orion-dev-exchange-cpa.safesendwebsites.com Open in urlscan Pro
51.105.228.104  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response orion-dev-exchange-cpa.safesendwebsites.com/	1 KB 987 B	152ms 109ms	Document text/html	51.105.228.104 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://orion-dev-exchange-cpa.safesendwebsites.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.228.104 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ad4a31862dfb281af7e9499f2916af825d858c13168c7e7f9492dade933a328e Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control public, must-revalidate, max-age=30 content-encoding br content-type text/html date Mon, 19 Feb 2024 08:42:52 GMT etag "62864928" last-modified Fri, 16 Feb 2024 09:19:27 GMT referrer-policy same-origin strict-transport-security max-age=10886400; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 1; mode=block
GET H2	200	css2 fonts.googleapis.com/	28 KB 1 KB	119ms 62ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Requested by Host: orion-dev-exchange-cpa.safesendwebsites.com URL: https://orion-dev-exchange-cpa.safesendwebsites.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8f7c73fc33a164ebded38246bd119c604d319369766dac68f0ecc7548e106076 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 19 Feb 2024 08:42:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 19 Feb 2024 07:45:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 19 Feb 2024 08:42:53 GMT
GET H2	200	main.b5581793.js Show response orion-dev-exchange-cpa.safesendwebsites.com/static/js/	4 MB 1 MB	246ms 246ms	Script text/javascript	51.105.228.104 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://orion-dev-exchange-cpa.safesendwebsites.com/static/js/main.b5581793.js Requested by Host: orion-dev-exchange-cpa.safesendwebsites.com URL: https://orion-dev-exchange-cpa.safesendwebsites.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.228.104 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash b3e72d15f68554f1afc0b6a4368d7ed0b0dd2c047f9729397a4e1eaedc434b3d Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://orion-dev-exchange-cpa.safesendwebsites.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 08:42:52 GMT content-encoding br referrer-policy same-origin strict-transport-security max-age=10886400; includeSubDomains; preload last-modified Fri, 16 Feb 2024 09:19:27 GMT x-content-type-options nosniff etag "62864928" vary Accept-Encoding x-dns-prefetch-control off content-type text/javascript cache-control public, must-revalidate, max-age=30 x-xss-protection 1; mode=block
GET H2	200	main.2dca8554.css orion-dev-exchange-cpa.safesendwebsites.com/static/css/	583 KB 113 KB	50ms 49ms	Stylesheet text/css	51.105.228.104 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://orion-dev-exchange-cpa.safesendwebsites.com/static/css/main.2dca8554.css Requested by Host: orion-dev-exchange-cpa.safesendwebsites.com URL: https://orion-dev-exchange-cpa.safesendwebsites.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.228.104 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7586fd4e78bb9573b9bbcbdfacecf6bd424bae9fd38051117e950a0b30748b83 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://orion-dev-exchange-cpa.safesendwebsites.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 08:42:53 GMT content-encoding br referrer-policy same-origin strict-transport-security max-age=10886400; includeSubDomains; preload last-modified Fri, 16 Feb 2024 09:19:27 GMT x-content-type-options nosniff etag "62864928" vary Accept-Encoding x-dns-prefetch-control off content-type text/css cache-control public, must-revalidate, max-age=30 x-xss-protection 1; mode=block
