app.vanta.com Open in urlscan Pro
52.203.10.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.com%2Ftests%3Ftab%3DR...
Effective URL:
https://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.com%2Ftests%3Ftab%3DR...
Submission: On February 21 via api (February 21st 2024, 5:09:52 pm UTC) from IE — Scanned from DE

Summary HTTP 47 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 9 domains to perform 47 HTTP transactions. The main IP is 52.203.10.41, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.vanta.com. The Cisco Umbrella rank of the primary domain is 346603.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 25th 2023. Valid for: a year.

This is the only time app.vanta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	52.203.10.41 52.203.10.41	14618 (AMAZON-AES) (AMAZON-AES)
12	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	18.173.154.101 18.173.154.101	16509 (AMAZON-02) (AMAZON-02)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
3	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
2	2600:1f18:24e... 2600:1f18:24e6:b902:3596:b780:9725:51f8	14618 (AMAZON-AES) (AMAZON-AES)
4	34.66.73.214 34.66.73.214	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	44.199.151.202 44.199.151.202	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:24e... 2600:1f18:24e6:b902:2110:4f9e:2e53:2883	14618 (AMAZON-AES) (AMAZON-AES)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:225b:e000:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.237.70.166 44.237.70.166	16509 (AMAZON-02) (AMAZON-02)
47	15

4 52.203.10.41 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-10-41.compute-1.amazonaws.com

app.vanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

static.vanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.173.154.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-101.muc50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

fast.trychameleon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b902:3596:b780:9725:51f8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.66.73.214 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 214.73.66.34.bc.googleusercontent.com

client-api.auryc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.199.151.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-151-202.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b902:2110:4f9e:2e53:2883 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

session-replay.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225b:e000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.70.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-70-166.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	vanta.com 1 redirects app.vanta.com — Cisco Umbrella Rank: 346603 static.vanta.com — Cisco Umbrella Rank: 640984	7 MB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1356 q.stripe.com — Cisco Umbrella Rank: 8764 m.stripe.com — Cisco Umbrella Rank: 1289	170 KB
6	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 1016 heapanalytics.com — Cisco Umbrella Rank: 909	234 KB
4	auryc.com client-api.auryc.com — Cisco Umbrella Rank: 9901	1 KB
4	gstatic.com fonts.gstatic.com	138 KB
3	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2446 session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 8956	1 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1444	16 KB
1	trychameleon.com fast.trychameleon.com — Cisco Umbrella Rank: 17453	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	1 KB
47	9

	Domain	Requested by
12	static.vanta.com	app.vanta.com static.vanta.com
4	client-api.auryc.com	static.vanta.com
4	cdn.heapanalytics.com	app.vanta.com cdn.heapanalytics.com
4	fonts.gstatic.com	app.vanta.com fonts.googleapis.com
4	app.vanta.com	1 redirects static.vanta.com
3	q.stripe.com	app.vanta.com
3	js.stripe.com	static.vanta.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	heapanalytics.com
2	rum.browser-intake-datadoghq.com	static.vanta.com
1	m.stripe.com	m.stripe.network
1	session-replay.browser-intake-datadoghq.com	static.vanta.com
1	fast.trychameleon.com	static.vanta.com
1	fonts.googleapis.com	app.vanta.com
47	14

This site contains links to these domains. Also see Links.

Domain
www.vanta.com

Subject Issuer	Validity	Valid
vanta.com Amazon RSA 2048 M01	`2023-03-25` - `2024-04-22`	a year	crt.sh
static.vanta.com E1	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
fast.trychameleon.com R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh
*.auryc.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.com%2Ftests%3Ftab%3DRisks%26status%3DNEEDS_REMEDIATION%26status%3DDUE_SOON%26status%3DOVERDUE%26taskType%3DTEST%26utm_campaign%3DWeeklySummary%26utm_medium%3Demail%26utm_source%3Doperational
Frame ID: AC6CFAADF16A862C63F876DB2401DD4F
Requests: 37 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: E2D9578BBCEFFB79C5C3F0106A1201CE
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0CE5416465BEA1B0D9F269AABEF14EB2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vanta

Page URL History Show full URLs

http://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.c... HTTP 301
https://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.c... Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

47
Requests

91 %
HTTPS

43 %
IPv6

9
Domains

14
Subdomains

15
IPs

2
Countries

8236 kB
Transfer

34233 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vanta.com/demo
Title: Contact us.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.com%2Ftests%3Ftab%3DRisks%26status%3DNEEDS_REMEDIATION%26status%3DDUE_SOON%26status%3DOVERDUE%26taskType%3DTEST%26utm_campaign%3DWeeklySummary%26utm_medium%3Demail%26utm_source%3Doperational HTTP 301
https://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.com%2Ftests%3Ftab%3DRisks%26status%3DNEEDS_REMEDIATION%26status%3DDUE_SOON%26status%3DOVERDUE%26taskType%3DTEST%26utm_campaign%3DWeeklySummary%26utm_medium%3Demail%26utm_source%3Doperational Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/
Redirect Chain

http://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.com%2Ftests%3Ftab%3DRisks%26status%3DNEEDS_REMEDIATION%26status%3DDUE_SOON%26status%3DOVERDUE%26taskT...
https://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.com%2Ftests%3Ftab%3DRisks%26status%3DNEEDS_REMEDIATION%26status%3DDUE_SOON%26status%3DOVERDUE%26task...

