demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk Open in urlscan Pro
54.73.26.109 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/
Submission: On January 31 via automatic, source certstream-suspicious (January 31st 2024, 4:17:16 pm UTC) — Scanned from DE

Summary HTTP 18 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 54.73.26.109, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk.
TLS certificate: Issued by R3 on January 31st 2024. Valid for: 3 months.

This is the only time demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	54.73.26.109 54.73.26.109	16509 (AMAZON-02) (AMAZON-02)
6	54.247.69.169 54.247.69.169	16509 (AMAZON-02) (AMAZON-02)
1	52.95.150.57 52.95.150.57	16509 (AMAZON-02) (AMAZON-02)
18	3

11 54.73.26.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.247.69.169 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-69-169.eu-west-1.compute.amazonaws.com

api.eligiblestaging.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.150.57 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: s3-w.eu-west-2.amazonaws.com

eligible-staging.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	eligiblestaging.co.uk demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk api.eligiblestaging.co.uk	886 KB
1	amazonaws.com eligible-staging.s3.amazonaws.com	8 KB
18	2

	Domain	Requested by
11	demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk	demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
6	api.eligiblestaging.co.uk	demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
1	eligible-staging.s3.amazonaws.com
18	3

This site contains links to these domains. Also see Links.

Domain
ico.org.uk
en.wikipedia.org
www.sllaw.co.uk
developer.mozilla.org

Subject Issuer	Validity	Valid
demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk R3	`2024-01-31` - `2024-04-30`	3 months	crt.sh
api.eligiblestaging.co.uk R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/
Frame ID: 2AA39B27A0C4B6168A6B07EF808C5FF6
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DemoPlay

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

894 kB
Transfer

2815 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://ico.org.uk/your-data-matters/online/cookies/
Title: cookies

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Privacy_policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.sllaw.co.uk/legal-services/terms-of-business.html
Title: Terms of Business Policy

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Learn/Accessibility/What_is_accessibility
Title: Accessibility Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/ 9 KB
5 KB 203ms
33ms Document
text/html 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0e2dae81b8875108db48525ca93a839cf9875658524945a34ac1f7c71df8934b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com blob: data:; connect-src 'self' https://.cloudfront.net https://.helpscout.net https://api.eligible.ai https://.eligiblestaging.co.uk https://sentry.io https://.googleapis.com .google.com https://.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://*.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://*.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Jan 2024 16:17:11 GMT
Etag: W/"65ba7140-24e5"
Last-Modified: Wed, 31 Jan 2024 16:11:44 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Referrer-Policy: same-origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717831&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=nRPltbbRPb3mfmamnVyzICWBt3GqUeSKzN5EyzG03XY%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717831&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=nRPltbbRPb3mfmamnVyzICWBt3GqUeSKzN5EyzG03XY%3D
Server: nginx
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK main.92174be8.js Show response
demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/ 1 MB
443 KB 45ms
44ms Script
application/x-javascript 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/main.92174be8.js

Requested by

Host: demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
URL: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b249d7fe1223d7779b95ebdad03b209acb33f97e277e27930acc825ee2484563

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com blob: data:; connect-src 'self' https://.cloudfront.net https://.helpscout.net https://api.eligible.ai https://.eligiblestaging.co.uk https://sentry.io https://.googleapis.com .google.com https://.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 16:17:11 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://*.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://*.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Content-Encoding: gzip
Transfer-Encoding: chunked
Via: 1.1 vegur
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717831&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=nRPltbbRPb3mfmamnVyzICWBt3GqUeSKzN5EyzG03XY%3D
Referrer-Policy: same-origin
Last-Modified: Wed, 31 Jan 2024 16:13:52 GMT
Server: nginx
Etag: W/"65ba71c0-16feb6"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717831&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=nRPltbbRPb3mfmamnVyzICWBt3GqUeSKzN5EyzG03XY%3D"}]}
Content-Type: application/x-javascript
X-Frame-Options: DENY