GET H2	200	embed.js Show response solve-widget.forethought.ai/	30 KB 9 KB	94ms 55ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://solve-widget.forethought.ai/embed.js Requested by Host: orion-dev-exchange-cpa.safesendwebsites.com URL: https://orion-dev-exchange-cpa.safesendwebsites.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 089594889ef5d34aafe29178eefb97b36c397d17f2d5d80d0074522f75742377 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 08:42:53 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"f862dc417277d4f13d9fe33645b630b4" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOTWn7yrGjZwIBCVHSkL3UGcfD6p6vKqhhTW0RLPETAIUnoO74rp%2FTyEE8i%2FDeDWxnAfMpGpp8AZgwE2U4FLk7udPnQHUkB2CEVnvDPHOyXNROefxuylonWza01PmyaZyQleG7kV%2BBfHKBNQ83ikiy98IVh%2FmScLRBk%3D"}],"group":"cf-nel","max_age":604800} cache-control no-cache cf-ray 857d3814bf8eb75e-AMS alt-svc h3=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	2 KB 666 B	61ms 61ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto Requested by Host: orion-dev-exchange-cpa.safesendwebsites.com URL: https://orion-dev-exchange-cpa.safesendwebsites.com/static/css/main.2dca8554.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 19 Feb 2024 08:42:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 19 Feb 2024 06:45:09 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 19 Feb 2024 08:42:53 GMT
GET H2	200	/ Show response solve-widget.forethought.ai/ Frame D690	939 B 2 KB	48ms 47ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://solve-widget.forethought.ai/?v=2 Requested by Host: solve-widget.forethought.ai URL: https://solve-widget.forethought.ai/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d087089652df74d0921e89d65d5f03a600e18fb4b81702b663e24c22ea51d95a Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control no-cache, no-transform cf-ray 857d3818dbcab75e-AMS content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 08:42:54 GMT etag "a776d1b58f07e37c2274e7d2ce0ac008" link <https://solve-api.forethought.ai/>; rel="preconnect", <https://static.cloudflareinsights.com>; rel="preconnect", <https://cloudflareinsights.com>; rel="preconnect" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSauGhOWYgEbqfmupXkpnqPO2wUu1EGhhgie43bCKPd%2FJMK48FLuL%2FBrj97q8bbru%2Fe5NsPwz1rChLCIstFrpdrjqqH9cHTlDI%2BMS0%2FQhFlS0CV8JAp6ZWOdqVqDsMPd1yWPTGVIG3gHTK8n4htB5oIjApDZ%2BOfEfko%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff
GET H2	200	user-details Show response orion-dev-exchange-cpa.safesendwebsites.com/api/user-management/	1 KB 663 B	31ms 31ms	XHR text/html	51.105.228.104 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://orion-dev-exchange-cpa.safesendwebsites.com/api/user-management/user-details Requested by Host: orion-dev-exchange-cpa.safesendwebsites.com URL: https://orion-dev-exchange-cpa.safesendwebsites.com/static/js/main.b5581793.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.228.104 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ad4a31862dfb281af7e9499f2916af825d858c13168c7e7f9492dade933a328e Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://orion-dev-exchange-cpa.safesendwebsites.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 08:42:54 GMT content-encoding br referrer-policy same-origin strict-transport-security max-age=10886400; includeSubDomains; preload last-modified Fri, 16 Feb 2024 09:19:27 GMT x-content-type-options nosniff etag "62864928" vary Accept-Encoding x-dns-prefetch-control off content-type text/html cache-control public, must-revalidate, max-age=30 x-xss-protection 1; mode=block
GET H2	200	IsProductSubscribedInCompany Show response orion-dev-exchange-cpa.safesendwebsites.com/api/Company/	1 KB 693 B	30ms 30ms	XHR text/html	51.105.228.104 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://orion-dev-exchange-cpa.safesendwebsites.com/api/Company/IsProductSubscribedInCompany Requested by Host: orion-dev-exchange-cpa.safesendwebsites.com URL: https://orion-dev-exchange-cpa.safesendwebsites.com/static/js/main.b5581793.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.228.104 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ad4a31862dfb281af7e9499f2916af825d858c13168c7e7f9492dade933a328e Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://orion-dev-exchange-cpa.safesendwebsites.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 08:42:54 GMT content-encoding br referrer-policy same-origin strict-transport-security max-age=10886400; includeSubDomains; preload last-modified Fri, 16 Feb 2024 09:19:27 GMT x-content-type-options nosniff etag "62864928" vary Accept-Encoding x-dns-prefetch-control off content-type text/html cache-control public, must-revalidate, max-age=30 x-xss-protection 1; mode=block