1 KB
2 KB

427ms
182ms

Document
text/html

52.203.10.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.com%2Ftests%3Ftab%3DRisks%26status%3DNEEDS_REMEDIATION%26status%3DDUE_SOON%26status%3DOVERDUE%26taskType%3DTEST%26utm_campaign%3DWeeklySummary%26utm_medium%3Demail%26utm_source%3Doperational

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.10.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-10-41.compute-1.amazonaws.com

Software

cloudflare /

Resource Hash

2deb95ef88cf7806b256a593b9d984b3f6015f9e3d3623da948a499e570be835

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8590995be887065c-IAD
content-encoding: br
content-length: 496
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
content-type: text/html; charset=utf-8
date: Wed, 21 Feb 2024 17:09:47 GMT
etag: W/"7295d0ae83c5a747c48ca22dac003e24"
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VC8LGqVlAA1ulKBO9BCpmoo6WavT0%2BM8g8haB%2F1%2FT8pFQkJu4WTYLLm%2BXDvp4uCU4Xn%2BE4mO1yAIzuz5vqmZqUSLCLFbfdhAVC0ez0MGZldtuxLH8pStavw%2F%2Fyy7af7YgD5O"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
uuid: 0414f950-d0dc-11ee-bb79-8f75c014a36f
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: noindex
x-xss-protection: 0

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Wed, 21 Feb 2024 17:09:47 GMT
Location: https://app.vanta.com:443/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.com%2Ftests%3Ftab%3DRisks%26status%3DNEEDS_REMEDIATION%26status%3DDUE_SOON%26status%3DOVERDUE%26taskType%3DTEST%26utm_campaign%3DWeeklySummary%26utm_medium%3Demail%26utm_source%3Doperational
Server: awselb/2.0

GET
H2 200 index.ef32215b.css
static.vanta.com/static/ 44 KB
11 KB 166ms
99ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.ef32215b.css

Requested by

Host: app.vanta.com
URL: https://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.com%2Ftests%3Ftab%3DRisks%26status%3DNEEDS_REMEDIATION%26status%3DDUE_SOON%26status%3DOVERDUE%26taskType%3DTEST%26utm_campaign%3DWeeklySummary%26utm_medium%3Demail%26utm_source%3Doperational

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

810ec34dabbebed972e1a0a93eb83928d505aeb41e4ab8a8205ae0a18616368e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3ef9496dca9e65924b7c5698e274ca74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSUODJcidJ67sWRBgiA9bl4KEaNpGEfLH91MO3L7bL5ewSeCRV6rPLZEZGotGp6%2BMDCSq7mXXg0sscp%2FpN0j2gy379fsLaJFmnTemJrA3DxkVxR3bNrSUs5w0kAYltH7npRCGuDHaG%2BLjVa5NENl"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8590995d0829d0cd-AMS

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 99ms
44ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.vanta.com/
Origin: https://app.vanta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:48:48 GMT
x-content-type-options: nosniff
age: 33659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37780
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:48:48 GMT

GET
H2 200 L0x8DFMnlVwD4h3hu_qnZypEiw.woff2
fonts.gstatic.com/s/domine/v19/ 27 KB
27 KB 77ms
22ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/domine/v19/L0x8DFMnlVwD4h3hu_qnZypEiw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331215b2d754c35f93a1868c74124b059095b34b1b49625c9bf149a0e8a19518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.vanta.com/
Origin: https://app.vanta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 23:46:04 GMT
x-content-type-options: nosniff
age: 62623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27612
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:06:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Feb 2025 23:46:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 85ms
30ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Domine:wght@400;600&family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2c69d708a8abc8a503d23d344b9eeab2159d0a609d60620a7f6c58212f5b8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 17:09:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 17:09:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 17:09:47 GMT

GET
H2 200 index.679bda3d.css
static.vanta.com/static/ 478 KB
81 KB 176ms
110ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.679bda3d.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bfba3c3fd364f0ddfaa9ace74f3fa25df63ac491e541b8e342195d51a52afd4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"0cb873f58d8a3509f6cfa8daea508ccc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELv6p%2B8OtD1btKwIuqfhnaOFyZm2zSiSAyWEVXf2brv4uZV%2FsPJzXmT%2FOpWrRfP1m5W5%2F%2BQNbR%2FUtgJw1uWR70EktVRNkY13%2FbkiMIIUO2%2FSsEw%2BbYzvxai9rdG4fGAJYbGinTMtc10CP79coJdV"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8590995d0831d0cd-AMS

GET
H2 200 index.fd190e71.css
static.vanta.com/static/ 566 B
657 B 161ms
94ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.fd190e71.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9beae50b8ea51cca1e4fe63ceee608977173aeb44a1d1fa6297d93a3e77f5bd8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c78a3167656670f91dc7e03525ef6920"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDUrCZgqvH9ozyIf6L6VJuuQy3URfHGR441zBxKutfPY3A%2BQgIfW4M8me5eFL1CQYFBU4rvz%2Bmj8jzccQ0fWvIbAHL%2BkPCVz5dIvSX0e26C6OoDyXqIKPadrXDGcu%2F6cJSG2qCiPkSv9F7vJteW%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8590995d0835d0cd-AMS

GET
H2 200 index.04727e09.css
static.vanta.com/static/ 574 B
2 KB 153ms
87ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.04727e09.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f48582eae2169bd5126b907566d7c70af153b9daff643866b5b98fdac29bd5e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"595ce78ec4af2ff37e22c6bf1a059ff7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUsqUxg%2BpPbtubAR614EwkmaW9io554Zhz3fSutLXr7tmfnSj2Jq%2FwLPNHGwpV8oIxuqUiNBPP2dRlqRd9PbGWC52QUPxwh86AEgB6a%2B5C5%2BC6cRQxODilN%2BGAytD3lSQ3u%2B2kMgQgASdmzzkbkS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8590995d0837d0cd-AMS