GET
H/1.1 200
OK main.4ef239b7.css
demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/css/ 133 KB
22 KB 116ms
38ms Stylesheet
text/css 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/css/main.4ef239b7.css

Requested by

Host: demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
URL: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

bb07be643bc74ff8cd7b826a462b8fe3eb2c2e3ead127d4d5b227c679db04989

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com blob: data:; connect-src 'self' https://.cloudfront.net https://.helpscout.net https://api.eligible.ai https://.eligiblestaging.co.uk https://sentry.io https://.googleapis.com .google.com https://.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 16:17:12 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://*.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://*.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Content-Encoding: gzip
Transfer-Encoding: chunked
Via: 1.1 vegur
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717832&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=f08GYCEYQGIHZkSpJunUG1%2F01RqEdXge1RzwDdLUGCA%3D
Referrer-Policy: same-origin
Last-Modified: Wed, 31 Jan 2024 16:11:44 GMT
Server: nginx
Etag: W/"65ba7140-213bd"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717832&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=f08GYCEYQGIHZkSpJunUG1%2F01RqEdXge1RzwDdLUGCA%3D"}]}
Content-Type: text/css
X-Frame-Options: DENY

OPTIONS
H/1.1 200
OK /
api.eligiblestaging.co.uk/api-v1/me/ 0
0 163ms
54ms Preflight
text/html 54.247.69.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.eligiblestaging.co.uk/api-v1/me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.247.69.169 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-69-169.eu-west-1.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-frontend-version
Access-Control-Request-Method: GET
Origin: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-frontend-version
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Jan 2024 16:17:12 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717832&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=UJLEEcWF55wSpWs9ypX4%2F0SELraoDHMLhDPYrfA7Ni4%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717832&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=UJLEEcWF55wSpWs9ypX4%2F0SELraoDHMLhDPYrfA7Ni4%3D
Server: gunicorn
Vary: Origin
Via: 1.1 vegur

GET
H/1.1 200
OK / Show response
api.eligiblestaging.co.uk/api-v1/me/ 8 KB
10 KB 158ms
158ms XHR
application/json 54.247.69.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eligiblestaging.co.uk/api-v1/me/

Requested by

Host: demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
URL: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/main.92174be8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.247.69.169 , Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-247-69-169.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

8f5214ae09d215fa6b2f060fd862842433c83b553530882b8912c34c39fc9449

Security Headers

Name	Value
Strict-Transport-Security	max-age=60
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer
x-frontend-version: e1c50a6d10c7261973ae00be8bbe719b105bd2d7
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 16:17:12 GMT
Strict-Transport-Security: max-age=60
X-Content-Type-Options: nosniff
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Via: 1.1 vegur
Content-Security-Policy-Report-Only: script-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; object-src 'none'; manifest-src 'self'; base-uri 'self'; img-src 'self' https://eligible-production.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-staging.s3.amazonaws.com; style-src 'self' https://fonts.googleapis.com; default-src 'none'; frame-ancestors 'none'; report-uri /csp-reports/
Connection: keep-alive
Content-Length: 8315
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717832&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=UJLEEcWF55wSpWs9ypX4%2F0SELraoDHMLhDPYrfA7Ni4%3D
Referrer-Policy: same-origin
Server: gunicorn
Cross-Origin-Opener-Policy: same-origin
Allow: GET, HEAD, OPTIONS
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717832&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=UJLEEcWF55wSpWs9ypX4%2F0SELraoDHMLhDPYrfA7Ni4%3D"}]}
Content-Type: application/json
X-Frame-Options: DENY
Access-Control-Allow-Origin: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
Cache-Control: no-store
Vary: Cookie, Origin