GET H3	200	embed.js Show response solve-widget.forethought.ai/ Frame D690	30 KB 9 KB	68ms 68ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://solve-widget.forethought.ai/embed.js Requested by Host: solve-widget.forethought.ai URL: https://solve-widget.forethought.ai/?v=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 089594889ef5d34aafe29178eefb97b36c397d17f2d5d80d0074522f75742377 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://solve-widget.forethought.ai/?v=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 08:42:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"f862dc417277d4f13d9fe33645b630b4" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3NZihuwsPMa3QEsUll8RX3F%2BwKVF8kWuOt2UJZhsXraw8%2Fj96SxPyXT4QD7ePcObafYzew5IcYt7R61uQllOhNzsivmwg0H5ZA%2F4LwDfNWJZtKiC3ryMVag09dCVdbw1ayrlG8dS85ZAwp%2Fjx9VhrJwUpY%2BavZj9DE%3D"}],"group":"cf-nel","max_age":604800} cache-control no-cache cf-ray 857d38192fe966d0-AMS alt-svc h3=":443"; ma=86400
GET H3	200	main.977ee44e.js Show response solve-widget.forethought.ai/static/js/ Frame D690	49 KB 19 KB	52ms 52ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://solve-widget.forethought.ai/static/js/main.977ee44e.js Requested by Host: solve-widget.forethought.ai URL: https://solve-widget.forethought.ai/?v=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd66475844e5697f9fc9765701e02d4719fcd0038c6d4f8b554ec805e325edf7 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://solve-widget.forethought.ai/?v=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 08:42:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"f8359555b00ee79e1bfcaf27b9f5cd02" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpLHmr4wtOQPRd9qkzCmS8eR88kzO04l%2FtUk5q8suBqALdfAPrepiAKTvmkjWVuLlUwmb3tIUNvPbath%2BtFlJ06wC1NMV8WmqB5WumOuaVoq31bbIYhkRsRVqZW8zUUZBarpXahRfFCiJArJ4gsLNHqQLmQ1sixk2%2FM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 857d38192feb66d0-AMS alt-svc h3=":443"; ma=86400
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/ Frame D690	20 KB 7 KB	94ms 56ms	Script text/javascript	2606:4700::6810:3965 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: solve-widget.forethought.ai URL: https://solve-widget.forethought.ai/?v=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Request headers accept-language nl-NL,nl;q=0.9 Referer https://solve-widget.forethought.ai/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 08:42:54 GMT content-encoding gzip last-modified Tue, 10 Oct 2023 21:38:13 GMT server cloudflare etag W/"2023.10.0" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 857d3819685bb896-AMS
GET H2	200	IsProductEnabledInCompany Show response orion-dev-exchange-cpa.safesendwebsites.com/api/Company/	1 KB 663 B	20ms 20ms	XHR text/html	51.105.228.104 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://orion-dev-exchange-cpa.safesendwebsites.com/api/Company/IsProductEnabledInCompany Requested by Host: orion-dev-exchange-cpa.safesendwebsites.com URL: https://orion-dev-exchange-cpa.safesendwebsites.com/static/js/main.b5581793.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.105.228.104 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash ad4a31862dfb281af7e9499f2916af825d858c13168c7e7f9492dade933a328e Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://orion-dev-exchange-cpa.safesendwebsites.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 08:42:53 GMT content-encoding br referrer-policy same-origin strict-transport-security max-age=10886400; includeSubDomains; preload last-modified Fri, 16 Feb 2024 09:19:27 GMT x-content-type-options nosniff etag "62864928" vary Accept-Encoding x-dns-prefetch-control off content-type text/html cache-control public, must-revalidate, max-age=30 x-xss-protection 1; mode=block
