id-2
i9J3vyI6lHcLjZhyZglA84N2/rzX0HK/sttvegWnG13Y7+kxNmSZBqENCjShh5PLccGyRnDKdNk=
x-xss-protection
1; mode=block
last-modified
Sun, 10 Mar 2024 22:43:33 GMT
server
cloudflare
etag
"93f91169dbfffe3de8dba837c8c7b438"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
font/woff2
access-control-allow-origin
https://app.sharesies.com
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
access-control-max-age
0
accept-ranges
bytes
cf-ray
8627387eeda52c22-FRA
x-frame-options
deny
CentraNo2-Extrabold-065b5f69173fd76b95217fc75b0c6199.woff2
app.sharesies.com/s/i/
27 KB
30 KB
Font
General
Full URL
https://app.sharesies.com/s/i/CentraNo2-Extrabold-065b5f69173fd76b95217fc75b0c6199.woff2
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/css/app-f1d5032f48aea9d467e9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de485701a5c8a43ab24ef7c58cd7ec15068d1cc35b1b3fe2ebfd8804b7612278
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.sharesies.com/s/css/app-f1d5032f48aea9d467e9.css
Origin
https://app.sharesies.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-sharesies-router
cf
date
Sun, 10 Mar 2024 23:52:50 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
x-amz-request-id
HYH2X2WB62PCQ07V
x-amz-server-side-encryption
AES256
content-length
27937
x-amz-id-2
jeJ2/rzR4Btq23FddAFasGCQSYX++iukiU8c0FZCXoZ2ttfBQV0ox5ZcCW4QjFfotTa+hXMvTPo=
x-xss-protection
1; mode=block
last-modified
Sun, 10 Mar 2024 22:43:33 GMT
server
cloudflare
etag
"065b5f69173fd76b95217fc75b0c6199"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
font/woff2
access-control-allow-origin
https://app.sharesies.com
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
access-control-max-age
0
accept-ranges
bytes
cf-ray
8627387eeda62c22-FRA
x-frame-options
deny
collect
region1.analytics.google.com/g/
0
17 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TT1S4W5EWQ&gtm=45je4360v887819618za200&_p=1710114768514&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1174164077.1710114769&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAC&_s=3&uid=&sid=1710114768&sct=1&seg=1&dl=https%3A%2F%2Fapp.sharesies.com%2Flearn%2Farticles%2Ftruscreen-rights-offer&dt=Sharesies&en=page_view&_ee=1&_et=1166&tfd=6900
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TT1S4W5EWQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 23:52:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.sharesies.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
api-iam.intercom.io/messenger/web/ Frame 13F8
4 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.f69469bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.232.65.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-65-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4f1a294b1a163a43e6b653bdf22aeffe2190dab884a69fb56f010edcb3783dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 10 Mar 2024 23:52:50 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-04e75d817d474162f
status
200 OK
x-xss-protection
1; mode=block
x-request-id
004bnl31penn2s99tmug
x-runtime
0.209778
server
nginx
etag
W/"4f1a294b1a163a43e6b653bdf22aeffe"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.sharesies.com
x-intercom-version
78bebaa2a6f2c10de117917c0706cc161ad7a47f
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
6
m.stripe.com/ Frame 8C39
156 B
669 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.123.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-123-46.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9423adf035231d78346956c0ff9c02baf579843acb1692f844181f4c835ccb08
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Sun, 10 Mar 2024 23:52:50 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1710114770599953
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1710114770599493
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
collect
region1.analytics.google.com/g/
0
17 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TT1S4W5EWQ&gtm=45je4360v887819618za200&_p=1710114768514&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1174164077.1710114769&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=4&uid=&dp=%2Flogin&dl=https%3A%2F%2Fapp.sharesies.com%2Flogin%3Fnext%3D%252Flearn%252Farticles%252Ftruscreen-rights-offer&dt=Sharesies&sid=1710114768&sct=1&seg=1&en=page_view&_ee=1&_et=47&tfd=7874
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TT1S4W5EWQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.sharesies.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Mar 2024 23:52:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.sharesies.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TT1S4W5EWQ&cid=1174164077.1710114769&gtm=45je4360v887819618za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=744661940

