Submitted URL: https://sigmund.headway.co/refer-a-provider
Effective URL: https://login.headway.co/u/login/identifier?state=hKFo2SBXT2ltTkRZb01DSUN5aWFCeUZfN2dxZ05wb1UwM05TV6Fur3VuaXZlcnNhbC1sb2d...
Submission: On December 06 via api from US — Scanned from DE

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 29 HTTP transactions. The main IP is 2606:4700::6813:a718, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.headway.co. The Cisco Umbrella rank of the primary domain is 385471.
TLS certificate: Issued by E5 on October 25th 2024. Valid for: 3 months.
This is the only time login.headway.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 162.159.140.173 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:214... 16509 (AMAZON-02)
2 13.225.78.93 16509 (AMAZON-02)
2 13.224.189.121 16509 (AMAZON-02)
1 35.186.247.156 15169 (GOOGLE)
2 52.22.248.30 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 108.138.26.50 16509 (AMAZON-02)
2 18.244.18.76 16509 (AMAZON-02)
3 107.22.100.5 14618 (AMAZON-AES)
1 2600:9000:235... 16509 (AMAZON-02)
1 99.86.4.16 16509 (AMAZON-02)
29 15
Apex Domain
Subdomains
Transfer
10 headway.co
sigmund.headway.co — Cisco Umbrella Rank: 521561
api.headway.co — Cisco Umbrella Rank: 294455
login.headway.co — Cisco Umbrella Rank: 385471
headway.co — Cisco Umbrella Rank: 147759
assets.headway.co — Cisco Umbrella Rank: 514729
3 MB
4 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2266
api-iam.intercom.io — Cisco Umbrella Rank: 2695
7 KB
4 rudderstack.com
api.rudderstack.com — Cisco Umbrella Rank: 8301
findheadwaumps.dataplane.rudderstack.com — Cisco Umbrella Rank: 244896
2 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2998
288 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1073
181 KB
2 rudderlabs.com
cdn.rudderlabs.com — Cisco Umbrella Rank: 9872
44 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6544
64 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 137
359 B
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1331
9 KB
29 10
Domain Requested by
4 sigmund.headway.co sigmund.headway.co
3 api-iam.intercom.io js.intercomcdn.com
2 headway.co login.headway.co
2 js.intercomcdn.com widget.intercom.io
2 login.headway.co 1 redirects sigmund.headway.co
2 findheadwaumps.dataplane.rudderstack.com sigmund.headway.co
2 js.stripe.com sigmund.headway.co
js.stripe.com
2 api.rudderstack.com cdn.rudderlabs.com
2 cdn.rudderlabs.com sigmund.headway.co
cdn.rudderlabs.com
2 fonts.googleapis.com sigmund.headway.co
1 assets.headway.co login.headway.co
1 cdn.auth0.com login.headway.co
1 widget.intercom.io cdn.rudderlabs.com
1 api.headway.co sigmund.headway.co
1 sentry.io sigmund.headway.co
1 use.fontawesome.com sigmund.headway.co
29 16

This site contains no links.

Subject Issuer Validity Valid
headway.co
E5
2024-11-30 -
2025-02-28
3 months crt.sh
use.fontawesome.com
WE1
2024-11-07 -
2025-02-06
3 months crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.rudderlabs.com
Amazon RSA 2048 M03
2024-05-14 -
2025-06-12
a year crt.sh
*.rudderstack.com
Amazon RSA 2048 M02
2024-09-21 -
2025-10-18
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-10-30 -
2025-02-06
3 months crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-03 -
2025-07-22
a year crt.sh
*.dataplane.rudderstack.com
R10
2024-10-30 -
2025-01-28
3 months crt.sh
login.headway.co
E5
2024-10-25 -
2025-01-23
3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03
2024-01-15 -
2025-02-11
a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02
2024-10-31 -
2025-11-28
a year crt.sh
*.auth0.com
Amazon RSA 2048 M03
2024-01-25 -
2025-02-22
a year crt.sh
assets.headway.co
Amazon RSA 2048 M02
2024-10-02 -
2025-10-31
a year crt.sh

This page contains 3 frames:

Primary Page: https://login.headway.co/u/login/identifier?state=hKFo2SBXT2ltTkRZb01DSUN5aWFCeUZfN2dxZ05wb1UwM05TV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExMb29kYWk4UlRGdWpPV2Eyd21IZ05WM01ndlRMTnI4o2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM
Frame ID: F32E224667D6C76AA56F6756C40806EB
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-9618b1508f4feede60d3ec1d06fed719.html
Frame ID: 079E087C060033DDDD93DF7363743929
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.7e4cdb9a.js
Frame ID: CFBE1CEAC48E548034CBA54A73D97050
Requests: 5 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://sigmund.headway.co/refer-a-provider Page URL
  2. https://login.headway.co/authorize?client_id=owrBPdUyVWv1EeOx1VJftnQZ7hweBSRS&scope=openid+default+of... HTTP 302
    https://login.headway.co/u/login/identifier?state=hKFo2SBXT2ltTkRZb01DSUN5aWFCeUZfN2dxZ05wb1UwM05TV6F... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