GET H3	200	96.d11ad585.chunk.js Show response solve-widget.forethought.ai/static/js/ Frame D690	1 MB 351 KB	57ms 57ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://solve-widget.forethought.ai/static/js/96.d11ad585.chunk.js Requested by Host: solve-widget.forethought.ai URL: https://solve-widget.forethought.ai/static/js/main.977ee44e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe5b86dd1afae09c11af62ccbbdf89cc402e546ab9f0f0816141919fab21c13e Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://solve-widget.forethought.ai/?v=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 08:42:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6fa26d19e6a776b4769d47c366fe00e6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ef%2Fj1T6wQaB3luQ29YRurSEkpIFZo8ve0weMXiNA2ZsC8ThujrXkYQ72xSkNy22XtxZP76grkvEVYkhNo3PR1YEKL2fRQ3uoN6yIo2kyJjUGTzIDV%2BmOOycuq1L%2FjMFix7OIgsF%2FP5Fz4ardIyH4I7S6cf%2BEfAWWgP0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 857d3819989466d0-AMS alt-svc h3=":443"; ma=86400
GET H3	200	952.1da512b3.chunk.css solve-widget.forethought.ai/static/css/ Frame D690	787 B 830 B	127ms 127ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://solve-widget.forethought.ai/static/css/952.1da512b3.chunk.css Requested by Host: solve-widget.forethought.ai URL: https://solve-widget.forethought.ai/static/js/main.977ee44e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13e32fba021efeb1739b9a8a4b73fe9033190bf053e639e1cacf214c98998e2f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://solve-widget.forethought.ai/?v=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 08:42:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"034393706e5e65bf8ef64499fc65d098" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7LG12HMOb7wPIJV0Q%2FQOEeQN8eTveY6a%2FnqgDl232I3OOJPpP6t9RAirT6IwCfYk2rhNcLdIA0cvZmBeS2tQz4pOuoiyAtz0RRNqF5jXSG8jUifZ2OWatrrr82GyeKwAtasY2%2BCiZHx4fF98OPmwSfD5iOkJkRuLO8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 857d3819989766d0-AMS alt-svc h3=":443"; ma=86400
GET H3	200	952.8e795bce.chunk.js Show response solve-widget.forethought.ai/static/js/ Frame D690	198 KB 53 KB	57ms 57ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://solve-widget.forethought.ai/static/js/952.8e795bce.chunk.js Requested by Host: solve-widget.forethought.ai URL: https://solve-widget.forethought.ai/static/js/main.977ee44e.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44ce8be4d9aafad72fbbc8d0a4b5a0e7f99b8516509cc3de2445b01d651a399a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://solve-widget.forethought.ai/?v=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 08:42:54 GMT content-encoding br referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"62879526b4d300b4b5617b4151a4d7b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYwMoQ27kx7v%2Bp7HDzwos3U7%2FdIm6VyXdueoGxqcEG5Y31xkP33uDSGbYs53S2C2O8%2BOMQKqzwMA1ttHelRlnasxR5%2B84%2B%2BWdKKWcvjbhaxE60Y1xiBVuur9J12cofNd1SQ3XK00QS%2Fk7SwGOGhE2BU4Rg55RxjkvV4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable cf-ray 857d3819989c66d0-AMS alt-svc h3=":443"; ma=86400
POST H2	200	/ Show response o185886.ingest.sentry.io/api/5321290/envelope/ Frame D690	2 B 324 B	69ms 28ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o185886.ingest.sentry.io/api/5321290/envelope/?sentry_key=e69efc0111d24ee3b79752765776ca0a&sentry_version=7&sentry_client=sentry.javascript.react%2F7.101.1 Requested by Host: solve-widget.forethought.ai URL: https://solve-widget.forethought.ai/static/js/96.d11ad585.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://solve-widget.forethought.ai/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 19 Feb 2024 08:42:54 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after x-envoy-upstream-service-time 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2
POST H2	204	rum Show response cloudflareinsights.com/cdn-cgi/ Frame D690	0 37 B	22ms 21ms	XHR text/plain	2606:4700::6810:3865 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cloudflareinsights.com/cdn-cgi/rum Requested by Host: solve-widget.forethought.ai URL: https://solve-widget.forethought.ai/static/js/96.d11ad585.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://solve-widget.forethought.ai/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 content-type application/json Response headers date Mon, 19 Feb 2024 08:42:54 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://solve-widget.forethought.ai x-frame-options DENY access-control-allow-credentials true cf-ray 857d381b8c9a0b87-AMS