GET
H2 200 entry.js Show response
static.vanta.com/static/ 600 B
585 B 76ms
75ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/entry.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

789066657a624ce038d2023f0cf18b10ea28981632fd3e72e6ec69fbd613d90b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2ddb57804f772378ad574d41479472c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PG2Qx5hW9W2xe1xo3TVaAh%2BrAXlNkb34FVCBFByNXTQyycKXek%2FeFJGZEZkgcdub7ebap%2FWGDbpCfZ7oFidPSm0rYf3F8dI7Pq8QNKYgb%2BT1ne%2BHZ9TlQa6ct8X9qsTKQZrBv2IuIUmQzg1%2F0SCz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8590995e0a0dd0cd-AMS

GET
H2 200 index.2cc4f499.js
static.vanta.com/static/ 16 MB
3 MB 1099ms
1099ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.2cc4f499.js

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:48 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"7e7503ef77b023e134fe639adee92f30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqL5cFeZpoIEpT1DsDr%2BEpxXwBbADYYX3Q3oK0U%2FeDNHpGdXnSUzbDaNucX6VwmEN8vSbeAk2szZN7FP10gkMvMwL2gvaL2415B7kNkG%2FNqMzCLsXGTWxk%2FayBGPh2qccRGwQBShUERnZULO6EDh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8590995e7b00d0cd-AMS

GET
H2 200 index.runtime.1320a9f6.js Show response
static.vanta.com/static/ 4 KB
3 KB 78ms
78ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.runtime.1320a9f6.js

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2abd13aeaa208c5820eedbbf03d2eec6c6702a69255cb1f0809eb358455c710

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"26454de25b56f7d65e2ed5ff786c8296"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CwLU84fHAjxCQB%2B%2FpQCKDF6eMe8DapJ5afjCZ44o9ru9ryikoJcinGdALMvjjSKsTVQa5tA8fMaf%2B%2BVlu70onPlhFfRzsx9csHqHS8eCahgY0cFYy2rLO3PeSMwDEoMJdeGUIiOPaqaYA38JeAJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8590995e7b01d0cd-AMS

GET
H2 200 index.runtime.5cdcfecc.js Show response
static.vanta.com/static/ 31 KB
11 KB 78ms
77ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.runtime.5cdcfecc.js

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ece27120b58c0646ec50fd3b78f13d0bb73e7f3cbac1fbcb9d04bb2584454533

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e4cf59026960f0e01da9c37d08a72da7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UL7dHIwbnCahq6uVhkHhbjGbvY7JNn%2Bk0S9MyT0eVUxF8RdFbcO19vkbCk8zh%2F6jpM%2B5IpgBG3ArYeQxspaNCOOIk8BLhlI6hxN%2FCwAOoq3gCX%2F1rPflr4PIEqmoMg%2BIASXAEXHbqDwb%2Fvry0utH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8590995e7b03d0cd-AMS

GET
H2 200 index.66c781cc.js Show response
static.vanta.com/static/ 14 MB
3 MB 151ms
151ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.66c781cc.js

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e13e3921dc321693454c42f7c27b102136ea2d5264b8d6294b47f801cc72cb69

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:48 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"6931c26451cabdd1a5be87979bf79d02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6ppQkAVifskpQz1YUyqq59Ru2qh%2Fl4C2vRTWuSh1k9fd%2FboDWb8przg7reCoLryMnK9YkQuCNdg5q6TpWtnRb3gttMriyA8ZjMl8koJXDaZqgima6SzFiT%2B%2Fm6zAL%2BJhYdyZnsqkcSNAoxXWcK8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8590995e8b06d0cd-AMS

GET
H2 200 heap-948124972.js Show response
cdn.heapanalytics.com/js/ 119 KB
38 KB 87ms
32ms Script
application/javascript 18.173.154.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-948124972.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.101 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-101.muc50.r.cloudfront.net

Software

nginx / Express

Resource Hash

c65c5cc8c4671fa42f3d76452be2f573e438aff75ae43eddc9924cb7ee64f9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:08:14 GMT
content-encoding: br
via: 1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: MUC50-P3
age: 95
x-powered-by: Express
etag: W/"1da84-3KFjoFIMnEpnyeIFs0m3cnwGaRo"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: oJnTEM95fhwMEjuq5mo59iQEAGXjo643Gc7loW7MUQIhVawRvrAMuA==

GET
H2 200 messo.min.js Show response
fast.trychameleon.com/messo/SOeAVlYm1Kff6u9J5AFDbaPsfTr9EOOBq2sZLM1LYalxB9-1KFOH1-CwwKM1tlygzuj0fF/ 4 KB
2 KB 75ms
22ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.trychameleon.com/messo/SOeAVlYm1Kff6u9J5AFDbaPsfTr9EOOBq2sZLM1LYalxB9-1KFOH1-CwwKM1tlygzuj0fF/messo.min.js

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.66c781cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

990151cb10e0ca555e02f771cfdcd347522fbff5a89de93bf8043b3c99d6f03c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:50 GMT
content-encoding: br
via: 1.1 chameleon.io (Hyoid)
strict-transport-security: max-age=31557600
last-modified: Fri, 22 Sep 2023 21:19:38 GMT
etag: "d712cb51ddca79bec27267c5dda35ad1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, no-cache
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1476

GET
H2 200 v3 Show response
js.stripe.com/ 600 KB
166 KB 75ms
23ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.66c781cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fd14ad513302b20c3cfc56ddf50e0cbb6c7b37e90929c09cdc0983215e8d305f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 17:09:50 GMT
via: 1.1 varnish
age: 24
x-cache: HIT
content-length: 170007
x-request-id: f24d8020-fac5-46ad-ac0c-f29b2d3b1b4b
x-served-by: cache-fra-etou8220091-FRA
last-modified: Tue, 20 Feb 2024 22:03:06 GMT
server: Fastly
etag: "9faf3c098157e1e5f44858d831bb11ed"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5

