app.navan.com Open in urlscan Pro
2606:4700::6812:40c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://collector.tripactions.com/r/tp2?p=web&e=se&se_ca=b61f17d0-e52d-4f42-a747-89337bc56f12&se_ac=link&uid=newUser:Jose+Carrasco...
Effective URL:
https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Submission: On June 08 via api (June 8th 2023, 11:04:41 am UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 1 countries across 9 domains to perform 58 HTTP transactions. The main IP is 2606:4700::6812:40c, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.navan.com. The Cisco Umbrella rank of the primary domain is 99885.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 7th 2022. Valid for: a year.

This is the only time app.navan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	2606:4700::68... 2606:4700::6813:d61c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2606:4700::68... 2606:4700::6812:40c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
6	2a04:4e42:200... 2a04:4e42:200::622	54113 (FASTLY) (FASTLY)
3	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
4	2600:9000:215... 2600:9000:2156:c00:3:d543:c240:21	16509 (AMAZON-02) (AMAZON-02)
6	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	52.40.78.65 52.40.78.65	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:7c00:19:3b4b:48c0:21	() ()
2	162.247.243.29 162.247.243.29	() ()
3	44.226.136.191 44.226.136.191	() ()
58	11

3 2606:4700::6813:d61c (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

collector.tripactions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.tripactions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700::6812:40c (United States)

ASN13335 (CLOUDFLARENET, US)

app.navan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)

fast.appcues.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:c00:3:d543:c240:21 (United States)

ASN16509 (AMAZON-02, US)

d35qahma2tlngp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.40.78.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-78-65.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:7c00:19:3b4b:48c0:21 (None, )

ASN- ()

d2w7f1pl8j4yzn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (None, )

ASN- ()

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.226.136.191 (None, )

ASN- ()

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	navan.com app.navan.com — Cisco Umbrella Rank: 99885	8 MB
14	stripe.com js.stripe.com — Cisco Umbrella Rank: 1602 q.stripe.com — Cisco Umbrella Rank: 11560 m.stripe.com — Cisco Umbrella Rank: 1484	278 KB
6	cloudfront.net d35qahma2tlngp.cloudfront.net d2w7f1pl8j4yzn.cloudfront.net	156 KB
6	appcues.com fast.appcues.com — Cisco Umbrella Rank: 7048	261 KB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 1741	33 KB
3	amplitude.com api2.amplitude.com	287 B
3	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 516	39 KB
3	tripactions.com 3 redirects collector.tripactions.com — Cisco Umbrella Rank: 108305 app.tripactions.com — Cisco Umbrella Rank: 195696	927 B
2	nr-data.net bam.nr-data.net	839 B
58	9

	Domain	Requested by
19	app.navan.com	app.navan.com js-agent.newrelic.com
6	q.stripe.com	app.navan.com
6	fast.appcues.com	app.navan.com js-agent.newrelic.com
6	js.stripe.com	app.navan.com js-agent.newrelic.com js.stripe.com
4	m.stripe.network	js.stripe.com m.stripe.network
4	d35qahma2tlngp.cloudfront.net	app.navan.com
3	api2.amplitude.com	js-agent.newrelic.com
3	js-agent.newrelic.com	app.navan.com js-agent.newrelic.com
2	bam.nr-data.net	js-agent.newrelic.com
2	d2w7f1pl8j4yzn.cloudfront.net	app.navan.com
2	m.stripe.com	m.stripe.network
2	app.tripactions.com	2 redirects
1	collector.tripactions.com	1 redirects
58	13

This site contains no links.

Subject Issuer	Validity	Valid
navan.com Cloudflare Inc ECC CA-3	`2022-12-07` - `2023-12-06`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-05-12` - `2023-08-13`	3 months	crt.sh
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-01` - `2023-12-03`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-05-25` - `2023-08-23`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Frame ID: 860CF0369D94F278FEF1779DA5C9CA6F
Requests: 40 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: AA43475DD4E3FE398F0ED98BF63E7F54
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0FB9CFC556C649FF9AE6A4B2768E0EBE
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: AFB22041B0B1D8245C4DB4DA7813B7AC
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3D28A271584758592674C1E4436304CA
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://collector.tripactions.com/r/tp2?p=web&e=se&se_ca=b61f17d0-e52d-4f42-a747-89337bc56f12&se_ac=link&uid=n... HTTP 302
https://app.tripactions.com/?utm_source=EmailVerificationInviteEmail HTTP 302
https://app.tripactions.com/app/user2 HTTP 302
https://app.navan.com/app/user2 Page URL
https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9 Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Page Statistics

58
Requests

98 %
HTTPS

45 %
IPv6

9
Domains

13
Subdomains

11
IPs

1
Countries

8902 kB
Transfer

31449 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://collector.tripactions.com/r/tp2?p=web&e=se&se_ca=b61f17d0-e52d-4f42-a747-89337bc56f12&se_ac=link&uid=newUser:Jose+Carrasco+Orellana&aid=email&tna=EmailVerificationInviteEmail&u=https://app.tripactions.com/?utm_source=EmailVerificationInviteEmail&utm_medium=email HTTP 302
https://app.tripactions.com/?utm_source=EmailVerificationInviteEmail HTTP 302
https://app.tripactions.com/app/user2 HTTP 302
https://app.navan.com/app/user2 Page URL
https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://collector.tripactions.com/r/tp2?p=web&e=se&se_ca=b61f17d0-e52d-4f42-a747-89337bc56f12&se_ac=link&uid=newUser:Jose+Carrasco+Orellana&aid=email&tna=EmailVerificationInviteEmail&u=https://app.tripactions.com/?utm_source=EmailVerificationInviteEmail&utm_medium=email HTTP 302
https://app.tripactions.com/?utm_source=EmailVerificationInviteEmail HTTP 302
https://app.tripactions.com/app/user2 HTTP 302
https://app.navan.com/app/user2