OPTIONS H2	200	rum cloudflareinsights.com/cdn-cgi/ Frame	0 0	58ms 20ms	Preflight text/plain	2606:4700::6810:3865 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cloudflareinsights.com/cdn-cgi/rum Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://solve-widget.forethought.ai Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type access-control-allow-methods POST,OPTIONS access-control-allow-origin https://solve-widget.forethought.ai access-control-max-age 86400 cf-ray 857d381b6c420b87-AMS content-encoding gzip content-type text/plain date Mon, 19 Feb 2024 08:42:54 GMT server cloudflare vary Origin x-content-type-options nosniff x-frame-options DENY
POST H2	200	widget-config Show response solve-api.forethought.ai/workflow/ Frame D690	3 KB 1 KB	577ms 576ms	Fetch application/json	2606:4700::6813:9a7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://solve-api.forethought.ai/workflow/widget-config Requested by Host: solve-widget.forethought.ai URL: https://solve-widget.forethought.ai/static/js/96.d11ad585.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9cce248d0600a705477b5ab62d29362bf117a6823f2cf353a6a9a9538a78efab Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers solve-origin https://orion-dev-exchange-cpa.safesendwebsites.com accept-language nl-NL,nl;q=0.9 Authorization Bearer d0e4c96e-6c29-44dc-855c-818a7ce71e1b User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 is-draft false Content-Type application/json Referer https://solve-widget.forethought.ai/ is-preview false is-config-preview false Response headers date Mon, 19 Feb 2024 08:42:55 GMT x-envoy-decorator-operation solve-api-cluster-ip-service.default.svc.cluster.local:80/* content-encoding br strict-transport-security max-age=15724800; includeSubDomains cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/json access-control-allow-origin https://solve-widget.forethought.ai access-control-allow-credentials true x-envoy-upstream-service-time 32 cf-ray 857d381cba0fb927-AMS alt-svc h3=":443"; ma=86400
OPTIONS H2	200	widget-config solve-api.forethought.ai/workflow/ Frame	0 0	237ms 198ms	Preflight text/plain	2606:4700::6813:9a7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://solve-api.forethought.ai/workflow/widget-config Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept */* Access-Control-Request-Headers authorization,content-type,is-config-preview,is-draft,is-preview,solve-origin Access-Control-Request-Method POST Origin https://solve-widget.forethought.ai Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,content-type,is-config-preview,is-draft,is-preview,solve-origin access-control-allow-methods DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT access-control-allow-origin https://solve-widget.forethought.ai access-control-max-age 600 alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 857d381b7856b927-AMS content-length 2 content-type text/plain; charset=utf-8 date Mon, 19 Feb 2024 08:42:54 GMT server cloudflare strict-transport-security max-age=15724800; includeSubDomains vary Origin x-envoy-decorator-operation solve-api-cluster-ip-service.default.svc.cluster.local:80/* x-envoy-upstream-service-time 1
GET H2	200	f80c581c-3d47-4923-ae43-4eee4e449d79.png d3tnn7lar6ozas.cloudfront.net/ Frame D690	820 B 1 KB	75ms 25ms	Image image/png	2600:9000:2251:f600:b:57ee:ad00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3tnn7lar6ozas.cloudfront.net/f80c581c-3d47-4923-ae43-4eee4e449d79.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2251:f600:b:57ee:ad00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5f366a5f008bb1ccab1760aa7665906aefeb672dc561fbfd18af8534b4226f49 Request headers accept-language nl-NL,nl;q=0.9 Referer https://solve-widget.forethought.ai/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers x-amz-version-id t5Z405CbQmWjo6hoHIg2KVdlH2.At15D date Mon, 19 Feb 2024 08:42:54 GMT via 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront) last-modified Tue, 17 Oct 2023 16:49:00 GMT server AmazonS3 x-amz-cf-pop FRA60-P3 age 2 x-amz-server-side-encryption AES256 etag "4253c454b99cf9c1aa22e47cc1494b3b" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=31536000, immutable accept-ranges bytes content-length 820 x-amz-cf-id v6r1MliQF2vioqp8rzY-mzYvLJOPsvheZtR3b_WdKED1VqZLYuHpdQ==