GET
BLOB 200
OK 27d29cf8-4469-42cd-b17d-85c718a2d021
https://app.vanta.com/ 78 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.vanta.com/27d29cf8-4469-42cd-b17d-85c718a2d021
Requested by: Host: app.vanta.com
URL: https://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.com%2Ftests%3Ftab%3DRisks%26status%3DNEEDS_REMEDIATION%26status%3DDUE_SOON%26status%3DOVERDUE%26taskType%3DTEST%26utm_campaign%3DWeeklySummary%26utm_medium%3Demail%26utm_source%3Doperational
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fe02f62f7609cef88ad3183a29e22e6e7b91ab5dcfaa60ec1afdb6c2adb5cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 78
Content-Type: application/javascript

GET
BLOB 200
OK affc7855-ddaf-42c8-84c4-e841f08cd807
https://app.vanta.com/ 25 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.vanta.com/affc7855-ddaf-42c8-84c4-e841f08cd807
Requested by: Host: app.vanta.com
URL: https://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.com%2Ftests%3Ftab%3DRisks%26status%3DNEEDS_REMEDIATION%26status%3DDUE_SOON%26status%3DOVERDUE%26taskType%3DTEST%26utm_campaign%3DWeeklySummary%26utm_medium%3Demail%26utm_source%3Doperational
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef42f4aa8f0b88e6d1cf013c7b79133dc4e036a011a70a25fb3113d7685520f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 25814
Content-Type

POST
H2 200 graphql Show response
app.vanta.com/ 25 B
495 B 126ms
126ms Fetch
application/json 52.203.10.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vanta.com/graphql?operation=userContext

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.2cc4f499.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.10.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-10-41.compute-1.amazonaws.com

Software

Resource Hash

c7682fb89236766d039f9c72f89dca916ef0003a9c43eba22ca9704194c15115

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
accept-language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
x-datadog-sampling-priority: 1
content-type: application/json
accept: */*
Referer: https://app.vanta.com/domain-redirect/657234bfea18d7882cf36ac6/?continue=https%3A%2F%2Fapp.vanta.com%2Ftests%3Ftab%3DRisks%26status%3DNEEDS_REMEDIATION%26status%3DDUE_SOON%26status%3DOVERDUE%26taskType%3DTEST%26utm_campaign%3DWeeklySummary%26utm_medium%3Demail%26utm_source%3Doperational
apollographql-client-version: 39220e
x-datadog-parent-id: 6204837943547162494
x-datadog-trace-id: 5709833094377543379
graphql-schema-version: 39220e

Response headers

date: Wed, 21 Feb 2024 17:09:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
uuid: 05fad050-d0dc-11ee-a4f8-3bebfbee7c20
content-length: 25
x-xss-protection: 0
referrer-policy: same-origin
etag: W/"19-AWcZ0/oWRZgbXds9xsp8WpnG9lI"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vanta.com
x-download-options: noopen
access-control-allow-credentials: true
x-robots-tag: noindex

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
344 B 499ms
271ms Fetch
application/json 2600:1f18:24e6:b902:3596:b780:9725:51f8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.46.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Aweb-client%2Cversion%3Af018081a5d16d6afcef00fd9e0a1dac45a187f92&dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin-version=4.46.0&dd-evp-origin=browser&dd-request-id=ca03fef4-4369-477d-a13e-54cf22c8f9ad&batch_time=1708535390659

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.2cc4f499.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:3596:b780:9725:51f8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

9ed49fe19b1447dac6d9a319a8b5b7b9e2c53c8a84b24d1195126b8eafdf8b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.vanta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Feb 2024 17:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: ca03fef4-4369-477d-a13e-54cf22c8f9ad

GET
H2 200 container.js Show response
cdn.heapanalytics.com/js/replay/2792-Main-prod-heap/ 9 KB
5 KB 29ms
28ms Script
application/javascript 18.173.154.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/replay/2792-Main-prod-heap/container.js
Requested by: Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/heap-948124972.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.154.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-101.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c32d161cfee462cdfb38beec0dc3bbe9d111724d93cd3e286aa043bb2b011b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: D_480R1RW1qeCSUaWI.7kASZs_uYmMEg
content-encoding: gzip
via: 1.1 bc5539655ffc88be2596a0239ddfae52.cloudfront.net (CloudFront)
date: Wed, 21 Feb 2024 10:40:37 GMT
x-amz-cf-pop: MUC50-P3
age: 30903
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4577
last-modified: Wed, 06 Dec 2023 01:28:26 GMT
server: AmazonS3
etag: "a816523d8c1a522488e9c713f4bf003b"
content-type: application/javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-amz-cf-id: mQDPVa8zuWRS33Jz3z5yNQJJ4hV23Vc3KcQcoZzD0NTQxbMwWRy2SQ==

GET
H2 200 releasesettings Show response
client-api.auryc.com/ 2 B
160 B 135ms
135ms XHR
application/json 34.66.73.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/releasesettings?lib=Web

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.2cc4f499.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.73.66.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

x-authorized-identity: 2792-Main-prod-heap
Referer: https://app.vanta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
x-authorized-token: b8f4daa15b465e82641d4ee5be8cbc25

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 17:09:50 GMT
server: istio-envoy
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://app.vanta.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 releasesettings
client-api.auryc.com/ Frame 0
0 400ms
132ms Preflight 34.66.73.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/releasesettings?lib=Web