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunkStripeJSouter function| noop function| Stripe object| webpackJsonpSharesies number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad function| setImmediate function| clearImmediate object| regeneratorRuntime function| rdt object| nativeAppControls object| platform function| fbq function| _fbq function| _rollbarURH object| sharesiesRollbar object| __cfBeacon function| Intercom object| intercomSettings object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| __ga4React__ object| gaGlobal function| __intercomAssignLocation function| __intercomReloadLocation

16 Cookies

Domain/Path Name / Value
.sharesies.com/ Name: rl_anonymous_id
Value: RudderEncrypt%3AU2FsdGVkX1%2BRHgHNfGDrAJGZ5nZ0PbpYtvyzkaBJ%2BwOy42sQ4x%2BHdiHz98O%2Fk3MGoAzfnPfdB8EhBrWy%2FP3DMA%3D%3D
.sharesies.com/ Name: rl_page_init_referrer
Value: RudderEncrypt%3AU2FsdGVkX1%2BuLkvhKx8zFeIW8VdOL2aQmwP9uotIvSY%3D
.sharesies.com/ Name: rl_page_init_referring_domain
Value: RudderEncrypt%3AU2FsdGVkX1977Q3K5LnAi0YmUOh%2BzzKL9iALHMj7H%2FU%3D
.sharesies.com/ Name: ab.storage.sessionId.dec3b92c-8d79-432b-9ff2-d2743d0b8014
Value: %7B%22g%22%3A%22d6803a15-8d3e-ec17-6892-ec663da797b0%22%2C%22e%22%3A1710116568319%2C%22c%22%3A1710114768319%2C%22l%22%3A1710114768319%7D
.sharesies.com/ Name: ab.storage.deviceId.dec3b92c-8d79-432b-9ff2-d2743d0b8014
Value: %7B%22g%22%3A%22b4ab01c3-32c0-f177-79f6-7dff4ddb080d%22%2C%22c%22%3A1710114768320%2C%22l%22%3A1710114768320%7D
.sharesies.com/ Name: _rdt_uuid
Value: 1710114768493.7d7d9f01-0cd6-4505-bc27-6f8d2d7da434
.sharesies.com/ Name: _ga
Value: GA1.1.1174164077.1710114769
m.stripe.com/ Name: m
Value: 544231bd-c9d8-4459-88b0-52bdd72c6134d19837
.app.sharesies.com/ Name: __stripe_mid
Value: 90c5b91e-0d9a-4663-9713-bdcafe5af128a67271
.app.sharesies.com/ Name: __stripe_sid
Value: 34674bb0-4efd-44f1-b210-e37b8494bab080bc78
.sharesies.com/ Name: intercom-id-n1goyeo2
Value: 567db31e-a3c1-49b7-a76f-419dac9f3e92
.sharesies.com/ Name: intercom-session-n1goyeo2
Value:
.sharesies.com/ Name: intercom-device-id-n1goyeo2
Value: ed925df5-9c5c-4f9d-9567-ad172ef155f1
.sharesies.com/ Name: rl_session
Value: RudderEncrypt%3AU2FsdGVkX1%2FLLc2nt%2BS6DDLzrzq%2FOaRLg0bV9L72PradgwksTLNmRKWDZNDY3RK4DIUXQl%2F1pqzSxOCag7aXtvLfzrCqr6TeEwHfN7sCQPiGkPvMDxm9rybOOka7uRYLKZITDro7YaakBVF2p9mPMw%3D%3D
.sharesies.com/ Name: _ga_TT1S4W5EWQ
Value: GS1.1.1710114768.1.1.1710114770.58.0.0
.sharesies.com/ Name: _cfuvid
Value: GNprveWTbyPEzLzYeyNIi94Jmf7dhTp4JtwDlOrTE4o-1710114771293-0.0.1.1-604800000

5 Console Messages

Source Level URL
Text
security error URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TT1S4W5EWQ&cid=1174164077.1710114769&gtm=45je4360v887819618za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=744661940' because it violates the following Content Security Policy directive: "img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com".
other warning URL: https://connect.facebook.net/signals/config/1442682735793758?v=2.9.148&r=stable&domain=app.sharesies.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://app.sharesies.com/learn/articles/truscreen-rights-offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.sharesies.com/login?next=%2Flearn%2Farticles%2Ftruscreen-rights-offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app.sharesies.com/login?next=%2Flearn%2Farticles%2Ftruscreen-rights-offer
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