29
Requests

97 %
HTTPS

36 %
IPv6

10
Domains

16
Subdomains

15
IPs

3
Countries

3598 kB
Transfer

13107 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sigmund.headway.co/refer-a-provider Page URL
  2. https://login.headway.co/authorize?client_id=owrBPdUyVWv1EeOx1VJftnQZ7hweBSRS&scope=openid+default+offline_access&redirect_uri=https%3A%2F%2Fsigmund.headway.co%2Fauth%2Fcallback&audience=api.headway.co&response_type=code&response_mode=query&state=aHg4TzJSUTNuSmdGT3E4NGguUUVKN2NIcGlFYURrSXpLejZxV2hDU1dwOQ%3D%3D&nonce=TGlDdHg1dV9lazF0V3VhOFRSMnFzeDVFczdCVFh3cHJxWHpCNXRKcUpmQQ%3D%3D&code_challenge=TZ9S0xyBeAp1oDPk--GPTYo6gNywbgU1G3MxY-FR5DM&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMS4yIn0%3D HTTP 302
    https://login.headway.co/u/login/identifier?state=hKFo2SBXT2ltTkRZb01DSUN5aWFCeUZfN2dxZ05wb1UwM05TV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExMb29kYWk4UlRGdWpPV2Eyd21IZ05WM01ndlRMTnI4o2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
refer-a-provider
sigmund.headway.co/
6 KB
3 KB
Document
General
Full URL
https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
853ad95a58d9d64b36ff1a2d0232f7cbe249c78c15bd71b9e640cd84701c74a6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
58
cf-cache-status
DYNAMIC
cf-ray
8edc71495fa6dc94-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 06 Dec 2024 12:57:35 GMT
last-modified
Fri, 06 Dec 2024 02:31:05 GMT
server
cloudflare
vary
accept-encoding
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-id
OsO0pj8ngFGOuz5cgkkYSvG9jBQNTxlQtIxYgwK8Eg3m4F8Ys5IF9Q==
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
D8U2JUsbH4jLGvrMNMtefRyB22mn_IxK
x-cache
Error from cloudfront
all.css
use.fontawesome.com/releases/v5.0.7/css/
35 KB
9 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.0.7/css/all.css
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"16f4f6797931e43125885e1741f125a7"
age
901272
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nz0gLabMk0kK%2BbDoJDWv6BahU2qqhyDEC6udFbRw3Tl201HXQVqN%2B3bQUAfEoyvrMN6QMTc73UcHAxOIvHMIGIm9hibogkXQKpElyzwT1jM61AwOPoPGeVfTA%2B6msJF%2FTa0Co%2Fh78hjgy2wxwJLp4%2FGw"}],"group":"cf-nel","max_age":604800}
cf-ray
8edc714caa28dbea-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=6744&min_rtt=6150&rtt_var=1853&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4031&recv_bytes=2274&delivery_rate=620970&cwnd=231&unsent_bytes=0&cid=c3e0c729e9f4b0fc&ts=19&x=0"
date
Fri, 06 Dec 2024 12:57:35 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:44:11 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Material+Icons
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b64471a80a6405aef70e8302a7a638fbaefb5939aec12b797428ec48c1eba975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 06 Dec 2024 12:57:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 12:57:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 06 Dec 2024 12:57:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
icon
fonts.googleapis.com/
569 B
417 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 06 Dec 2024 12:57:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 12:57:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 06 Dec 2024 12:57:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
index-CeHF8_s2.js
sigmund.headway.co/assets/
4 MB
1 MB
Script
General
Full URL
https://sigmund.headway.co/assets/index-CeHF8_s2.js
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48efa359a07ee48b90996e03c87b8ffeec0cd64103f861b818fddf2761805246

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sigmund.headway.co
Referer
https://sigmund.headway.co/refer-a-provider

Response headers

server
cloudflare
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"e492a591cb2003ea0e82baec9569cc7d"
x-amz-version-id
2WdfrzTE9byxYq19U9HZ8uRHSsD40lLD
via
1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
cf-ray
8edc714c7866dc94-FRA
x-cache
RefreshHit from cloudfront
x-amz-cf-id
KaTubUbaWh0IIErMr0L_jyPaTIQuHm006lBS7I6WEM2S-No1ViY8Yg==
date
Fri, 06 Dec 2024 12:57:35 GMT
content-type
text/javascript
last-modified
Fri, 06 Dec 2024 02:31:04 GMT
vary
accept-encoding
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
vendor-BFjdQACu.js
sigmund.headway.co/assets/
6 MB
2 MB
Script
General
Full URL
https://sigmund.headway.co/assets/vendor-BFjdQACu.js
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88ad47a45792aa767fca025812b7cbc196fbd6a9ea1d6e4158bd06beaff52bc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sigmund.headway.co
Referer
https://sigmund.headway.co/refer-a-provider