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.73.66.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-authorized-identity,x-authorized-token
Access-Control-Request-Method: GET
Origin: https://app.vanta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-authorized-identity, x-authorized-token
access-control-allow-methods: OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://app.vanta.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Wed, 21 Feb 2024 17:09:50 GMT
expires: 0
pragma: no-cache
server: istio-envoy
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame E2D9 200 B
817 B 22ms
22ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.vanta.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1959110
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 21 Feb 2024 17:09:50 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 132591
x-content-type-options: nosniff
x-request-id: 1015a6ce-676c-4890-9295-5482ab2503cc
x-served-by: cache-fra-etou8220091-FRA

GET
H3 200 fa-regular-400.a2c46ca3.woff2
static.vanta.com/static/ 388 KB
390 KB 171ms
105ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/fa-regular-400.a2c46ca3.woff2

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.04727e09.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.vanta.com/static/index.04727e09.css
Origin: https://app.vanta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:50 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 397196
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "360b3ff42fc66112960a975a4ed00125"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1FUnXRGuCeB0KedGaEK%2BF6x1nb2vNCG5yntl%2FrBkB3JnvJ8qZReat8RAco%2BWr2jyiHXBQmufvp1wsSQ%2FFe6YCPTXg5s57OcS1jiqLf5KV6Oicc%2FTOo83Rr4U%2BVvW6FkDqR929shDyU6MiLsn%2B4Eu"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 85909970aa9c65f0-AMS

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Domine:wght@400;600&family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.vanta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:31:43 GMT
x-content-type-options: nosniff
age: 34687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:31:43 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 366ms
121ms Image
image/gif 44.199.151.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=948124972&u=2861059827562900&v=3256682924462318&s=3465118164721859&b=web&tv=4.0&z=0&h=%2Fdomain-redirect%2F657234bfea18d7882cf36ac6%2F&q=%3Fcontinue%3Dhttps%253A%252F%252Fapp.vanta.com%252Ftests%253Ftab%253DRisks%2526status%253DNEEDS_REMEDIATION%2526status%253DDUE_SOON%2526status%253DOVERDUE%2526taskType%253DTEST%2526utm_campaign%253DWeeklySummary%2526utm_medium%253Demail%2526utm_source%253Doperational&d=app.vanta.com&t=Vanta&ts=1708535390703&sch=1200&scw=1600&st=1708535390751

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.199.151.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-199-151-202.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 17:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 202 replay Show response
session-replay.browser-intake-datadoghq.com/api/v2/ 53 B
345 B 568ms
344ms Fetch
application/json 2600:1f18:24e6:b902:2110:4f9e:2e53:2883
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.46.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Aweb-client%2Cversion%3Af018081a5d16d6afcef00fd9e0a1dac45a187f92&dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin-version=4.46.0&dd-evp-origin=browser&dd-request-id=83d75418-aa7e-46db-931a-b6d6763bb833

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.2cc4f499.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:2110:4f9e:2e53:2883 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

949c8068942542d24ecc09b38a5a732f3cd14c32eff5c7a6f03c7e8c53ea47f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.vanta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryWMoSBUq33ohYywMb

Response headers

date: Wed, 21 Feb 2024 17:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: 83d75418-aa7e-46db-931a-b6d6763bb833

GET
H3 200 container.js Show response
cdn.heapanalytics.com/js/replay/2792-Main-prod-heap/ 9 KB
5 KB 29ms
29ms Script
application/javascript 18.173.154.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/replay/2792-Main-prod-heap/container.js
Requested by: Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/heap-948124972.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-101.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c32d161cfee462cdfb38beec0dc3bbe9d111724d93cd3e286aa043bb2b011b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: D_480R1RW1qeCSUaWI.7kASZs_uYmMEg
content-encoding: gzip
via: 1.1 129b4a1f09d5313624ec15fced944d6e.cloudfront.net (CloudFront)
date: Wed, 21 Feb 2024 10:40:37 GMT
age: 30903
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4577
last-modified: Wed, 06 Dec 2023 01:28:26 GMT
server: AmazonS3
etag: "a816523d8c1a522488e9c713f4bf003b"
content-type: application/javascript
cache-control: public,max-age=86400
accept-ranges: bytes
x-amz-cf-id: VnvOGauD5jtTxafk1RMUqHnHKaqq0cgjvTkoPEuqsff5yqmTFKyTPw==

GET
H2 200 h
heapanalytics.com/ 37 B
260 B 364ms
122ms Image
image/gif 44.199.151.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=948124972&u=2861059827562900&v=3485478637136317&s=3465118164721859&b=web&tv=4.0&z=2&h=%2Flogin&q=%3Fcontinue%3Dhttps%253A%252F%252Fapp.vanta.com%252Fdomain-redirect%252F657234bfea18d7882cf36ac6%252F%253Fcontinue%253Dhttps%25253A%25252F%25252Fapp.vanta.com%25252Ftests%25253Ftab%25253DRisks%252526status%25253DNEEDS_REMEDIATION%252526status%25253DDUE_SOON%252526status%25253DOVERDUE%252526taskType%25253DTEST%252526utm_campaign%25253DWeeklySummary%252526utm_medium%25253Demail%252526utm_source%25253Doperational&d=app.vanta.com&t=Vanta&ts=1708535390757&pr=%2Fdomain-redirect%2F657234bfea18d7882cf36ac6%2F&sp=z&sp=0&sp=ts&sp=1708535390703&sp=d&sp=app.vanta.com&sp=h&sp=%2Fdomain-redirect%2F657234bfea18d7882cf36ac6%2F&sp=t&sp=Vanta&sp=q&sp=%3Fcontinue%3Dhttps%253A%252F%252Fapp.vanta.com%252Ftests%253Ftab%253DRisks%2526status%253DNEEDS_REMEDIATION%2526status%253DDUE_SOON%2526status%253DOVERDUE%2526taskType%253DTEST%2526utm_campaign%253DWeeklySummary%2526utm_medium%253Demail%2526utm_source%253Doperational&sch=1200&scw=1600&st=1708535390758