POST H3	200	tracking-event Show response solve-api.forethought.ai/workflow/ Frame D690	16 B 286 B	213ms 212ms	Fetch application/json	2606:4700::6813:9a7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://solve-api.forethought.ai/workflow/tracking-event Requested by Host: solve-widget.forethought.ai URL: https://solve-widget.forethought.ai/static/js/96.d11ad585.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:9a7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers solve-origin https://orion-dev-exchange-cpa.safesendwebsites.com accept-language nl-NL,nl;q=0.9 Authorization Bearer d0e4c96e-6c29-44dc-855c-818a7ce71e1b User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 is-draft false Content-Type application/json Referer https://solve-widget.forethought.ai/ is-preview false is-config-preview false Response headers date Mon, 19 Feb 2024 08:42:57 GMT x-envoy-decorator-operation solve-api-cluster-ip-service.default.svc.cluster.local:80/* strict-transport-security max-age=15724800; includeSubDomains cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/json access-control-allow-origin https://solve-widget.forethought.ai access-control-allow-credentials true x-envoy-upstream-service-time 20 cf-ray 857d3829ddd60e10-AMS alt-svc h3=":443"; ma=86400 content-length 16
OPTIONS H3	200	tracking-event solve-api.forethought.ai/workflow/ Frame	0 0	192ms 192ms	Preflight text/plain	2606:4700::6813:9a7a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://solve-api.forethought.ai/workflow/tracking-event Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:9a7a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept */* Access-Control-Request-Headers authorization,content-type,is-config-preview,is-draft,is-preview,solve-origin Access-Control-Request-Method POST Origin https://solve-widget.forethought.ai Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,content-type,is-config-preview,is-draft,is-preview,solve-origin access-control-allow-methods DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT access-control-allow-origin https://solve-widget.forethought.ai access-control-max-age 600 alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 857d38289c6b0e10-AMS content-length 2 content-type text/plain; charset=utf-8 date Mon, 19 Feb 2024 08:42:56 GMT server cloudflare strict-transport-security max-age=15724800; includeSubDomains vary Origin x-envoy-decorator-operation solve-api-cluster-ip-service.default.svc.cluster.local:80/* x-envoy-upstream-service-time 1

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _global object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| webpackChunkcp_sse_portal_app number| uidEvent object| __dynProto$Gbl function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _pdfjsCompatibilityChecked object| core object| pdfjsWorker function| Forethought object| intercomSettings

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloudflareinsights.com
d3tnn7lar6ozas.cloudfront.net
fonts.googleapis.com
o185886.ingest.sentry.io
orion-dev-exchange-cpa.safesendwebsites.com
solve-api.forethought.ai
solve-widget.forethought.ai
static.cloudflareinsights.com
2600:9000:2251:f600:b:57ee:ad00:21
2606:4700::6810:3865
2606:4700::6810:3965
2606:4700::6813:9a7a
2a00:1450:4001:81c::200a
2a06:98c1:3121::3
34.120.195.249
51.105.228.104
089594889ef5d34aafe29178eefb97b36c397d17f2d5d80d0074522f75742377
13e32fba021efeb1739b9a8a4b73fe9033190bf053e639e1cacf214c98998e2f
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44ce8be4d9aafad72fbbc8d0a4b5a0e7f99b8516509cc3de2445b01d651a399a
5f366a5f008bb1ccab1760aa7665906aefeb672dc561fbfd18af8534b4226f49
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
7586fd4e78bb9573b9bbcbdfacecf6bd424bae9fd38051117e950a0b30748b83
8f7c73fc33a164ebded38246bd119c604d319369766dac68f0ecc7548e106076
9cce248d0600a705477b5ab62d29362bf117a6823f2cf353a6a9a9538a78efab
ad4a31862dfb281af7e9499f2916af825d858c13168c7e7f9492dade933a328e
b3e72d15f68554f1afc0b6a4368d7ed0b0dd2c047f9729397a4e1eaedc434b3d
bd66475844e5697f9fc9765701e02d4719fcd0038c6d4f8b554ec805e325edf7
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d087089652df74d0921e89d65d5f03a600e18fb4b81702b663e24c22ea51d95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe5b86dd1afae09c11af62ccbbdf89cc402e546ab9f0f0816141919fab21c13e