Response headers

server
cloudflare
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"3cf984724fa76ed1b55694b6243928ba"
x-amz-version-id
P.r5q3FRgLKVVU1xDY6H4m_a5Bu.7Tp7
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
cf-ray
8edc714c7868dc94-FRA
x-cache
RefreshHit from cloudfront
x-amz-cf-id
qLKuMOIdDVXbPJbMX0jYZ6qSaDCk8AP2A--0P4qpkfc_xU817Tj-gQ==
date
Fri, 06 Dec 2024 12:57:35 GMT
content-type
text/javascript
last-modified
Fri, 06 Dec 2024 02:31:05 GMT
vary
accept-encoding
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
index-DQ8FIO0Q.css
sigmund.headway.co/assets/
215 KB
30 KB
Stylesheet
General
Full URL
https://sigmund.headway.co/assets/index-DQ8FIO0Q.css
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f31d4c13d8d7d4f4386ac7718a903f49d20bc0fefbef51f3258302dc68d8d66c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sigmund.headway.co
Referer
https://sigmund.headway.co/refer-a-provider

Response headers

server
cloudflare
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"0e805b11eefb21b1ed5e8a7050dcd574"
x-amz-version-id
P5C6CHTriE4QoEZlh99Owvaeja0e271A
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cf-ray
8edc714c7861dc94-FRA
x-cache
RefreshHit from cloudfront
x-amz-cf-id
1WWYRElNuDIN3YEA9IQ_wYBQ2VQxVVOJt8ETrZcdUDfR5yy8TbFe1Q==
date
Fri, 06 Dec 2024 12:57:35 GMT
content-type
text/css
last-modified
Fri, 06 Dec 2024 02:31:04 GMT
vary
accept-encoding
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
rudder-analytics.min.js
cdn.rudderlabs.com/v1.1/
124 KB
39 KB
Script
General
Full URL
https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5200:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30d3b6f18bd35158d72f39105a33567c183dfbd750b815320fa042b21439ca00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

vary
accept-encoding
cache-control
no-store
content-encoding
br
etag
W/"093a3a3c6732eff88c0ba137228aecfe"
via
1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
mp9hlBWSHlFSlk8Ed47ANxWG5iL8bi0qOpy0n33pOQuGNs6oPrtuPA==
date
Fri, 06 Dec 2024 12:57:36 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 04:24:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
/
api.rudderstack.com/sourceConfig/
2 KB
1 KB
XHR
General
Full URL
https://api.rudderstack.com/sourceConfig/?p=cdn&v=2.48.40&writeKey=24qIw0Bp20VJPQ9esy2MCER936W
Requested by
Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-93.fra2.r.cloudfront.net
Software
/
Resource Hash
26b52931e9e5f24b8b9ab99b62d5be4353b29c16fddc8e3b7b15112a68a99613
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Authorization
Basic MjRxSXcwQnAyMFZKUFE5ZXN5Mk1DRVI5MzZXOg==
Referer
https://sigmund.headway.co/

Response headers

x-request-id
a2fc3870-b3d1-11ef-89f4-a5b71a1f8c20
access-control-expose-headers
X-Request-ID
content-encoding
gzip
age
13
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
OasfaCDqy7oD0-mHpLyV9iDv6NiJFXxySw2LZsiG16_5KNrgyBq95A==
date
Fri, 06 Dec 2024 12:57:23 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
access-control-allow-credentials
true
x-download-options
noopen
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA2-C2
/
api.rudderstack.com/sourceConfig/ Frame
0
0
Preflight
General
Full URL
https://api.rudderstack.com/sourceConfig/?p=cdn&v=2.48.40&writeKey=24qIw0Bp20VJPQ9esy2MCER936W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-93.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://sigmund.headway.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
*
access-control-max-age
900
alt-svc
h3=":443"; ma=86400
date
Fri, 06 Dec 2024 12:57:36 GMT
vary
Origin
via
1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
x-amz-cf-id
hW0W7mh4X11TS4uC_AChXzLW7O6vPaTbBNDoF8ilPxHMZLWPBeJ55w==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
x-request-id
aa867510-b3d1-11ef-a13f-c7f3431a65e9
99144baf-7350-429d-91f1-b9b132c16361
https://sigmund.headway.co/ Frame
0
0