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

user2 Show response
app.navan.com/app/
Redirect Chain

https://collector.tripactions.com/r/tp2?p=web&e=se&se_ca=b61f17d0-e52d-4f42-a747-89337bc56f12&se_ac=link&uid=newUser:Jose+Carrasco+Orellana&aid=email&tna=EmailVerificationInviteEmail&u=https://app....
https://app.tripactions.com/?utm_source=EmailVerificationInviteEmail
https://app.tripactions.com/app/user2
https://app.navan.com/app/user2

9 KB
3 KB

234ms
193ms

Document
text/html

2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b083ad21b70f1c04a0a20a33900133b547e819d18ddae126540d98932c881ccd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d40a7871ee11e5b-FRA
content-encoding: br
content-type: text/html
date: Thu, 08 Jun 2023 11:04:30 GMT
last-modified: Wed, 07 Jun 2023 13:51:18 GMT
server: cloudflare
ta-request-uuid: adc2da35-38e4-4c76-840d-1f624d039157
vary: Accept-Encoding

Redirect headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7d40a786b97cbbbf-FRA
date: Thu, 08 Jun 2023 11:04:30 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: https://app.navan.com/app/user2
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
js.stripe.com/v3/ 490 KB
135 KB 50ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: app.navan.com
URL: https://app.navan.com/app/user2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

83e8fd698ac08cfac3b722ebddef2b72ae94571f1deda222e54fd309c51bc147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 11:04:30 GMT
via: 1.1 varnish
age: 56
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 137888
x-request-id: e3ab4997-f028-42ca-85f5-f27faf4541db
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Wed, 07 Jun 2023 21:12:46 GMT
server: Fastly
etag: "d18b9e8c7cbef021978d3f8fccd0b7a5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 31

GET
H2 200 58995.js Show response
fast.appcues.com/ 22 KB
5 KB 53ms
9ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/58995.js
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: cc53b1c68fd825b59fdd0067e2666a8dbe78dc5ac160aebcb5f670fb3ee314aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:30 GMT
content-encoding: gzip
via: 1.1 varnish
age: 21
x-cache: HIT
content-length: 5057
x-request-id: F2aqM90mqN_mqTcTttHD
x-served-by: cache-fra-eddf8230112-FRA
server: Cowboy
x-timer: S1686222271.817682,VS0,VE1
vary: accept-encoding, Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=120,public
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 1

GET
H2 200 nr-loader-spa-1215.min.js Show response
js-agent.newrelic.com/ 30 KB
11 KB 32ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-loader-spa-1215.min.js

Requested by

Host: app.navan.com
URL: https://app.navan.com/app/user2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

399e489397756c82a35e196aed894066eb5a5acc02564fdc76a315b395afd65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: MZMjm3SWdWHntF44I5ne53wuXWfyVA1V
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 11:04:30 GMT
strict-transport-security: max-age=300
x-amz-request-id: T0WX8XJCQNZFY52Y
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 10723
x-amz-id-2: 7LUG7wKW+3XFfAn23bsNQretIC2xRoIcay9qVKreWxkaNIdhKz0jKSsV1Vyr2UXuKN/nElYmFWvSgUxBDfcEkg==
x-served-by: cache-fra-eddf8230084-FRA
last-modified: Mon, 24 Jan 2022 22:13:55 GMT
server: AmazonS3
x-timer: S1686222271.799363,VS0,VE1
etag: "2cf3de80a43ec366fddbebbcd8993c92"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 runtime-es2020.53d6297e3857c0d6f27c.js Show response
app.navan.com/app/user2/ 10 KB
5 KB 208ms
207ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/runtime-es2020.53d6297e3857c0d6f27c.js
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 837de79cdf401f1112ee903454012e0322e0ad1648dab0628e16923926b6a05e

Request headers

Referer: https://app.navan.com/app/user2
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:45:59 GMT
server: cloudflare
etag: W/"64808a17-298a"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, PATCH, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 7d40a78858761e5b-FRA
access-control-allow-headers: x-requested-with, authorization, Content-Type, X-XSRF-TOKEN, x-ta-region, x-agent-desktop, x-gateway-authorization
ta-request-uuid: 615b6bd9-7983-40a8-801c-6d500d6557d3

GET
H2 200 polyfills-es2020.f80d09ad41088ddcee3b.js Show response
app.navan.com/app/user2/ 456 KB
138 KB 201ms
200ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/polyfills-es2020.f80d09ad41088ddcee3b.js
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e239d394df884ed70f7caf6dc8bd1e6478fa4e9d6f7fa762a1f96b359a2c1a7

Request headers

Referer: https://app.navan.com/app/user2
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:46:02 GMT
server: cloudflare
etag: W/"64808a1a-71efd"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, PATCH, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 7d40a78858781e5b-FRA
access-control-allow-headers: x-requested-with, authorization, Content-Type, X-XSRF-TOKEN, x-ta-region, x-agent-desktop, x-gateway-authorization
ta-request-uuid: 873adff1-087c-47c3-968d-191adf81b7b1

GET
H2 200 scripts.f4db8ec86484eee83dfd.js Show response
app.navan.com/app/user2/ 3 KB
1 KB 201ms
199ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/scripts.f4db8ec86484eee83dfd.js
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adb56c271cba5f302f4a3694338bb3f85221df807886b042639d1251f3a3f6bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/app/user2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:45:56 GMT
server: cloudflare
etag: W/"64808a14-cb8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 7d40a788a8de1e5b-FRA
ta-request-uuid: fa635e35-8e44-4484-9e4b-1d473b6e4084