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.199.151.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-199-151-202.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 17:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 graphql Show response
app.vanta.com/ 23 B
493 B 127ms
127ms Fetch
application/json 52.203.10.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.vanta.com/graphql?operation=getUserLogin

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.2cc4f499.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.203.10.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-203-10-41.compute-1.amazonaws.com

Software

Resource Hash

6bbaeca3971834b646b6ac5ef10a82be7f6fccb409950f00d40206db70fe329f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
accept-language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
x-datadog-sampling-priority: 1
content-type: application/json
accept: */*
Referer: https://app.vanta.com/login?continue=https%3A%2F%2Fapp.vanta.com%2Fdomain-redirect%2F657234bfea18d7882cf36ac6%2F%3Fcontinue%3Dhttps%253A%252F%252Fapp.vanta.com%252Ftests%253Ftab%253DRisks%2526status%253DNEEDS_REMEDIATION%2526status%253DDUE_SOON%2526status%253DOVERDUE%2526taskType%253DTEST%2526utm_campaign%253DWeeklySummary%2526utm_medium%253Demail%2526utm_source%253Doperational
apollographql-client-version: 39220e
x-datadog-parent-id: 1413233767844630727
x-datadog-trace-id: 652126013669391992
graphql-schema-version: 39220e

Response headers

date: Wed, 21 Feb 2024 17:09:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
uuid: 06129e10-d0dc-11ee-b462-194a9d064b36
content-length: 23
x-xss-protection: 0
referrer-policy: same-origin
etag: W/"17-3u7w0oqvZTJFDVUjVePifsLb5k0"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://app.vanta.com
x-download-options: noopen
access-control-allow-credentials: true
x-robots-tag: noindex

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E2D9 526 B
450 B 22ms
22ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 17:09:50 GMT
via: 1.1 varnish
age: 1947019
x-cache: HIT
content-length: 315
x-request-id: 15668654-ab4b-4ee4-9d34-11d24a54f905
x-served-by: cache-fra-etou8220091-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 126546

POST
H2 200 csp-report
q.stripe.com/ Frame E2D9 0
718 B 597ms
200ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Feb 2024 17:09:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1708535391269697
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1708535391268599
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E2D9 0
717 B 600ms
204ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Feb 2024 17:09:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1708535391270611
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1708535391268674
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0CE5 930 B
2 KB 81ms
27ms Document
text/html 2600:9000:225b:e000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:e000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 21 Feb 2024 17:09:40 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
x-amz-cf-id: 6PJVidJpql8c9BwzQWYY2Zsej1uNMUHgOjgKBW4IpuF4tNsqJ2zcVA==
x-amz-cf-pop: MUC50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 0CE5 0
491 B 491ms
200ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 21 Feb 2024 17:09:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1708535391269259
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1708535391268706
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 0CE5 87 KB
14 KB 32ms
32ms Script
text/javascript 2600:9000:225b:e000:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:e000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:04 GMT
content-encoding: br
via: 1.1 8c1abfbb8460bed752668233d296dba8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 47
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: MUC50-P1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: JZysIGZknOkBqOD_Nf_pntMGcChSkR7tOYfiWym2ZoISQDFN-2Z8kQ==

GET
H3 200 login-bg.e278c91b.png
static.vanta.com/static/ 147 KB
149 KB 396ms
396ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.vanta.com/static/login-bg.e278c91b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6cf50663ee1130f5bd005ef4569175e096afb8f8ec037abce21a5dcea49e8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:50 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 150990
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "2c3f5c35f6491fe91af16525ac0776e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqV4INYskqTe5Q%2FEDOHo3CgZpInFbsZjqf0FmWKjHNqvQVz052ZDsml6%2BEzdkA0bzOaSfi56Yy%2FTMzvXlrq%2Fii7zFL4p%2F0H1i%2B8PqhNwoFjf1%2BJsbK7k6NDnxL50c1za45GMbzX49PxK%2Bh6xcBpG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 859099718cd619a1-EWR

GET
H3 200 L0x8DFMnlVwD4h3hu_qn.woff2
fonts.gstatic.com/s/domine/v20/ 27 KB
27 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/domine/v20/L0x8DFMnlVwD4h3hu_qn.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Domine:wght@400;600&family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ca7a2bf57b8f60a37d94646e7e67ffda591d8816c58a054d8ff1cc4103ba902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.vanta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 03:22:29 GMT
x-content-type-options: nosniff
age: 136041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28060
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Feb 2025 03:22:29 GMT

GET
H3 200 fa-solid-900.606c9fa0.woff2
static.vanta.com/static/ 318 KB
320 KB 161ms
161ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/fa-solid-900.606c9fa0.woff2

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.fd190e71.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4ce23501f658a336323bd90b52746e73e0ddca6be18651594d169b263db5410

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.vanta.com/static/index.fd190e71.css
Origin: https://app.vanta.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 17:09:50 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://*.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://*.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://*.commandbar.com;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 325592
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "fe9f0be7aa9c07747ec8302c87649404"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxN7VA71pJ96qDKIw%2F78DiEET3dV6dHlk6bcS0TcBxMdv7kXOTTek3CiY0CoOS%2B8Loark8mkGj3ZWooxFqEhOtO1xU29xQ0OaRSXIM%2BmAI38dueLT7lUAo%2BX6kPPxRdFMg5SYU%2BoRWLAVB%2F6dZFB"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 859099714bad65f0-AMS