v3
js.stripe.com/
692 KB
181 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/assets/vendor-BFjdQACu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-121.fra2.r.cloudfront.net
Software
Cloudfront /
Resource Hash
d834f1d8d599d73d5d5a63edae9b409299ea5701308af351a509264ea9d51204
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

content-encoding
br
etag
W/"838f021032c36e3fe69bcb27bcf45501"
age
14
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
5fDqFFbovMv2ZkGbAAFoR7y0-8pv9FnzU_zZPttIvo1mDd5zaUAXZw==
date
Fri, 06 Dec 2024 12:57:29 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 05 Dec 2024 21:58:57 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C1
server
Cloudfront
/
sentry.io/api/1795113/envelope/
2 B
359 B
Fetch
General
Full URL
https://sentry.io/api/1795113/envelope/?sentry_key=f8dc6fc15d664dee917dc328dbaee058&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.119.0
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/assets/vendor-BFjdQACu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://sigmund.headway.co/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
content-encoding
gzip
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 12:57:36 GMT
content-type
application/json
vary
Accept-Encoding,origin, access-control-request-method, access-control-request-headers
server
nginx
me
api.headway.co/api/sigmund/
93 B
241 B
XHR
General
Full URL
https://api.headway.co/api/sigmund/me
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/assets/vendor-BFjdQACu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sigmund.headway.co/

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8edc71532c37dc94-FRA
access-control-allow-origin
https://sigmund.headway.co
content-length
93
date
Fri, 06 Dec 2024 12:57:36 GMT
content-type
application/json
vary
Origin
server
cloudflare
page
findheadwaumps.dataplane.rudderstack.com/v1/ Frame
0
0
Preflight
General
Full URL
https://findheadwaumps.dataplane.rudderstack.com/v1/page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.22.248.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-248-30.compute-1.amazonaws.com
Software
openresty/1.21.4.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymousid,authorization,content-type
Access-Control-Request-Method
POST
Origin
https://sigmund.headway.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
anonymousid,authorization,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://sigmund.headway.co
access-control-max-age
900
date
Fri, 06 Dec 2024 12:57:36 GMT
server
openresty/1.21.4.2
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
page
findheadwaumps.dataplane.rudderstack.com/v1/
2 B
55 B
XHR
General
Full URL
https://findheadwaumps.dataplane.rudderstack.com/v1/page
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/assets/vendor-BFjdQACu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.22.248.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-248-30.compute-1.amazonaws.com
Software
openresty/1.21.4.2 /
Resource Hash

Request headers

AnonymousId
YWUwNzBiYzMtYjVmZC00NzI4LWFmOTctZTMyZDlmODAwNWZm
Authorization
Basic MjRxSXcwQnAyMFZKUFE5ZXN5Mk1DRVI5MzZXOg==
Referer
https://sigmund.headway.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sigmund.headway.co
content-length
2
date
Fri, 06 Dec 2024 12:57:36 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
openresty/1.21.4.2
access-control-allow-credentials
true
INTERCOM.min.js
cdn.rudderlabs.com/v1.1/js-integrations/
12 KB
5 KB
Script
General
Full URL
https://cdn.rudderlabs.com/v1.1/js-integrations/INTERCOM.min.js
Requested by
Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5200:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