GET
H2 200 main-es2020.b30dad643800cd43ebe8.js Show response
app.navan.com/app/user2/ 492 KB
145 KB 218ms
217ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/main-es2020.b30dad643800cd43ebe8.js
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b473fb47ac33d96aa7252d354b00f43e79c11ac76a1ffddaaffe7395f0fba5e

Request headers

Referer: https://app.navan.com/app/user2
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:46:16 GMT
server: cloudflare
etag: W/"64808a28-7af57"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, PATCH, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 7d40a78858791e5b-FRA
access-control-allow-headers: x-requested-with, authorization, Content-Type, X-XSRF-TOKEN, x-ta-region, x-agent-desktop, x-gateway-authorization
ta-request-uuid: 6a8a2da8-ea19-4e7d-b66e-5068dca8421d

GET
H2 200 styles.f01b716944685f0e5334.css
app.navan.com/app/user2/ 120 KB
21 KB 189ms
188ms Stylesheet
text/css 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/styles.f01b716944685f0e5334.css
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc951f658920489530ef7de1b35e7621397a8f252b123a15da6162aaeef253cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/app/user2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:45:56 GMT
server: cloudflare
etag: W/"64808a14-1def5"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 7d40a788a8e01e5b-FRA
ta-request-uuid: 88fd4e01-c880-46f4-bfc1-0d3b805e3ec8

GET
H2 200 appcues.main.d0f1da691e5646605bb9d067df3b4d89f958720a.js Show response
fast.appcues.com/generic/main/4.55.3/ 434 KB
123 KB 22ms
7ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.55.3/appcues.main.d0f1da691e5646605bb9d067df3b4d89f958720a.js
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 981607a1e205ac3d3c297d99e3d5dcc8582f08873e7e73f7cb0fa58746f4dd6b

Request headers

Referer: https://app.navan.com/
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:30 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: Q8HZDAENKDMGQWP0
age: 53767
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 125601
x-amz-id-2: iH2omQcWRot98Xa0sRbNAP+i/C9rvUVgOnqn48l+BwMI/VXapY62MAobwsi3Fs92vhfndzZPTu4TBSMV366lQg==
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Wed, 07 Jun 2023 19:54:34 GMT
server: AmazonS3
x-timer: S1686222271.923802,VS0,VE0
etag: "eae14fbe1a6d7b0d436fa54bb19365c3"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 2012

GET
H2 200 container.d0f1da691e5646605bb9d067df3b4d89f958720a.css
fast.appcues.com/generic/main/4.55.3/ 15 KB
2 KB 11ms
10ms Stylesheet
text/css 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.55.3/container.d0f1da691e5646605bb9d067df3b4d89f958720a.css
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d64b24d70eadbcdbf4b5223172fea453e18531d8a48f635727d97e45659f96de

Request headers

Referer: https://app.navan.com/
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:31 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: 8BB8N3FHQQFKNN64
age: 53799
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2027
x-amz-id-2: 5uUhKJNDluIquUe0RdtwBuZmOf/uypFF0BVsnm+p1djJSgt0kBoZM0Fk/htW6kV7XAF2vCANRio=
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Wed, 07 Jun 2023 19:54:33 GMT
server: AmazonS3
x-timer: S1686222271.113247,VS0,VE0
etag: "040cf4e7e86c4d735fc66db697584fb0"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css; charset=utf-8;
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 1913

GET
H2 200 6017-es2020.938476e4403ade142fdb.js Show response
app.navan.com/app/user2/ 6 MB
2 MB 200ms
199ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/6017-es2020.938476e4403ade142fdb.js
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a80ca0048aa8203291eb3cbfc496a79295072a538d6845f6d255cb9207bd1cc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/app/user2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:46:08 GMT
server: cloudflare
etag: W/"64808a20-60baf9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 7d40a78d4f0a1e5b-FRA
ta-request-uuid: 8cd92772-222d-4f67-8e9e-cfd548149c0d

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame AA43 200 B
854 B 11ms
10ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.navan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 13434984
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: gzip
content-length: 166
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 08 Jun 2023 11:04:31 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 27192
x-content-type-options: nosniff
x-request-id: 1d507022-0585-43a8-b8d7-420e460f04df
x-served-by: cache-fra-eddf8230063-FRA

GET
H2 200 NeueHaasGroteskTXPro-Roman.woff2
d35qahma2tlngp.cloudfront.net/web/fonts/NeueHaasGroteskTXPro/ 37 KB
38 KB 96ms
7ms Font
binary/octet-stream 2600:9000:2156:c00:3:d543:c240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35qahma2tlngp.cloudfront.net/web/fonts/NeueHaasGroteskTXPro/NeueHaasGroteskTXPro-Roman.woff2
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:3:d543:c240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de2ef743fcfe6c581af477c54852a579c8ab860cfeaade767a534b5c08c0b0a7

Request headers

Referer: https://app.navan.com/
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:12:10 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 28371
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 38164
last-modified: Mon, 23 Jan 2023 22:56:31 GMT
server: AmazonS3
etag: "6ad0dcd1e159008b7496febcf5d85592"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600, immutable
accept-ranges: bytes
x-amz-cf-id: bbubYFP295tOSkMzTdFo-kf66bqWmNPT5UpTcbmz7bIcl_vQayhYyg==

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AA43 631 B
530 B 10ms
10ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 11:04:31 GMT
via: 1.1 varnish
age: 3147732
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 395
x-request-id: 99422b86-0359-4f3e-8fd1-1b8e682b63ce
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Tue, 02 May 2023 21:10:44 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 25121