OPTIONS
H/1.1 200
OK /
api.eligiblestaging.co.uk/api-v1/content/ 0
0 72ms
72ms Preflight
text/html 54.247.69.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.eligiblestaging.co.uk/api-v1/content/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.247.69.169 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-69-169.eu-west-1.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-frontend-version
Access-Control-Request-Method: GET
Origin: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-frontend-version
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Jan 2024 16:17:12 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717832&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=UJLEEcWF55wSpWs9ypX4%2F0SELraoDHMLhDPYrfA7Ni4%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717832&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=UJLEEcWF55wSpWs9ypX4%2F0SELraoDHMLhDPYrfA7Ni4%3D
Server: gunicorn
Vary: Origin
Via: 1.1 vegur

GET
H/1.1 200
OK / Show response
api.eligiblestaging.co.uk/api-v1/content/ 55 KB
56 KB 165ms
165ms XHR
application/json 54.247.69.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eligiblestaging.co.uk/api-v1/content/

Requested by

Host: demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
URL: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/main.92174be8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.247.69.169 , Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-247-69-169.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

c476a2d5d0abc7d77b54fc6d2672f1e6febd37a8354c818993bd323c5f499414

Security Headers

Name	Value
Strict-Transport-Security	max-age=60
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer
x-frontend-version: e1c50a6d10c7261973ae00be8bbe719b105bd2d7
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 16:17:12 GMT
Strict-Transport-Security: max-age=60
X-Content-Type-Options: nosniff
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Via: 1.1 vegur
Content-Security-Policy-Report-Only: script-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; object-src 'none'; manifest-src 'self'; base-uri 'self'; img-src 'self' https://eligible-production.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-staging.s3.amazonaws.com; style-src 'self' https://fonts.googleapis.com; default-src 'none'; frame-ancestors 'none'; report-uri /csp-reports/
Connection: keep-alive
Content-Length: 56164
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717832&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=UJLEEcWF55wSpWs9ypX4%2F0SELraoDHMLhDPYrfA7Ni4%3D
Referrer-Policy: same-origin
Server: gunicorn
Cross-Origin-Opener-Policy: same-origin
Allow: GET, HEAD, OPTIONS
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717832&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=UJLEEcWF55wSpWs9ypX4%2F0SELraoDHMLhDPYrfA7Ni4%3D"}]}
Content-Type: application/json
X-Frame-Options: DENY
Access-Control-Allow-Origin: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
Cache-Control: no-store
Vary: Cookie, Origin

GET
H/1.1 200
OK 807.b82cb257.chunk.js Show response
demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/ 338 KB
77 KB 40ms
39ms Script
application/x-javascript 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/807.b82cb257.chunk.js

Requested by

Host: demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
URL: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/main.92174be8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3d7606b3aca2b96d4de4780dc4d430f5ec0a444b233f12d5ce91d2832bed4e32

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com blob: data:; connect-src 'self' https://.cloudfront.net https://.helpscout.net https://api.eligible.ai https://.eligiblestaging.co.uk https://sentry.io https://.googleapis.com .google.com https://.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 16:17:12 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://*.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://*.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Content-Encoding: gzip
Transfer-Encoding: chunked
Via: 1.1 vegur
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717832&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=f08GYCEYQGIHZkSpJunUG1%2F01RqEdXge1RzwDdLUGCA%3D
Referrer-Policy: same-origin
Last-Modified: Wed, 31 Jan 2024 16:11:44 GMT
Server: nginx
Etag: W/"65ba7140-5470a"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717832&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=f08GYCEYQGIHZkSpJunUG1%2F01RqEdXge1RzwDdLUGCA%3D"}]}
Content-Type: application/x-javascript
X-Frame-Options: DENY

GET
H/1.1 200
OK 893.46f330de.chunk.js Show response
demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/ 34 KB
15 KB 44ms
43ms Script
application/x-javascript 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/893.46f330de.chunk.js