vary
accept-encoding
cache-control
no-store
content-encoding
br
etag
W/"b60987e716b0a7945b7b0233c8943252"
via
1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
fytR2p9Qcz0ZvIiquLxbkKJbvSs3BaGbriLdIWTZhnWVtHfMjONnfw==
date
Fri, 06 Dec 2024 12:57:37 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 04:24:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
controller-with-preconnect-9618b1508f4feede60d3ec1d06fed719.html
js.stripe.com/v3/ Frame 079E
0
0
Document
General
Full URL
https://js.stripe.com/v3/controller-with-preconnect-9618b1508f4feede60d3ec1d06fed719.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-121.fra2.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sigmund.headway.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
53
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 06 Dec 2024 12:57:36 GMT
etag
"9618b1508f4feede60d3ec1d06fed719"
last-modified
Thu, 05 Dec 2024 21:16:38 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-id
-oYvdCOAyCTdqt8kErlgj3_mTgmUBUSePSKUgPDZTN0luz9tEQb-vQ==
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
Primary Request identifier
login.headway.co/u/login/
Redirect Chain
  • https://login.headway.co/authorize?client_id=owrBPdUyVWv1EeOx1VJftnQZ7hweBSRS&scope=openid+default+offline_access&redirect_uri=https%3A%2F%2Fsigmund.headway.co%2Fauth%2Fcallback&audience=api.headwa...
  • https://login.headway.co/u/login/identifier?state=hKFo2SBXT2ltTkRZb01DSUN5aWFCeUZfN2dxZ05wb1UwM05TV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExMb29kYWk4UlRGdWpPV2Eyd21IZ05WM01ndlRMTnI4o2NpZNkgb3dyQlBkVXlWV3Y...
36 KB
36 KB
Document
General
Full URL
https://login.headway.co/u/login/identifier?state=hKFo2SBXT2ltTkRZb01DSUN5aWFCeUZfN2dxZ05wb1UwM05TV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExMb29kYWk4UlRGdWpPV2Eyd21IZ05WM01ndlRMTnI4o2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/assets/vendor-BFjdQACu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a718 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
052ecae331664fc4d0cee0206625a92054f4fe83a1db66e02594c2fbfe56f1c4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sigmund.headway.co/refer-a-provider
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8edc7159f9abdbc3-FRA
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Fri, 06 Dec 2024 12:57:38 GMT
etag
W/"8fde-GiPniqudDPVmTXGDGZSV62YlB4M"
expires
Fri, 06 Dec 2024 12:57:38 GMT
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-dl
16
x-auth0-l
0.084
x-auth0-requestid
3598cc8561fe817df81e
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1733489865
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8edc7155dda0dbc3-FRA
content-length
446
content-type
text/html; charset=utf-8
date
Fri, 06 Dec 2024 12:57:37 GMT
location
/u/login/identifier?state=hKFo2SBXT2ltTkRZb01DSUN5aWFCeUZfN2dxZ05wb1UwM05TV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExMb29kYWk4UlRGdWpPV2Eyd21IZ05WM01ndlRMTnI4o2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-l
0.091
x-auth0-requestid
644487d25ddcd6fceff2
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
290
x-ratelimit-reset
1733489858
nlfu1kpa
widget.intercom.io/widget/
7 KB
3 KB
Script
General
Full URL
https://widget.intercom.io/widget/nlfu1kpa
Requested by
Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/js-integrations/INTERCOM.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

content-encoding
gzip
x-amz-version-id
gEW619mCaHowzz1qD7PeJQt9apLaEse1
etag
"bda3c5c4c9386f740444c58315cfd73a"
age
246
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
x-amz-cf-id
y6m9wFO7Zs76GoLGCJgP7zRD6-5LS_W8QmciEb1r2U-AVeGnBUsv7g==
date
Fri, 06 Dec 2024 12:53:31 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding, Origin
last-modified
Fri, 06 Dec 2024 11:58:30 GMT
cache-control
max-age=300, s-maxage=300, public
cross-origin-resource-policy
cross-origin
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2667
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
frame-modern.7e4cdb9a.js
js.intercomcdn.com/ Frame CFBE
473 KB
143 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.7e4cdb9a.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/nlfu1kpa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-76.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"3acb353a7db96b58de4eb3c36e3840e5"
x-amz-version-id
dt6OR0gszhkCHB_2HrGLngyKjlpIFf2b
age
3545
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
H1OHrkK6m7-PtcZrRoIQGlzBvddD_OMp7sWFiFczqmeI9ViCN_gFSw==
date
Fri, 06 Dec 2024 11:58:33 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 06 Dec 2024 11:55:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 7daf545331a4f565a58e22b0fa952528.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
145683
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor-modern.5c288613.js
js.intercomcdn.com/ Frame CFBE
456 KB
145 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.5c288613.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/nlfu1kpa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-76.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
h1xPpu.NIF_ABzUbMHqf__h1gz4NgrBN
etag
"cfcbe890471af67f5140f9f36766a673"
age
7059
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
5FGXND1wZPL98xqnPxUWr6nxaOLkLRvsYOFetGadOYhTyaynOJETqA==
date
Fri, 06 Dec 2024 10:59:59 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding
last-modified
Fri, 22 Nov 2024 14:59:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 7daf545331a4f565a58e22b0fa952528.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
147369
x-amz-cf-pop
FRA56-P11
server
AmazonS3
x-amz-server-side-encryption
AES256
launcher_settings
api-iam.intercom.io/messenger/web/ Frame CFBE
241 B
914 B
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/launcher_settings
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7e4cdb9a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.100.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

x-request-id
0000m6h59v6t3219bgig
access-control-expose-headers
x-request-id
content-encoding
gzip
etag
W/"66999b55469345ba65a2131d11ad84ae"
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
status
200 OK
date
Fri, 06 Dec 2024 12:57:37 GMT
content-type
application/json; charset=utf-8
vary
Accept,Accept-Encoding
x-runtime
0.046706
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31556952; includeSubDomains; preload
x-request-queueing
0
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://sigmund.headway.co
x-xss-protection
1; mode=block
x-intercom-version
d90903d0062f38b1ff8571f7927ff3fc982e9d78
x-ami-version
ami-0a6b4dd20c035b9fa
server
nginx
ping
api-iam.intercom.io/messenger/web/ Frame CFBE
4 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7e4cdb9a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.100.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