POST
H2 200 csp-report
q.stripe.com/ Frame AA43 0
714 B 539ms
174ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.navan.com
URL: https://app.navan.com/app/user2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 08 Jun 2023 11:04:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1686222272142306
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1686222272142030
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame AA43 0
715 B 536ms
172ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.navan.com
URL: https://app.navan.com/app/user2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 08 Jun 2023 11:04:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1686222272142350
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1686222272142091
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0FB9 930 B
1 KB 22ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 132
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 08 Jun 2023 11:04:31 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 113
x-content-type-options: nosniff
x-request-id: 837613a4-8fb6-4213-ad7c-07566b68972e
x-served-by: cache-fra-eddf8230063-FRA
x-timer: S1686222272.738707,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame 0FB9 0
488 B 480ms
173ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.navan.com
URL: https://app.navan.com/app/user2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 08 Jun 2023 11:04:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1686222272142308
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1686222272142069
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 0FB9 86 KB
16 KB 8ms
8ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 08 Jun 2023 11:04:31 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 222
x-cache: HIT
content-length: 16031
x-request-id: 8d5b9b2b-2314-4502-a255-194241b3a90d
x-served-by: cache-fra-eddf8230063-FRA
server: Fastly
x-timer: S1686222272.756564,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 165

POST
H2 200 6 Show response
m.stripe.com/ Frame 0FB9 156 B
668 B 545ms
176ms XHR
application/json 52.40.78.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.78.65 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-78-65.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

98ad27e5bb644d776a8232a7711c9e071fdfc83953a1e2c8b301e2b1c302803e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 08 Jun 2023 11:04:32 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1686222272302221
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1686222272301831
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 i18n-base-es2020.3fea6faad5a2d10bdf16.js Show response
app.navan.com/app/user2/ 824 KB
25 KB 192ms
192ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/i18n-base-es2020.3fea6faad5a2d10bdf16.js
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c2a6b67a158f94610d861883a33170cb6d1ff45fd9fcddccedcdeb16ebcbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/app/user2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:46:22 GMT
server: cloudflare
etag: W/"64808a2e-cde91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 7d40a795baee1e5b-FRA
ta-request-uuid: 2690fe3d-548a-4367-ba1a-729f05b980be

GET
H2 200 4049-es2020.2f20d9e3fe69832e4ca4.js
app.navan.com/app/user2/ 6 MB
1 MB 207ms
207ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/4049-es2020.2f20d9e3fe69832e4ca4.js
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/app/user2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:48:03 GMT
server: cloudflare
etag: W/"64808a93-63e579"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 7d40a7972d371e5b-FRA
ta-request-uuid: 4e79698a-4a3f-471f-956a-702557401f9d

GET
H2 200 Primary Request eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9 Show response
app.navan.com/app/user2/auth/ 9 KB
3 KB 189ms
189ms Document
text/html 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2/4049-es2020.2f20d9e3fe69832e4ca4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b083ad21b70f1c04a0a20a33900133b547e819d18ddae126540d98932c881ccd

Request headers

Referer: https://app.navan.com/app/user2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d40a79ffa191e5b-FRA
content-encoding: br
content-type: text/html
date: Thu, 08 Jun 2023 11:04:34 GMT
last-modified: Wed, 07 Jun 2023 13:51:18 GMT
server: cloudflare
ta-request-uuid: 5815f3c9-7e61-4eed-89ad-c719d9105670
vary: Accept-Encoding

GET
H3 200 / Show response
js.stripe.com/v3/ 490 KB
135 KB 11ms
10ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: app.navan.com
URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

83e8fd698ac08cfac3b722ebddef2b72ae94571f1deda222e54fd309c51bc147

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 11:04:34 GMT
via: 1.1 varnish
age: 60
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 137888
x-request-id: 11c048c0-7bc0-4474-bee2-a242f37125b9
x-served-by: cache-fra-eddf8230053-FRA
last-modified: Wed, 07 Jun 2023 21:12:46 GMT
server: Fastly
etag: "d18b9e8c7cbef021978d3f8fccd0b7a5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 58995.js Show response
fast.appcues.com/ 22 KB
5 KB 12ms
10ms Script
text/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/58995.js
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: cc53b1c68fd825b59fdd0067e2666a8dbe78dc5ac160aebcb5f670fb3ee314aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:34 GMT
content-encoding: gzip
via: 1.1 varnish
age: 25
x-cache: HIT
content-length: 5057
x-request-id: F2aqM90mqN_mqTcTttHD
x-served-by: cache-fra-eddf8230112-FRA
server: Cowboy
x-timer: S1686222275.752829,VS0,VE0
vary: accept-encoding, Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=120,public
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 2

GET
H2 200 nr-loader-spa-1215.min.js Show response
js-agent.newrelic.com/ 30 KB
11 KB 8ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-loader-spa-1215.min.js

Requested by

Host: app.navan.com
URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

399e489397756c82a35e196aed894066eb5a5acc02564fdc76a315b395afd65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: MZMjm3SWdWHntF44I5ne53wuXWfyVA1V
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 11:04:34 GMT
strict-transport-security: max-age=300
x-amz-request-id: T0WX8XJCQNZFY52Y
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 10723
x-amz-id-2: 7LUG7wKW+3XFfAn23bsNQretIC2xRoIcay9qVKreWxkaNIdhKz0jKSsV1Vyr2UXuKN/nElYmFWvSgUxBDfcEkg==
x-served-by: cache-fra-eddf8230084-FRA
last-modified: Mon, 24 Jan 2022 22:13:55 GMT
server: AmazonS3
x-timer: S1686222275.752441,VS0,VE0
etag: "2cf3de80a43ec366fddbebbcd8993c92"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 runtime-es2020.53d6297e3857c0d6f27c.js Show response
app.navan.com/app/user2/ 10 KB
5 KB 208ms
206ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/runtime-es2020.53d6297e3857c0d6f27c.js
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 837de79cdf401f1112ee903454012e0322e0ad1648dab0628e16923926b6a05e