POST
H2 200 6 Show response
m.stripe.com/ Frame 0CE5 156 B
670 B 581ms
196ms XHR
application/json 44.237.70.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.70.166 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-70-166.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

1a8801f74944da680c1a1b7837ddfdce93d2022e8972b437a949f1a66ba0109d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 21 Feb 2024 17:09:51 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1708535391440124
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1708535391439714
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
344 B 160ms
160ms Fetch
application/json 2600:1f18:24e6:b902:3596:b780:9725:51f8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.46.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Aweb-client%2Cversion%3Af018081a5d16d6afcef00fd9e0a1dac45a187f92&dd-api-key=pub5be58c436de630b41550fa3f1691dcfb&dd-evp-origin-version=4.46.0&dd-evp-origin=browser&dd-request-id=d19ca74b-8617-4f89-8488-4b036f303808&batch_time=1708535391124

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.2cc4f499.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:3596:b780:9725:51f8 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

f23f3d8556df033713d92367e45c49233cd84a3bc836fe6b59f770b8ff0fa310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.vanta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Feb 2024 17:09:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: d19ca74b-8617-4f89-8488-4b036f303808

GET
H3 200 auryc.lib.js Show response
cdn.heapanalytics.com/js/replay/libs/latest/ 695 KB
186 KB 28ms
28ms Script
application/javascript 18.173.154.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.heapanalytics.com/js/replay/libs/latest/auryc.lib.js
Requested by: Host: cdn.heapanalytics.com
URL: https://cdn.heapanalytics.com/js/replay/2792-Main-prod-heap/container.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.173.154.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-154-101.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7453f365efcae51a65348be81f1fa623448c5df91843e1d242915c3dbd202064

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.vanta.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: aitZvcoPD_hHYU9VIsednC_iAFYeXHQg
content-encoding: gzip
via: 1.1 129b4a1f09d5313624ec15fced944d6e.cloudfront.net (CloudFront)
date: Wed, 21 Feb 2024 07:21:14 GMT
age: 35318
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 189887
last-modified: Tue, 13 Feb 2024 17:59:41 GMT
server: AmazonS3
etag: "49a5e68ece9e7831ecfad5e0b2ea3cd0"
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: M7lEQSDU2fUEqgtzRfAAbh0Y2NEdT4y8MyKOzlusBbc_f0bFwVdzAQ==

GET
H2 200 siteconfig Show response
client-api.auryc.com/ 2 KB
1 KB 133ms
133ms XHR
application/json 34.66.73.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/siteconfig?lib=web

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.2cc4f499.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.73.66.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

66a4e2b283fdd7f741f768185a427d4358582b27919de28b6eae69adabe2f532

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

x-authorized-identity: 2792-Main-prod-heap
Referer: https://app.vanta.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
x-authorized-token: b8f4daa15b465e82641d4ee5be8cbc25
Content-Type: application/json

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000 ; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 21 Feb 2024 17:09:50 GMT
server: istio-envoy
vary: accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://app.vanta.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
expires: 0

OPTIONS
H2 200 siteconfig
client-api.auryc.com/ Frame 0
0 132ms
132ms Preflight 34.66.73.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://client-api.auryc.com/siteconfig?lib=web

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.66.73.214 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.73.66.34.bc.googleusercontent.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-authorized-identity,x-authorized-token
Access-Control-Request-Method: GET
Origin: https://app.vanta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-authorized-identity, x-authorized-token
access-control-allow-methods: OPTIONS,HEAD,GET,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://app.vanta.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Wed, 21 Feb 2024 17:09:50 GMT
expires: 0
pragma: no-cache
server: istio-envoy
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
BLOB 200
OK 2b9742fa-6ef8-4dc7-b90b-e6df7f015f30
https://app.vanta.com/ 85 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.vanta.com/2b9742fa-6ef8-4dc7-b90b-e6df7f015f30
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 85
Content-Type: application/javascript

GET
BLOB 200
OK 3dcebf86-c1cf-4fef-bffc-840b3b6490d2
https://app.vanta.com/ 85 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.vanta.com/3dcebf86-c1cf-4fef-bffc-840b3b6490d2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 85
Content-Type: application/javascript

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vanta.com/	1970-01-21 04:03:32	Name: _hp2_id.948124972 Value: %7B%22userId%22%3A%222861059827562900%22%2C%22pageviewId%22%3A%223485478637136317%22%2C%22sessionId%22%3A%223465118164721859%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.vanta.com/	1970-01-20 18:35:37	Name: _hp2_ses_props.948124972 Value: %7B%22ts%22%3A1708535390703%2C%22d%22%3A%22app.vanta.com%22%2C%22h%22%3A%22%2Fdomain-redirect%2F657234bfea18d7882cf36ac6%2F%22%2C%22q%22%3A%22%3Fcontinue%3Dhttps%253A%252F%252Fapp.vanta.com%252Ftests%253Ftab%253DRisks%2526status%253DNEEDS_REMEDIATION%2526status%253DDUE_SOON%2526status%253DOVERDUE%2526taskType%253DTEST%2526utm_campaign%253DWeeklySummary%2526utm_medium%253Demail%2526utm_source%253Doperational%22%7D
m.stripe.com/	1970-01-21 04:11:35	Name: m Value: 1b42eb28-53fc-41af-923c-f59fdc5b416a0df30d
.app.vanta.com/	1970-01-21 03:21:11	Name: __stripe_mid Value: 81390745-0ac6-4ed3-9a64-29c4bc0645eb2ce144
.app.vanta.com/	1970-01-20 18:35:37	Name: __stripe_sid Value: 1313a9a8-c2a7-439a-9b77-d2bfaa864fe4c46dc1
app.vanta.com/	1970-01-20 18:35:36	Name: _dd_s Value: logs=1&id=b8aa298e-51ef-411d-a9cc-bb217ad40982&created=1708535390575&expire=1708536290577&rum=1&lock=be279a90-a9da-441d-a9ee-95ce2b2669a4