x-request-id
00044rpffht82qtd4j5g
access-control-expose-headers
x-request-id
content-encoding
gzip
etag
W/"708dc52e57f3a8e245248c8d06588d7e"
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
status
200 OK
date
Fri, 06 Dec 2024 12:57:37 GMT
content-type
application/json; charset=utf-8
vary
Accept,Accept-Encoding
x-runtime
0.237768
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31556952; includeSubDomains; preload
x-request-queueing
0
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://sigmund.headway.co
x-xss-protection
1; mode=block
x-intercom-version
d90903d0062f38b1ff8571f7927ff3fc982e9d78
x-ami-version
ami-0a6b4dd20c035b9fa
server
nginx
page_view_events
api-iam.intercom.io/messenger/web/ Frame CFBE
0
585 B
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/page_view_events
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7e4cdb9a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.22.100.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-100-5.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

x-request-id
00201113k087u62fve70
access-control-expose-headers
x-request-id
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
status
204 No Content
date
Fri, 06 Dec 2024 12:57:38 GMT
vary
Accept
x-runtime
0.052587
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31556952; includeSubDomains; preload
x-request-queueing
0
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://sigmund.headway.co
x-xss-protection
1; mode=block
x-intercom-version
d90903d0062f38b1ff8571f7927ff3fc982e9d78
x-ami-version
ami-0a6b4dd20c035b9fa
server
nginx
main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.103.3/css/
279 KB
64 KB
Stylesheet
General
Full URL
https://cdn.auth0.com/ulp/react-components/1.103.3/css/main.cdn.min.css
Requested by
Host: login.headway.co
URL: https://login.headway.co/u/login/identifier?state=hKFo2SBXT2ltTkRZb01DSUN5aWFCeUZfN2dxZ05wb1UwM05TV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExMb29kYWk4UlRGdWpPV2Eyd21IZ05WM01ndlRMTnI4o2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:b800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b8d0011b252cc3fe682a05e4aa71f9670d7dcf2423ec67a0548e0f22d68c011
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag
noindex
content-encoding
gzip
x-amz-version-id
YDuwwqW14CMj6v6Iu5_RGUVcViaUYt_R
etag
W/"07b8413b9c856003cb33b4bb74a67e1e"
age
50186
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
CMRQhol-N1ZOgO4U7Xf_MypKRv-lKEbcRGxwRltXeACd6tq7xfrWSw==
date
Thu, 05 Dec 2024 23:01:12 GMT
content-type
text/css
vary
accept-encoding
last-modified
Mon, 02 Dec 2024 20:16:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-replication-status
FAILED
cache-control
max-age=86400
via
1.1 9a97e41242551c9a56be1311e4d3db70.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
server
AmazonS3
x-amz-server-side-encryption
AES256
HeadwayLogoAuth0.png
headway.co/
25 KB
26 KB
Image
General
Full URL
https://headway.co/HeadwayLogoAuth0.png
Requested by
Host: login.headway.co
URL: https://login.headway.co/u/login/identifier?state=hKFo2SBXT2ltTkRZb01DSUN5aWFCeUZfN2dxZ05wb1UwM05TV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExMb29kYWk4UlRGdWpPV2Eyd21IZ05WM01ndlRMTnI4o2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5deda1350a5fe21d7a09f44d006ba2243f660b5a916b19cb3b5b83cf8b4cd8f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=3600
cf-cache-status
REVALIDATED
etag
W/"65ad-19399cc18b0"
cf-ray
8edc715e0ad4dc94-FRA
accept-ranges
bytes
content-length
26029
date
Fri, 06 Dec 2024 12:57:38 GMT
content-type
image/png
last-modified
Fri, 06 Dec 2024 02:28:30 GMT
vary
Accept-Encoding
server
cloudflare
PostGrotesk-Book.woff
assets.headway.co/fonts/
74 KB
75 KB
Font
General
Full URL
https://assets.headway.co/fonts/PostGrotesk-Book.woff
Requested by
Host: login.headway.co
URL: https://login.headway.co/u/login/identifier?state=hKFo2SBXT2ltTkRZb01DSUN5aWFCeUZfN2dxZ05wb1UwM05TV6Fur3VuaXZlcnNhbC1sb2dpbqN0aWTZIExMb29kYWk4UlRGdWpPV2Eyd21IZ05WM01ndlRMTnI4o2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-16.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5cb6d889affd5d8a9e42657b2229455bbf29c9f973722a6b930abbae84116f8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.headway.co
Referer
https://login.headway.co/