Requested by

Host: demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
URL: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/main.92174be8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

bdc378cdf6c9dd980393579a6cf66c6dcf8c14e7fc91b0f124dbb4778e5d27eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com blob: data:; connect-src 'self' https://.cloudfront.net https://.helpscout.net https://api.eligible.ai https://.eligiblestaging.co.uk https://sentry.io https://.googleapis.com .google.com https://.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 16:17:12 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://*.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://*.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Content-Encoding: gzip
Transfer-Encoding: chunked
Via: 1.1 vegur
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717832&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=f08GYCEYQGIHZkSpJunUG1%2F01RqEdXge1RzwDdLUGCA%3D
Referrer-Policy: same-origin
Last-Modified: Wed, 31 Jan 2024 16:11:44 GMT
Server: nginx
Etag: W/"65ba7140-8756"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717832&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=f08GYCEYQGIHZkSpJunUG1%2F01RqEdXge1RzwDdLUGCA%3D"}]}
Content-Type: application/x-javascript
X-Frame-Options: DENY

GET
H/1.1 200
OK 741.f73a6d04.chunk.js Show response
demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/ 50 KB
17 KB 126ms
52ms Script
application/x-javascript 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/741.f73a6d04.chunk.js

Requested by

Host: demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
URL: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/main.92174be8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

254f91d0fb57e19c661ed3b0a6d80097f4912e26d48b754a94a09da625790bcd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com blob: data:; connect-src 'self' https://.cloudfront.net https://.helpscout.net https://api.eligible.ai https://.eligiblestaging.co.uk https://sentry.io https://.googleapis.com .google.com https://.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 16:17:12 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://*.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://*.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Content-Encoding: gzip
Transfer-Encoding: chunked
Via: 1.1 vegur
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717832&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=f08GYCEYQGIHZkSpJunUG1%2F01RqEdXge1RzwDdLUGCA%3D
Referrer-Policy: same-origin
Last-Modified: Wed, 31 Jan 2024 16:11:44 GMT
Server: nginx
Etag: W/"65ba7140-c89c"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717832&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=f08GYCEYQGIHZkSpJunUG1%2F01RqEdXge1RzwDdLUGCA%3D"}]}
Content-Type: application/x-javascript
X-Frame-Options: DENY

GET
H/1.1 200
OK 198.66911a42.chunk.css
demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/css/ 81 KB
15 KB 114ms
41ms Stylesheet
text/css 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/css/198.66911a42.chunk.css

Requested by

Host: demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
URL: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/main.92174be8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8610b21af00ff9903c940a3305836d7d0a99784a44092ee1711324c9d7376fa1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com blob: data:; connect-src 'self' https://.cloudfront.net https://.helpscout.net https://api.eligible.ai https://.eligiblestaging.co.uk https://sentry.io https://.googleapis.com .google.com https://.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 16:17:12 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://*.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://*.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Content-Encoding: gzip
Transfer-Encoding: chunked
Via: 1.1 vegur
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717832&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=f08GYCEYQGIHZkSpJunUG1%2F01RqEdXge1RzwDdLUGCA%3D
Referrer-Policy: same-origin
Last-Modified: Wed, 31 Jan 2024 16:11:44 GMT
Server: nginx
Etag: W/"65ba7140-1456a"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717832&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=f08GYCEYQGIHZkSpJunUG1%2F01RqEdXge1RzwDdLUGCA%3D"}]}
Content-Type: text/css
X-Frame-Options: DENY

GET
H/1.1 200
OK 198.d463bfdb.chunk.js Show response
demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/ 243 KB
70 KB 127ms
53ms Script
application/x-javascript 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/198.d463bfdb.chunk.js