Request headers

Referer: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:45:59 GMT
server: cloudflare
etag: W/"64808a17-298a"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, PATCH, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 7d40a7a13c2a1e5b-FRA
access-control-allow-headers: x-requested-with, authorization, Content-Type, X-XSRF-TOKEN, x-ta-region, x-agent-desktop, x-gateway-authorization
ta-request-uuid: 75bb64cb-8d2d-435c-96ff-5f1978eb6f70

GET
H2 200 polyfills-es2020.f80d09ad41088ddcee3b.js Show response
app.navan.com/app/user2/ 456 KB
138 KB 202ms
201ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/polyfills-es2020.f80d09ad41088ddcee3b.js
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e239d394df884ed70f7caf6dc8bd1e6478fa4e9d6f7fa762a1f96b359a2c1a7

Request headers

Referer: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:46:02 GMT
server: cloudflare
etag: W/"64808a1a-71efd"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, PATCH, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 7d40a7a13c2d1e5b-FRA
access-control-allow-headers: x-requested-with, authorization, Content-Type, X-XSRF-TOKEN, x-ta-region, x-agent-desktop, x-gateway-authorization
ta-request-uuid: 91a4a1e0-c130-4d0b-8767-4ff5e82f26e6

GET
H2 200 scripts.f4db8ec86484eee83dfd.js Show response
app.navan.com/app/user2/ 3 KB
1 KB 197ms
196ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/scripts.f4db8ec86484eee83dfd.js
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adb56c271cba5f302f4a3694338bb3f85221df807886b042639d1251f3a3f6bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:45:56 GMT
server: cloudflare
etag: W/"64808a14-cb8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 7d40a7a16c861e5b-FRA
ta-request-uuid: 8a3a26a3-a78a-482a-8c83-18c8f67c48ee

GET
H2 200 main-es2020.b30dad643800cd43ebe8.js Show response
app.navan.com/app/user2/ 492 KB
145 KB 208ms
207ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/main-es2020.b30dad643800cd43ebe8.js
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b473fb47ac33d96aa7252d354b00f43e79c11ac76a1ffddaaffe7395f0fba5e

Request headers

Referer: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:46:16 GMT
server: cloudflare
etag: W/"64808a28-7af57"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, PATCH, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
vary: Accept-Encoding
cf-ray: 7d40a7a13c301e5b-FRA
access-control-allow-headers: x-requested-with, authorization, Content-Type, X-XSRF-TOKEN, x-ta-region, x-agent-desktop, x-gateway-authorization
ta-request-uuid: b7c5e8f5-93e2-4543-a40a-60d5ec3a1a12

GET
H2 200 styles.f01b716944685f0e5334.css
app.navan.com/app/user2/ 120 KB
21 KB 204ms
203ms Stylesheet
text/css 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/styles.f01b716944685f0e5334.css
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc951f658920489530ef7de1b35e7621397a8f252b123a15da6162aaeef253cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:45:56 GMT
server: cloudflare
etag: W/"64808a14-1def5"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 7d40a7a16c881e5b-FRA
ta-request-uuid: 788463b1-2c61-4be6-8f5a-42aad2eeb901

GET
H2 200 appcues.main.d0f1da691e5646605bb9d067df3b4d89f958720a.js Show response
fast.appcues.com/generic/main/4.55.3/ 434 KB
123 KB 7ms
7ms Script
application/javascript 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.55.3/appcues.main.d0f1da691e5646605bb9d067df3b4d89f958720a.js
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 981607a1e205ac3d3c297d99e3d5dcc8582f08873e7e73f7cb0fa58746f4dd6b

Request headers

Referer: https://app.navan.com/
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:34 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: Q8HZDAENKDMGQWP0
age: 53771
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 125601
x-amz-id-2: iH2omQcWRot98Xa0sRbNAP+i/C9rvUVgOnqn48l+BwMI/VXapY62MAobwsi3Fs92vhfndzZPTu4TBSMV366lQg==
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Wed, 07 Jun 2023 19:54:34 GMT
server: AmazonS3
x-timer: S1686222275.797564,VS0,VE0
etag: "eae14fbe1a6d7b0d436fa54bb19365c3"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 2013

GET
H2 200 container.d0f1da691e5646605bb9d067df3b4d89f958720a.css
fast.appcues.com/generic/main/4.55.3/ 15 KB
2 KB 7ms
7ms Stylesheet
text/css 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.55.3/container.d0f1da691e5646605bb9d067df3b4d89f958720a.css
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d64b24d70eadbcdbf4b5223172fea453e18531d8a48f635727d97e45659f96de

Request headers

Referer: https://app.navan.com/
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:34 GMT
content-encoding: gzip
via: 1.1 varnish
x-amz-request-id: 8BB8N3FHQQFKNN64
age: 53803
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 2027
x-amz-id-2: 5uUhKJNDluIquUe0RdtwBuZmOf/uypFF0BVsnm+p1djJSgt0kBoZM0Fk/htW6kV7XAF2vCANRio=
x-served-by: cache-fra-eddf8230035-FRA
last-modified: Wed, 07 Jun 2023 19:54:33 GMT
server: AmazonS3
x-timer: S1686222275.880624,VS0,VE0
etag: "040cf4e7e86c4d735fc66db697584fb0"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/css; charset=utf-8;
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 1914

GET
H2 200 6017-es2020.938476e4403ade142fdb.js Show response
app.navan.com/app/user2/ 6 MB
2 MB 190ms
189ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/6017-es2020.938476e4403ade142fdb.js
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a80ca0048aa8203291eb3cbfc496a79295072a538d6845f6d255cb9207bd1cc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:46:08 GMT
server: cloudflare
etag: W/"64808a20-60baf9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 7d40a7a30f101e5b-FRA
ta-request-uuid: 77338fd6-7786-4bd1-9c29-edd65c1f3f3c