Response headers

x-amz-version-id
y5PnvdS9dFcr.muB8Dbf1KsjOs_sXvAQ
etag
"23fc369bb7d5eb79cec540e77fd420d1"
x-cache
RefreshHit from cloudfront
x-amz-cf-id
QCr5Deurd6uaxMvrAVDBiUaWinmyKMy_OJQ7QKA0LdSsndi15Tz1zA==
date
Fri, 06 Dec 2024 12:57:39 GMT
content-type
binary/octet-stream
last-modified
Fri, 22 Mar 2024 20:26:36 GMT
vary
Origin
x-frame-options
SAMEORIGIN
via
1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://login.headway.co
content-length
75952
x-xss-protection
1
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
favicon.ico
headway.co/
3 KB
4 KB
Other
General
Full URL
https://headway.co/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e14869f7e8b4f395abf26164ffa9d4a4c79640bd78731b0d18258a55c09d47f0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=631138519
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"group":"browser-intake-datadoghq","max_age":10886400,"endpoints":[{"url":"https://browser-intake-datadoghq.com/api/v2/logs?dd-evp-origin=content-security-policy&ddsource=csp-report&dd-api-key=pubf70c6617a9da53eefac5ea86a9f0f8a1&ddtags=env%3Aproduction%2Cservice%3Amarketing%2Cversion%3A449abbd9ea2e4aefcadd56c7aa15dbfe8a46c797"}]}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8edc7160397cdc94-FRA
expires
-1
content-security-policy-report-only
default-src 'self'; img-src 'self' data: https://gravatar.com https://maps.googleapis.com https://maps.gstatic.com https://cdn.builder.io https://www.googletagmanager.com https://i.ytimg.com/ https://js.chilipiper.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.rudderlabs.com https://www.googletagmanager.com https://maps.googleapis.com https://cdn.plaid.com https://static.zdassets.com/ https://go.headway.co https://munchkin.marketo.net https://js.chilipiper.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://calendly.com https://assets.calendly.com https://go.headway.co; connect-src 'self' https://*.launchdarkly.com https://*.rudderstack.com https://maps.googleapis.com *.sentry.io https://ekr.zdassets.com https://cdn.builder.io https://api.chilipiper.com https://*.mktoresp.com https://headway-production-protected-assets.s3.amazonaws.com; font-src 'self' https://fonts.gstatic.com; frame-src https://cdn.plaid.com https://go.headway.co https://www.youtube.com/ https://headway-production-protected-assets.s3.amazonaws.com; report-to browser-intake-datadoghq
date
Fri, 06 Dec 2024 12:57:38 GMT
content-type
image/x-icon
server
cloudflare
x-frame-options
DENY

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sigmund.headway.co
URL
blob:https://sigmund.headway.co/99144baf-7350-429d-91f1-b9b132c16361