Requested by

Host: demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
URL: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/main.92174be8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5e4137817a6d66b2ca6b28b13212de4157a0bd524c4ae8d97a5549bcd006669e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com blob: data:; connect-src 'self' https://.cloudfront.net https://.helpscout.net https://api.eligible.ai https://.eligiblestaging.co.uk https://sentry.io https://.googleapis.com .google.com https://.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 16:17:12 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://*.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://*.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Content-Encoding: gzip
Transfer-Encoding: chunked
Via: 1.1 vegur
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717832&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=f08GYCEYQGIHZkSpJunUG1%2F01RqEdXge1RzwDdLUGCA%3D
Referrer-Policy: same-origin
Last-Modified: Wed, 31 Jan 2024 16:11:44 GMT
Server: nginx
Etag: W/"65ba7140-3cbed"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717832&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=f08GYCEYQGIHZkSpJunUG1%2F01RqEdXge1RzwDdLUGCA%3D"}]}
Content-Type: application/x-javascript
X-Frame-Options: DENY

GET
H/1.1 200
OK mulish-latin-wght-normal.534216428c5bbca363fa.woff2
demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/media/ 27 KB
29 KB 38ms
38ms Font
application/octet-stream 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/media/mulish-latin-wght-normal.534216428c5bbca363fa.woff2

Requested by

Host: demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
URL: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/css/main.4ef239b7.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com blob: data:; connect-src 'self' https://.cloudfront.net https://.helpscout.net https://api.eligible.ai https://.eligiblestaging.co.uk https://sentry.io https://.googleapis.com .google.com https://.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/css/main.4ef239b7.css
Origin: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 16:17:13 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://*.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://*.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Via: 1.1 vegur
Connection: keep-alive
Content-Length: 27428
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717833&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=Cxbs6%2FEYzBF0AamJeQ3JWzQ6tH0dDQ6k17BCCG8oUF8%3D
Referrer-Policy: same-origin
Last-Modified: Wed, 31 Jan 2024 16:11:44 GMT
Server: nginx
Etag: "65ba7140-6b24"
X-Frame-Options: DENY
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717833&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=Cxbs6%2FEYzBF0AamJeQ3JWzQ6tH0dDQ6k17BCCG8oUF8%3D"}]}
Content-Type: application/octet-stream
Accept-Ranges: bytes

GET
H/1.1 200
OK 743.d7d09cfd.chunk.js Show response
demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/ 329 KB
96 KB 33ms
33ms Script
application/x-javascript 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/743.d7d09cfd.chunk.js

Requested by

Host: demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
URL: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/main.92174be8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

84495a330b8b5f774764c7139eaa2afbb0d6270c3eb3d449ee5c39804d24bef4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com blob: data:; connect-src 'self' https://.cloudfront.net https://.helpscout.net https://api.eligible.ai https://.eligiblestaging.co.uk https://sentry.io https://.googleapis.com .google.com https://.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 16:17:13 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://*.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://*.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Content-Encoding: gzip
Transfer-Encoding: chunked
Via: 1.1 vegur
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717833&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=Cxbs6%2FEYzBF0AamJeQ3JWzQ6tH0dDQ6k17BCCG8oUF8%3D
Referrer-Policy: same-origin
Last-Modified: Wed, 31 Jan 2024 16:11:44 GMT
Server: nginx
Etag: W/"65ba7140-52305"
Vary: Accept-Encoding
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717833&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=Cxbs6%2FEYzBF0AamJeQ3JWzQ6tH0dDQ6k17BCCG8oUF8%3D"}]}
Content-Type: application/x-javascript
X-Frame-Options: DENY