GET
H3 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame AFB2 200 B
984 B 8ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.navan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 13434987
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: gzip
content-length: 166
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 08 Jun 2023 11:04:35 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 21 Dec 2022 18:20:45 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 27342
x-content-type-options: nosniff
x-request-id: 563894a0-38ce-46a8-b627-72f62b3068ba
x-served-by: cache-fra-eddf8230053-FRA

GET
H2 200 NeueHaasGroteskTXPro-Roman.woff2
d35qahma2tlngp.cloudfront.net/web/fonts/NeueHaasGroteskTXPro/ 37 KB
38 KB 8ms
8ms Font
binary/octet-stream 2600:9000:2156:c00:3:d543:c240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35qahma2tlngp.cloudfront.net/web/fonts/NeueHaasGroteskTXPro/NeueHaasGroteskTXPro-Roman.woff2
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:3:d543:c240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de2ef743fcfe6c581af477c54852a579c8ab860cfeaade767a534b5c08c0b0a7

Request headers

Referer: https://app.navan.com/
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:12:10 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 28375
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 38164
last-modified: Mon, 23 Jan 2023 22:56:31 GMT
server: AmazonS3
etag: "6ad0dcd1e159008b7496febcf5d85592"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600, immutable
accept-ranges: bytes
x-amz-cf-id: 4CuB0LDcmz0jvfLgaoEvDqyGRk7BVsL2desCe4wJTKP6fOlJD0bAUQ==

GET
H3 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AFB2 631 B
756 B 12ms
12ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

QUIC, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 11:04:35 GMT
via: 1.1 varnish
age: 3147735
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 395
x-request-id: 41f6cde6-2d17-4d3b-b81e-07e5138ff3c3
x-served-by: cache-fra-eddf8230053-FRA
last-modified: Tue, 02 May 2023 21:10:44 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 24509

POST
H2 200 csp-report
q.stripe.com/ Frame AFB2 0
716 B 175ms
174ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.navan.com
URL: https://app.navan.com/app/user2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 08 Jun 2023 11:04:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1686222275166998
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1686222275165948
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame AFB2 0
715 B 173ms
173ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.navan.com
URL: https://app.navan.com/app/user2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 08 Jun 2023 11:04:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1686222275167201
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1686222275166317
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 3D28 930 B
650 B 7ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 135
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 08 Jun 2023 11:04:35 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 117
x-content-type-options: nosniff
x-request-id: 2089de47-ab39-4693-9b17-9e55c5cc6248
x-served-by: cache-fra-eddf8230063-FRA
x-timer: S1686222275.087340,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame 3D28 0
490 B 171ms
171ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.navan.com
URL: https://app.navan.com/app/user2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 08 Jun 2023 11:04:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1686222275183788
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1686222275183347
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 3D28 86 KB
16 KB 7ms
7ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 08 Jun 2023 11:04:35 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 225
x-cache: HIT
content-length: 16031
x-request-id: 077ddec1-daea-43a3-9d6d-d8d4d4dd6797
x-served-by: cache-fra-eddf8230063-FRA
server: Fastly
x-timer: S1686222275.102024,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 168

POST
H2 200 6 Show response
m.stripe.com/ Frame 3D28 156 B
668 B 178ms
177ms XHR
application/json 52.40.78.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.78.65 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-78-65.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

98ad27e5bb644d776a8232a7711c9e071fdfc83953a1e2c8b301e2b1c302803e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 08 Jun 2023 11:04:35 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1686222275213659
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1686222275213030
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 i18n-base-es2020.3fea6faad5a2d10bdf16.js Show response
app.navan.com/app/user2/ 824 KB
25 KB 197ms
196ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/i18n-base-es2020.3fea6faad5a2d10bdf16.js
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c2a6b67a158f94610d861883a33170cb6d1ff45fd9fcddccedcdeb16ebcbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:46:22 GMT
server: cloudflare
etag: W/"64808a2e-cde91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 7d40a7a81e601e5b-FRA
ta-request-uuid: 03c89ca4-3a66-4665-8769-172fd50e4ac8

GET
H2 200 4049-es2020.2f20d9e3fe69832e4ca4.js
app.navan.com/app/user2/ 6 MB
1 MB 205ms
204ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/4049-es2020.2f20d9e3fe69832e4ca4.js
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:48:03 GMT
server: cloudflare
etag: W/"64808a93-63e579"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 7d40a7a978571e5b-FRA
ta-request-uuid: 015542d9-ff3f-4218-9e98-55210b3246aa

GET
H2 200 557-es2020.a2e43528dcfd387af0ad.js Show response
app.navan.com/app/user2/ 96 KB
19 KB 268ms
267ms Script
application/javascript 2606:4700::6812:40c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.navan.com/app/user2/557-es2020.a2e43528dcfd387af0ad.js
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:40c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8474ab8209bc89cc7f2735dad3e463eda73d209846ca3b6eaa59f17a09db92ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 07 Jun 2023 13:50:15 GMT
server: cloudflare
etag: W/"64808b17-17e8e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 7d40a7b18b981e5b-FRA
ta-request-uuid: 69060d15-a5e9-4fd8-b2ae-8bae225f03c0

GET
H2 200 navan-dynamic.svg
d2w7f1pl8j4yzn.cloudfront.net/logos/navan/ 2 KB
2 KB 287ms
7ms Image
image/svg+xml 2600:9000:223c:7c00:19:3b4b:48c0:21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2w7f1pl8j4yzn.cloudfront.net/logos/navan/navan-dynamic.svg
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7c00:19:3b4b:48c0:21 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c63985ba0aa292982c80122093d3fb5ce7b3ee4bf88e4e9bc648d5c8748fefd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:11:43 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified: Mon, 23 Jan 2023 22:56:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 39176
x-amz-server-side-encryption: AES256
etag: "0215d073d3a51a3596e83a1794904d58"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2058
x-amz-cf-id: OSfSVRO0R2TD7J7iMhmr02ze0F-cXGWRVdWC4c18ZfXNpETXjei5Zw==