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ulpFlags

18 Cookies

Domain/Path Name / Value
.headway.co/ Name: __cf_bm
Value: 7gc1vceXO5cODnS4fWq_C1jDhD0UHLAd_yLvmv8hZUU-1733489855-1.0.1.1-ewTgz_Uex3W2vtbYD7J3guFeSt3W6_GvvFKrnnaOT1tbf8IZGUhAbEhU8Fbq8..uG_i2py4t7Tkvt9Z3UCq5tw
.headway.co/ Name: rl_user_id
Value: RudderEncrypt%3AU2FsdGVkX19Jmdc%2FHHxqgi%2BRT1%2BGLnF1dq7cjZHbsgU%3D
.headway.co/ Name: rl_trait
Value: RudderEncrypt%3AU2FsdGVkX19ErXC%2FgbtkoupmCKoaX%2FG7sfB2HKltlcM%3D
.headway.co/ Name: rl_group_id
Value: RudderEncrypt%3AU2FsdGVkX18CAqjFG2uE9fVn6jHXnCaQFvKiOdaSxmY%3D
.headway.co/ Name: rl_group_trait
Value: RudderEncrypt%3AU2FsdGVkX180Tn2oRRHt7VtSIt5wIhzAQzt%2BziZRlw0%3D
.headway.co/ Name: rl_anonymous_id
Value: RudderEncrypt%3AU2FsdGVkX1%2BFz8EKWaAyOGxTzS03geAS4F09QKwxEA4lH6U%2F2BOOT3jrGOhPpIf88dYft2GT%2BA6s6BW8n5g7AQ%3D%3D
.headway.co/ Name: rl_page_init_referrer
Value: RudderEncrypt%3AU2FsdGVkX18W79hP8lGCkXCHZYcXf3Q2u4h08%2Bbidi8%3D
.headway.co/ Name: rl_page_init_referring_domain
Value: RudderEncrypt%3AU2FsdGVkX18czXdh0Px%2BuuieNde4ZYYhS4rOxAImUSk%3D
.headway.co/ Name: rl_session
Value: RudderEncrypt%3AU2FsdGVkX18cMODwBDCF%2FVHHxNIgKVPb4m2g%2F%2FDcdLGdoMeN%2FRqvWelREnMqGzmQ%2FKrwT9TIhqaVSFnErSZzdbEWt6K95q%2F078N5x16RvlWTgTs229X%2FeteWHmDA5vwl%2B9xyMGZEeZnn1i1I0Qqv6A%3D%3D
login.headway.co/ Name: did
Value: s%3Av0%3Acee5666c-e34f-4237-a91d-48c3a1149eca.n%2Bl8gHusaFiJa8XePVg9eg3dH04Kjpd8QJRgUm70nvM
login.headway.co/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQLMPAkTqQEn0xpRo-rVpGkw-8lyKvZnTBzVdqkIS-w43HOvXxYs8argIsqnz9eIvyRZEn6O9MmH51YLR_xoVJU-mY29va2llg6dleHBpcmVz1_91ilUAZ1bpQa5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.p%2FEfip0nMejc5ygUp%2B1PO8rrrjufpWEbQde8kUGbD%2BY
login.headway.co/ Name: did_compat
Value: s%3Av0%3Acee5666c-e34f-4237-a91d-48c3a1149eca.n%2Bl8gHusaFiJa8XePVg9eg3dH04Kjpd8QJRgUm70nvM
login.headway.co/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQLMPAkTqQEn0xpRo-rVpGkw-8lyKvZnTBzVdqkIS-w43HOvXxYs8argIsqnz9eIvyRZEn6O9MmH51YLR_xoVJU-mY29va2llg6dleHBpcmVz1_91ilUAZ1bpQa5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.p%2FEfip0nMejc5ygUp%2B1PO8rrrjufpWEbQde8kUGbD%2BY
.headway.co/ Name: intercom-id-nlfu1kpa
Value: 3791c82d-fa9a-4e6f-b63e-74b7f7c55303
.headway.co/ Name: intercom-session-nlfu1kpa
Value:
.headway.co/ Name: intercom-device-id-nlfu1kpa
Value: 2f3c9550-7669-4640-9ef0-41aca66fb308
.headway.co/ Name: hw_session
Value: eyJpZCI6IjNjNzgxZDQ4LWJmMTktNGY4NS05ZGE4LTIzZmUzYWJiNjBjYSIsIm5vd0luTWludXRlcyI6Mjg4OTE0OTd9
.headway.co/ Name: hw_session.sig
Value: cDfHr28upNCzgG40Ksj_RhUZEi0

1 Console Messages

Source Level URL
Text
network error URL: https://api.headway.co/api/sigmund/me
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.headway.co
api.rudderstack.com
assets.headway.co
cdn.auth0.com
cdn.rudderlabs.com
findheadwaumps.dataplane.rudderstack.com
fonts.googleapis.com
headway.co
js.intercomcdn.com
js.stripe.com
login.headway.co
sentry.io
sigmund.headway.co
use.fontawesome.com
widget.intercom.io
sigmund.headway.co
107.22.100.5
108.138.26.50
13.224.189.121
13.225.78.93
162.159.140.173
18.244.18.76
2600:9000:214f:5200:16:a497:9700:93a1
2600:9000:2359:b800:10:474e:104a:2961
2606:4700:3037::ac43:8ef5
2606:4700::6813:a718
2a00:1450:4001:82a::200a
35.186.247.156
52.22.248.30
99.86.4.16
052ecae331664fc4d0cee0206625a92054f4fe83a1db66e02594c2fbfe56f1c4
26b52931e9e5f24b8b9ab99b62d5be4353b29c16fddc8e3b7b15112a68a99613
30d3b6f18bd35158d72f39105a33567c183dfbd750b815320fa042b21439ca00
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48efa359a07ee48b90996e03c87b8ffeec0cd64103f861b818fddf2761805246
4b8d0011b252cc3fe682a05e4aa71f9670d7dcf2423ec67a0548e0f22d68c011
5deda1350a5fe21d7a09f44d006ba2243f660b5a916b19cb3b5b83cf8b4cd8f5
853ad95a58d9d64b36ff1a2d0232f7cbe249c78c15bd71b9e640cd84701c74a6
88ad47a45792aa767fca025812b7cbc196fbd6a9ea1d6e4158bd06beaff52bc7
a5cb6d889affd5d8a9e42657b2229455bbf29c9f973722a6b930abbae84116f8
b64471a80a6405aef70e8302a7a638fbaefb5939aec12b797428ec48c1eba975
d834f1d8d599d73d5d5a63edae9b409299ea5701308af351a509264ea9d51204
e14869f7e8b4f395abf26164ffa9d4a4c79640bd78731b0d18258a55c09d47f0
eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e
f31d4c13d8d7d4f4386ac7718a903f49d20bc0fefbef51f3258302dc68d8d66c