157qg4dy.uriports.com
api-iam.intercom.io
app.sharesies.com
cdn.growthbook.io
connect.facebook.net
fonts.googleapis.com
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
region1.analytics.google.com
rs.sharesies.com
sdk.iad-05.braze.com
sharesies.page.link
static.cloudflareinsights.com
stats.g.doubleclick.net
widget.intercom.io
www.google.de
www.googletagmanager.com
www.redditstatic.com
www.google.de
151.101.129.91
151.101.194.133
151.101.64.176
18.245.46.55
2001:4860:4802:32::36
2001:678:6a0::3:101
2600:9000:2057:e600:19:7d10:bd80:93a1
2606:4700::6810:4f49
2606:4700::6812:1b55
2a00:1450:4001:812::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:400c:c00::9d
2a03:2880:f083:100:face:b00c:0:3
2a04:4e42::396
3.232.65.135
34.213.123.46
99.84.88.124
07c13919dc0bd3159299c2a0ac252dcb42c18c90fb1279fae3896a51263d18ce
224aab1317bb73221bfa4d8e714c3a3d54d6b33b66d0623cf665ad4d031daf05
22e89552b33a8b9614eab7141531a52bc232216adae831c790c102e78c0a1f8d
2939d067bced6e2e3e43c1b10d2b067cb980410c2cc42fd3e867798a4a36c697
2ef60c1fdff21dcb1621139a1243609f619ddff101bdc236c4893e7dfd9b9fb8
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
4f1a294b1a163a43e6b653bdf22aeffe2190dab884a69fb56f010edcb3783dd2
4fd60d2c48138652ffefd476b2cb07725960d848d32843914c5b3165190e210e
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
51f709a83fcbf95b3fb1081fe5961f083774c8e425aae02141e9d586009b7c06
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
577c7fc4363283f1e22f11d363f90a59e6cd2fa1b4552dd6c2c9ee29ec1b805d
5a85f5be1442b1483ff398464390abb49fedaf5a0076b1a3ded3a21198c1522a
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
65456244570a1a864bf2313cff147aba2e4e156c41e65ad4242fc8efc1bb275f
673484e7834a02e14d924b0e98c9dd7fd88e3d5f8914b0957889565e566a9000
6a2743574acc1ee7225cda60b11684aafa84b9092087e2377f25503827cfb8d9
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
761a0f931d8ff01d2399d8fe6198bf4f2a5b8474f538e7cf3e6b4334da65fcdb
78cbe967c1f4e24b0a586fff03fbcd4a98069b27ad23bfe0ef8aef9a9fa22739
7faad9e0b6bcb6d5e896cbb45103dcfaf503bd11a579aeb8385e0d914121cfe6
85ddfa398bd9eb696ac30a305a083137a4fadb411c93b1f644908d0079ec34d6
86da9da9a2f5d88de1eb033da64c7dc4dc2ecb097d35377f863c84ed2e8e3dd5
91ce35451f5bbfac933451f8cd59327226244407438768e442708455d94f8842
9423adf035231d78346956c0ff9c02baf579843acb1692f844181f4c835ccb08
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a1000167109596f7fc1d400664287c8cdb27f58e91df9a64903a2c8378cc9697
a281383a57fe5413664c09c50aeafee41a1de28533e7d39d515e9bc3fe2e4865
ae4e7ab082362c5bc939f18dc3c6b0229cd08b2e98a1c155ccfc9dda0d1a36fc
b07054f05202d6f42f1164a2cfe11a067c5dd5abddcfa8972dae29079d8188fb
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c0c1cd563ce9ad5b22720d8e25c6c9227a1afa7d1e9ae04e060c01cf9fce52e2
c95d26e9a33c6b7e1aff587721229544cd1ec0c7c701854c25166db04e3ba6e7
de485701a5c8a43ab24ef7c58cd7ec15068d1cc35b1b3fe2ebfd8804b7612278
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3889fc2f6e0a1a342b4cdb6ce1c785076f391f4f0004e7c3376979bd4b973c3
f6f58bbdd4513b18193d23917c80779c4c1328fa6cf54e01cb24b6ba81bdb4e0