GET
H2 200 navan-login.svg
d2w7f1pl8j4yzn.cloudfront.net/login-backgrounds/ 1 KB
1 KB 255ms
8ms Image
image/svg+xml 2600:9000:223c:7c00:19:3b4b:48c0:21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2w7f1pl8j4yzn.cloudfront.net/login-backgrounds/navan-login.svg
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7c00:19:3b4b:48c0:21 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05de7fb1b2bf6843d137c395b639cae55eca28c9e54a9dceae4d9e4180dcb6ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 00:11:43 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
last-modified: Mon, 23 Jan 2023 22:56:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 39176
x-amz-server-side-encryption: AES256
etag: "c13cd68dc66dda886c26f9b3a870970e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1075
x-amz-cf-id: Pim6MB4nM6_DDXBdNJxY7QkVygLdpSCOEq6kshv4oJONDtkk7NXMoA==

GET
H2 200 NeueHaasGroteskTXPro-Medium.woff2
d35qahma2tlngp.cloudfront.net/web/fonts/NeueHaasGroteskTXPro/ 40 KB
41 KB 23ms
22ms Font
binary/octet-stream 2600:9000:2156:c00:3:d543:c240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35qahma2tlngp.cloudfront.net/web/fonts/NeueHaasGroteskTXPro/NeueHaasGroteskTXPro-Medium.woff2
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:3:d543:c240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1430a41a2bba6ad50cb49bd4623e7dbf3e75c431183cfbc0d721cbb1ed77c91c

Request headers

Referer: https://app.navan.com/
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 03:23:06 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 27719
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 40976
last-modified: Mon, 23 Jan 2023 22:56:31 GMT
server: AmazonS3
etag: "dcc69ac1aab578ff1181a0e05c4494e8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600, immutable
accept-ranges: bytes
x-amz-cf-id: j98KmfZuP9RwoqfQL_BNSvUDMBbJJFY9QzlbBI3QceOCTX1exG8tSg==

GET
H2 200 Sanomat-Semibold.woff2
d35qahma2tlngp.cloudfront.net/web/fonts/Sanomat/ 36 KB
37 KB 41ms
41ms Font
binary/octet-stream 2600:9000:2156:c00:3:d543:c240:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35qahma2tlngp.cloudfront.net/web/fonts/Sanomat/Sanomat-Semibold.woff2
Requested by: Host: app.navan.com
URL: https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c00:3:d543:c240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8c1db2abeb36a8381d7ad18d07a09d38235bda54004d5a05841c221dbdb925c

Request headers

Referer: https://app.navan.com/
Origin: https://app.navan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 20:12:19 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 53539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 36921
last-modified: Mon, 23 Jan 2023 22:56:31 GMT
server: AmazonS3
etag: "a1b59fd1d6e3fc9a630946e68b81d08a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600, immutable
accept-ranges: bytes
x-amz-cf-id: MKuWfslW0-2w0_a9zTt8e3mIJZ9BWlaIWOrDNtRb8Mqatd0Xkh3voA==

GET
H2 200 nr-spa-1215.min.js Show response
js-agent.newrelic.com/ 47 KB
17 KB 8ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1215.min.js

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: zcmP9QP8YWQtiPZETZozJGQXbXQvWuWT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 11:04:38 GMT
strict-transport-security: max-age=300
x-amz-request-id: H9YMRVAV2TJNEJDM
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 17465
x-amz-id-2: 4KcKRpBOwjbToh5w0wpIE3c0Xs2zKFce9fkrwH6qd7I2QlA9I1qIN8f3+cPU76EN/cAGrmmbJdE=
x-served-by: cache-fra-eddf8230084-FRA
last-modified: Mon, 24 Jan 2022 22:13:54 GMT
server: AmazonS3
x-timer: S1686222278.138339,VS0,VE0
etag: "7e1862f7a390ed9fc02c299216395547"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 494

GET
H/1.1 200
OK NRJS-d0e82c054a0db776b2e Show response
bam.nr-data.net/1/ 56 B
497 B 154ms
117ms Script
text/javascript 162.247.243.29

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-d0e82c054a0db776b2e?a=967033548&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=3765&ck=1&ref=https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9&be=375&fe=3735&dc=644&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1686222274399,%22n%22:0,%22u%22:343,%22ue%22:343,%22f%22:149,%22dn%22:149,%22dne%22:149,%22c%22:149,%22ce%22:149,%22rq%22:150,%22rp%22:339,%22rpe%22:341,%22dl%22:346,%22di%22:381,%22ds%22:644,%22de%22:647,%22dc%22:3735,%22l%22:3735,%22le%22:3737%7D,%22navigation%22:%7B%7D%7D&fp=1459&fcp=3426&ja=%7B%22referrerUrl%22:%22https://app.navan.com/app/user2%22%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.navan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 11:04:38 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 56
x-served-by: cache-fra-eddf8230043-FRA

POST
H/1.1 200
OK NRJS-d0e82c054a0db776b2e Show response
bam.nr-data.net/events/1/ 24 B
342 B 114ms
114ms XHR
image/gif 162.247.243.29

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-d0e82c054a0db776b2e?a=967033548&sa=1&v=1215.1253ab8&t=Unnamed%20Transaction&rst=3932&ck=1&ref=https://app.navan.com/app/user2/auth/eyJwcmV2aW91c1JvdXRlIjoiL2FwcC91c2VyMiJ9
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://app.navan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 08 Jun 2023 11:04:38 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://app.navan.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230043-FRA