GET
H/1.1 200
OK 6351e099-65ac-494a-b89e-b68cb74d2af2.png.240x240_q85_autocrop.png
eligible-staging.s3.amazonaws.com/firms/476f9a8c-a4c5-46da-8626-bee483e9b771/ 8 KB
8 KB 127ms
63ms Image
image/png 52.95.150.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eligible-staging.s3.amazonaws.com/firms/476f9a8c-a4c5-46da-8626-bee483e9b771/6351e099-65ac-494a-b89e-b68cb74d2af2.png.240x240_q85_autocrop.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.150.57 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.eu-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 79043e822d640adf6c34434df868260f284e7eb654d1670bd94caf09b8a45bd4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 16:17:14 GMT
Last-Modified: Tue, 28 Mar 2023 13:26:04 GMT
Server: AmazonS3
x-amz-request-id: 9H9Z0CMMDH536EGD
ETag: "0560662edba110340d5149963e08457a"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 8049
x-amz-id-2: NXEpoYviPMBXnZY4xji7zw7xeQ4GexMjz1iriS8kDvr6FmxbWNjK8nV1O2ce6HvuKGwhDebnWss=

GET
H/1.1 200
OK mulish-latin-wght-italic.ffcffbb02133b5916da0.woff2
demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/media/ 28 KB
30 KB 36ms
36ms Font
application/octet-stream 54.73.26.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/media/mulish-latin-wght-italic.ffcffbb02133b5916da0.woff2

Requested by

Host: demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
URL: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/css/main.4ef239b7.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.73.26.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-26-109.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com blob: data:; connect-src 'self' https://.cloudfront.net https://.helpscout.net https://api.eligible.ai https://.eligiblestaging.co.uk https://sentry.io https://.googleapis.com .google.com https://.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/css/main.4ef239b7.css
Origin: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 31 Jan 2024 16:17:13 GMT
Strict-Transport-Security: max-age=63072000
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://*.googleapis.com https://*.gstatic.com *.google.com https://*.ggpht.com *.googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://*.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://*.googleapis.com https://*.gstatic.com *.google.com *.googleusercontent.com blob: data:; connect-src 'self' https://*.cloudfront.net https://*.helpscout.net https://api.eligible.ai https://*.eligiblestaging.co.uk https://sentry.io https://*.googleapis.com *.google.com https://*.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Via: 1.1 vegur
Connection: keep-alive
Content-Length: 29156
X-Xss-Protection: 1; mode=block
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717833&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=Cxbs6%2FEYzBF0AamJeQ3JWzQ6tH0dDQ6k17BCCG8oUF8%3D
Referrer-Policy: same-origin
Last-Modified: Wed, 31 Jan 2024 16:11:44 GMT
Server: nginx
Etag: "65ba7140-71e4"
X-Frame-Options: DENY
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717833&sid=812dcc77-0bd0-43b1-a5f1-b25750382959&s=Cxbs6%2FEYzBF0AamJeQ3JWzQ6tH0dDQ6k17BCCG8oUF8%3D"}]}
Content-Type: application/octet-stream
Accept-Ranges: bytes

POST
H/1.1 201
Created / Show response
api.eligiblestaging.co.uk/api-v1/pageview/ 0
1 KB 71ms
71ms XHR
text/plain 54.247.69.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.eligiblestaging.co.uk/api-v1/pageview/

Requested by

Host: demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
URL: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk/static/js/main.92174be8.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.247.69.169 , Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-247-69-169.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
Referer
x-frontend-version: e1c50a6d10c7261973ae00be8bbe719b105bd2d7
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 31 Jan 2024 16:17:13 GMT
Strict-Transport-Security: max-age=60
X-Content-Type-Options: nosniff
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Via: 1.1 vegur
Content-Security-Policy-Report-Only: script-src 'self'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; object-src 'none'; manifest-src 'self'; base-uri 'self'; img-src 'self' https://eligible-production.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-staging.s3.amazonaws.com; style-src 'self' https://fonts.googleapis.com; default-src 'none'; frame-ancestors 'none'; report-uri /csp-reports/
Connection: keep-alive
Content-Length: 0
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717833&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=zyMy9V%2Fuh1dMCYCdTpBDjQb0ryiHl8RZvvFZ4yIOmw8%3D
Referrer-Policy: same-origin
Server: gunicorn
Cross-Origin-Opener-Policy: same-origin
Allow: POST, OPTIONS
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717833&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=zyMy9V%2Fuh1dMCYCdTpBDjQb0ryiHl8RZvvFZ4yIOmw8%3D"}]}
X-Frame-Options: DENY
Access-Control-Allow-Origin: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
Cache-Control: no-store
Vary: Cookie, Origin