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other	warning	URL: https://app.vanta.com/login?continue=https%3A%2F%2Fapp.vanta.com%2Fdomain-redirect%2F657234bfea18d7882cf36ac6%2F%3Fcontinue%3Dhttps%253A%252F%252Fapp.vanta.com%252Ftests%253Ftab%253DRisks%2526status%253DNEEDS_REMEDIATION%2526status%253DDUE_SOON%2526status%253DOVERDUE%2526taskType%253DTEST%2526utm_campaign%253DWeeklySummary%2526utm_medium%253Demail%2526utm_source%253Doperational Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data: https://.commandbar.com;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com https://.commandbar.com www.youtube-nocookie.com www.youtube.com www.loom.com https://js.stripe.com https://decagon.ai;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net https://.commandbar.com;object-src 'none';connect-src data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.vanta.com
cdn.heapanalytics.com
client-api.auryc.com
fast.trychameleon.com
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
rum.browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com
static.vanta.com
151.101.0.176
151.101.66.137
18.173.154.101
2600:1f18:24e6:b902:2110:4f9e:2e53:2883
2600:1f18:24e6:b902:3596:b780:9725:51f8
2600:9000:225b:e000:19:7d10:bd80:93a1
2a00:1450:4001:803::200a
2a00:1450:4001:830::2003
2a06:98c1:3120::3
34.66.73.214
44.199.151.202
44.237.70.166
52.203.10.41
54.186.23.98
0bfba3c3fd364f0ddfaa9ace74f3fa25df63ac491e541b8e342195d51a52afd4
0fe02f62f7609cef88ad3183a29e22e6e7b91ab5dcfaa60ec1afdb6c2adb5cb7
1a8801f74944da680c1a1b7837ddfdce93d2022e8972b437a949f1a66ba0109d
2b7265fb8e98286a6e61d73e4278df35c0e911db1e8a94c82836d0b21088125b
2deb95ef88cf7806b256a593b9d984b3f6015f9e3d3623da948a499e570be835
331215b2d754c35f93a1868c74124b059095b34b1b49625c9bf149a0e8a19518
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
3b272e43c528bdb75ea6aacc0fdd09ce62573a3849869f7ea80d532de6a8c57d
3c32d161cfee462cdfb38beec0dc3bbe9d111724d93cd3e286aa043bb2b011b3
4ca7a2bf57b8f60a37d94646e7e67ffda591d8816c58a054d8ff1cc4103ba902
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
66a4e2b283fdd7f741f768185a427d4358582b27919de28b6eae69adabe2f532
6bbaeca3971834b646b6ac5ef10a82be7f6fccb409950f00d40206db70fe329f
7453f365efcae51a65348be81f1fa623448c5df91843e1d242915c3dbd202064
789066657a624ce038d2023f0cf18b10ea28981632fd3e72e6ec69fbd613d90b
810ec34dabbebed972e1a0a93eb83928d505aeb41e4ab8a8205ae0a18616368e
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
949c8068942542d24ecc09b38a5a732f3cd14c32eff5c7a6f03c7e8c53ea47f2
990151cb10e0ca555e02f771cfdcd347522fbff5a89de93bf8043b3c99d6f03c
9beae50b8ea51cca1e4fe63ceee608977173aeb44a1d1fa6297d93a3e77f5bd8
9ed49fe19b1447dac6d9a319a8b5b7b9e2c53c8a84b24d1195126b8eafdf8b49
a4ce23501f658a336323bd90b52746e73e0ddca6be18651594d169b263db5410
b2abd13aeaa208c5820eedbbf03d2eec6c6702a69255cb1f0809eb358455c710
b2c69d708a8abc8a503d23d344b9eeab2159d0a609d60620a7f6c58212f5b8e0
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c65c5cc8c4671fa42f3d76452be2f573e438aff75ae43eddc9924cb7ee64f9a1
c7682fb89236766d039f9c72f89dca916ef0003a9c43eba22ca9704194c15115
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e13e3921dc321693454c42f7c27b102136ea2d5264b8d6294b47f801cc72cb69
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece27120b58c0646ec50fd3b78f13d0bb73e7f3cbac1fbcb9d04bb2584454533
ef42f4aa8f0b88e6d1cf013c7b79133dc4e036a011a70a25fb3113d7685520f0
f23f3d8556df033713d92367e45c49233cd84a3bc836fe6b59f770b8ff0fa310
f48582eae2169bd5126b907566d7c70af153b9daff643866b5b98fdac29bd5e7
fb6cf50663ee1130f5bd005ef4569175e096afb8f8ec037abce21a5dcea49e8f
fd14ad513302b20c3cfc56ddf50e0cbb6c7b37e90929c09cdc0983215e8d305f

app.vanta.com Open in urlscan Pro 52.203.10.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

91 %HTTPS

43 %IPv6

9 Domains

14 Subdomains

15 IPs

2 Countries

8236 kBTransfer

34233 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.vanta.com Open in urlscan Pro
52.203.10.41 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

91 %
HTTPS

43 %
IPv6

9
Domains

14
Subdomains

15
IPs

2
Countries

8236 kB
Transfer

34233 kB
Size

6
Cookies

47 HTTP transactions
0 data transactions