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
287 B 185ms
185ms Fetch
application/json 44.226.136.191

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-loader-spa-1215.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.136.191 -, , ASN (),

Reverse DNS

Software

Resource Hash

e612d80b1ffce441f43527e3ee282aea812ee5e9d0daf538f698c9e8429efb25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://app.navan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 08 Jun 2023 11:04:39 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-6481b5c7-5c2804166734902b78f1f50d
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 850ms
176ms Preflight 44.226.136.191

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.136.191 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.navan.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Thu, 08 Jun 2023 11:04:39 GMT
strict-transport-security: max-age=15768000

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 177ms
177ms Preflight 44.226.136.191

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.226.136.191 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://app.navan.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Thu, 08 Jun 2023 11:04:40 GMT
strict-transport-security: max-age=15768000

POST httpapi
api2.amplitude.com/2/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api2.amplitude.com
URL: https://api2.amplitude.com/2/httpapi

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tripactions.com/	1970-01-20 21:09:18	Name: tripactions_snowplow Value: 7e2f29e3-fb53-4ff7-b570-0637e8c52dcd
.tripactions.com/	1970-01-20 12:23:44	Name: __cf_bm Value: 6MQitZ9MALnSAbBWG1.6Db83qBNi1NRkQXUJ6rQblf0-1686222270-0-AUaPV93B6WpoIi2bb8tEyl3qut+VoCuWsHbljyOcOklkXglQVMmZrideb+XTWs8wqXlMaQoS/OhnG8Z6Tp8hAz4=
m.stripe.com/	1970-01-20 21:59:42	Name: m Value: af1f66be-84d5-41fa-a403-048f582bcf23d7369e
.app.navan.com/	1970-01-20 21:09:18	Name: __stripe_mid Value: cda33871-821a-4edd-8054-76ec89a0c059bdcd26
.app.navan.com/	1970-01-20 12:23:44	Name: __stripe_sid Value: 666b9348-8681-4cfe-92af-3d7894ae1b0d148395

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.amplitude.com
app.navan.com
app.tripactions.com
bam.nr-data.net
collector.tripactions.com
d2w7f1pl8j4yzn.cloudfront.net
d35qahma2tlngp.cloudfront.net
fast.appcues.com
js-agent.newrelic.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
api2.amplitude.com
151.101.192.176
151.101.2.137
162.247.243.29
2600:9000:2156:c00:3:d543:c240:21
2600:9000:223c:7c00:19:3b4b:48c0:21
2606:4700::6812:40c
2606:4700::6813:d61c
2a04:4e42:200::622
44.226.136.191
52.40.78.65
54.186.23.98
05de7fb1b2bf6843d137c395b639cae55eca28c9e54a9dceae4d9e4180dcb6ba
0c63985ba0aa292982c80122093d3fb5ce7b3ee4bf88e4e9bc648d5c8748fefd
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
1430a41a2bba6ad50cb49bd4623e7dbf3e75c431183cfbc0d721cbb1ed77c91c
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
399e489397756c82a35e196aed894066eb5a5acc02564fdc76a315b395afd65f
3b473fb47ac33d96aa7252d354b00f43e79c11ac76a1ffddaaffe7395f0fba5e
4e239d394df884ed70f7caf6dc8bd1e6478fa4e9d6f7fa762a1f96b359a2c1a7
837de79cdf401f1112ee903454012e0322e0ad1648dab0628e16923926b6a05e
83e8fd698ac08cfac3b722ebddef2b72ae94571f1deda222e54fd309c51bc147
8474ab8209bc89cc7f2735dad3e463eda73d209846ca3b6eaa59f17a09db92ce
981607a1e205ac3d3c297d99e3d5dcc8582f08873e7e73f7cb0fa58746f4dd6b
98ad27e5bb644d776a8232a7711c9e071fdfc83953a1e2c8b301e2b1c302803e
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a80ca0048aa8203291eb3cbfc496a79295072a538d6845f6d255cb9207bd1cc3
adb56c271cba5f302f4a3694338bb3f85221df807886b042639d1251f3a3f6bf
b083ad21b70f1c04a0a20a33900133b547e819d18ddae126540d98932c881ccd
b8c2a6b67a158f94610d861883a33170cb6d1ff45fd9fcddccedcdeb16ebcbd2
bc951f658920489530ef7de1b35e7621397a8f252b123a15da6162aaeef253cb
cc53b1c68fd825b59fdd0067e2666a8dbe78dc5ac160aebcb5f670fb3ee314aa
d64b24d70eadbcdbf4b5223172fea453e18531d8a48f635727d97e45659f96de
dd2d8d288526b88b0eae53168e31b4092acf39ed38d40ffcbc6d0ab2f7a4aa66
de2ef743fcfe6c581af477c54852a579c8ab860cfeaade767a534b5c08c0b0a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e612d80b1ffce441f43527e3ee282aea812ee5e9d0daf538f698c9e8429efb25
e8c1db2abeb36a8381d7ad18d07a09d38235bda54004d5a05841c221dbdb925c
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f9745c48d0b4c918d466da4acdb3f786ef5cda4c69ac0b6009d76cff67e6325d

app.navan.com Open in urlscan Pro 2606:4700::6812:40c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

98 %HTTPS

45 %IPv6

9 Domains

13 Subdomains

11 IPs

1 Countries

8902 kBTransfer

31449 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app.navan.com Open in urlscan Pro
2606:4700::6812:40c Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

98 %
HTTPS

45 %
IPv6

9
Domains

13
Subdomains

11
IPs

1
Countries

8902 kB
Transfer

31449 kB
Size

5
Cookies

58 HTTP transactions
0 data transactions