OPTIONS
H/1.1 200
OK /
api.eligiblestaging.co.uk/api-v1/pageview/ 0
0 49ms
49ms Preflight
text/html 54.247.69.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.eligiblestaging.co.uk/api-v1/pageview/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.247.69.169 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-247-69-169.eu-west-1.compute.amazonaws.com
Software: gunicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-frontend-version
Access-Control-Request-Method: POST
Origin: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-frontend-version
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Allow-Origin: https://demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Wed, 31 Jan 2024 16:17:13 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706717833&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=zyMy9V%2Fuh1dMCYCdTpBDjQb0ryiHl8RZvvFZ4yIOmw8%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1706717833&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=zyMy9V%2Fuh1dMCYCdTpBDjQb0ryiHl8RZvvFZ4yIOmw8%3D
Server: gunicorn
Vary: Origin
Via: 1.1 vegur

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://player.vimeo.com 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; frame-ancestors 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://beacon-v2.helpscout.net https://widget.intercom.io https://.googleapis.com https://.gstatic.com .google.com https://.ggpht.com .googleusercontent.com; img-src 'self' https://eligible-staging.s3.amazonaws.com https://eligible-production.s3.eu-west-2.amazonaws.com https://eligible-production.s3.amazonaws.com https://eligible.ai https://.eligiblestaging.co.uk https://media.giphy.com https://d33v4339jhl8k0.cloudfront.net https://.googleapis.com https://.gstatic.com .google.com .googleusercontent.com blob: data:; connect-src 'self' https://.cloudfront.net https://.helpscout.net https://api.eligible.ai https://.eligiblestaging.co.uk https://sentry.io https://.googleapis.com .google.com https://.gstatic.com data: blob:; object-src 'none'; manifest-src 'self' blob: ;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.eligiblestaging.co.uk
demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk
eligible-staging.s3.amazonaws.com
52.95.150.57
54.247.69.169
54.73.26.109
0e2dae81b8875108db48525ca93a839cf9875658524945a34ac1f7c71df8934b
254f91d0fb57e19c661ed3b0a6d80097f4912e26d48b754a94a09da625790bcd
3d7606b3aca2b96d4de4780dc4d430f5ec0a444b233f12d5ce91d2832bed4e32
5e4137817a6d66b2ca6b28b13212de4157a0bd524c4ae8d97a5549bcd006669e
79043e822d640adf6c34434df868260f284e7eb654d1670bd94caf09b8a45bd4
7d081b1ed15a0074cf2cc7e574123fc85736ef6648ba45c5e6f5a446c9dcc849
84495a330b8b5f774764c7139eaa2afbb0d6270c3eb3d449ee5c39804d24bef4
8610b21af00ff9903c940a3305836d7d0a99784a44092ee1711324c9d7376fa1
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
8f5214ae09d215fa6b2f060fd862842433c83b553530882b8912c34c39fc9449
b249d7fe1223d7779b95ebdad03b209acb33f97e277e27930acc825ee2484563
bb07be643bc74ff8cd7b826a462b8fe3eb2c2e3ead127d4d5b227c679db04989
bdc378cdf6c9dd980393579a6cf66c6dcf8c14e7fc91b0f124dbb4778e5d27eb
c476a2d5d0abc7d77b54fc6d2672f1e6febd37a8354c818993bd323c5f499414
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk Open in urlscan Pro 54.73.26.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

894 kBTransfer

2815 kBSize

0 Cookies

4 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

demo.finance.br-eng-5941-post-com.eligiblestaging.co.uk Open in urlscan Pro
54.73.26.109 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

894 kB
Transfer

2815 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions