client.henrikatonder.com Open in urlscan Pro
34.120.230.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://client.henrikatonder.com/
Effective URL:
https://client.henrikatonder.com/login?step=signIn
Submission: On December 09 via automatic, source certstream-suspicious (December 9th 2021, 2:06:15 pm UTC) — Scanned from DE

Summary HTTP 75 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 16 domains to perform 75 HTTP transactions. The main IP is 34.120.230.5, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is client.henrikatonder.com.
TLS certificate: Issued by R3 on December 9th 2021. Valid for: 3 months.

This is the only time client.henrikatonder.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	34.120.230.5 34.120.230.5	15169 (GOOGLE) (GOOGLE)
6	2600:9000:20e... 2600:9000:20eb:7c00:1d:f0ca:c180:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	2600:1f14:179... 2600:1f14:179:3f01:aa87:295c:bd93:5666	16509 (AMAZON-02) (AMAZON-02)
8	13.224.197.80 13.224.197.80	16509 (AMAZON-02) (AMAZON-02)
1	216.24.57.3 216.24.57.3	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
7	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:89f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.194.86 13.224.194.86	16509 (AMAZON-02) (AMAZON-02)
1	108.161.187.71 108.161.187.71	33438 (HIGHWINDS2) (HIGHWINDS2)
1	100.20.244.74 100.20.244.74	16509 (AMAZON-02) (AMAZON-02)
1	54.188.162.134 54.188.162.134	16509 (AMAZON-02) (AMAZON-02)
10	18.216.1.167 18.216.1.167	16509 (AMAZON-02) (AMAZON-02)
2	35.227.225.220 35.227.225.220	15169 (GOOGLE) (GOOGLE)
2	13.224.189.128 13.224.189.128	16509 (AMAZON-02) (AMAZON-02)
2	13.224.189.43 13.224.189.43	16509 (AMAZON-02) (AMAZON-02)
1	34.215.192.98 34.215.192.98	16509 (AMAZON-02) (AMAZON-02)
75	22

4 34.120.230.5 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 5.230.120.34.bc.googleusercontent.com

client.henrikatonder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20eb:7c00:1d:f0ca:c180:21 (United States)

ASN16509 (AMAZON-02, US)

d1oc9bxqq1xq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f14:179:3f01:aa87:295c:bd93:5666 (Boardman, United States)

ASN16509 (AMAZON-02, US)

cognito-identity.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.224.197.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-197-80.fra2.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.24.57.3 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: 216-24-57-3.ip.win.net

static.highlight.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:89f5 (United States)

ASN13335 (CLOUDFLARENET, US)

dummyimage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-86.fra2.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.187.71 (United States)

ASN33438 (HIGHWINDS2, US)

assets.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.20.244.74 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-244-74.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.188.162.134 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-162-134.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.216.1.167 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-216-1-167.us-east-2.compute.amazonaws.com

pub.highlight.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.225.220 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com

track.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-128.fra2.r.cloudfront.net

app-api.joinportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-43.fra2.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.192.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-192-98.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	stripe.com js.stripe.com q.stripe.com r.stripe.com m.stripe.com	197 KB
11	highlight.run static.highlight.run pub.highlight.run	142 KB
8	segment.com cdn.segment.com	84 KB
6	cloudfront.net d1oc9bxqq1xq12.cloudfront.net	817 KB
4	google-analytics.com www.google-analytics.com	20 KB
4	amazonaws.com cognito-identity.us-west-2.amazonaws.com	2 KB
4	henrikatonder.com 1 redirects client.henrikatonder.com	256 KB
3	customer.io assets.customer.io track.customer.io	3 KB
2	stripe.network m.stripe.network	16 KB
2	joinportal.com app-api.joinportal.com	403 B
2	amplitude.com cdn.amplitude.com api.amplitude.com	18 KB
2	googletagmanager.com www.googletagmanager.com	97 KB
1	segment.io api.segment.io	148 B
1	dummyimage.com dummyimage.com	2 KB
1	gstatic.com fonts.gstatic.com	38 KB
1	googleapis.com fonts.googleapis.com	1 KB
75	16

	Domain	Requested by
10	pub.highlight.run	static.highlight.run
9	r.stripe.com	js.stripe.com
8	cdn.segment.com	client.henrikatonder.com cdn.segment.com
7	js.stripe.com	d1oc9bxqq1xq12.cloudfront.net js.stripe.com
6	d1oc9bxqq1xq12.cloudfront.net	client.henrikatonder.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	q.stripe.com	client.henrikatonder.com
4	cognito-identity.us-west-2.amazonaws.com	d1oc9bxqq1xq12.cloudfront.net
4	client.henrikatonder.com	1 redirects client.henrikatonder.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	app-api.joinportal.com	d1oc9bxqq1xq12.cloudfront.net
2	track.customer.io
2	www.googletagmanager.com	client.henrikatonder.com www.googletagmanager.com
1	m.stripe.com	m.stripe.network
1	api.amplitude.com	cdn.amplitude.com
1	api.segment.io	d1oc9bxqq1xq12.cloudfront.net
1	assets.customer.io	cdn.segment.com
1	cdn.amplitude.com	cdn.segment.com
1	dummyimage.com	client.henrikatonder.com static.highlight.run
1	fonts.gstatic.com	fonts.googleapis.com
1	static.highlight.run	d1oc9bxqq1xq12.cloudfront.net
1	fonts.googleapis.com	client.henrikatonder.com
75	22

This site contains no links.

Subject Issuer	Validity	Valid
client.henrikatonder.com R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
cognito-identity.us-west-2.amazonaws.com Amazon	`2021-07-07` - `2022-08-05`	a year	crt.sh
*.segment.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-09`	a year	crt.sh
static.highlight.run Cloudflare Inc RSA CA-2	`2021-07-29` - `2022-07-28`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-10-21` - `2022-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-25` - `2022-05-24`	a year	crt.sh
*.stripe.com DigiCert SHA2 Secure Server CA	`2021-09-08` - `2022-09-07`	a year	crt.sh
cdn.amplitude.com Amazon	`2020-11-18` - `2021-12-17`	a year	crt.sh
*.customer.io R3	`2021-11-30` - `2022-02-28`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2020-02-18` - `2022-02-13`	2 years	crt.sh
pub.highlight.run Amazon	`2021-09-03` - `2022-10-02`	a year	crt.sh
api.customer.io GTS CA 1D4	`2021-11-29` - `2022-02-27`	3 months	crt.sh
joinportal.com Amazon	`2021-10-21` - `2022-11-18`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-02-02`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://client.henrikatonder.com/login?step=signIn
Frame ID: 30F9EC73EA5C8365DF4E625B56EB6C0A
Requests: 45 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-f0d6055a2a4e767d4432101a6e5a5831.html
Frame ID: 7144147AD2AFD93571CED961081C60AB
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: B2B53247A35FCF241F0A2751A7E95ABD
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: AA920E629D194C8ECB012F3AE7D6EF16
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Henrika Tonder

Page URL History Show full URLs

https://client.henrikatonder.com/ HTTP 302
https://client.henrikatonder.com/login?step=signIn Page URL

Page Statistics

75
Requests

96 %
HTTPS

33 %
IPv6

16
Domains

22
Subdomains

22
IPs

2
Countries

1693 kB
Transfer

6151 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://client.henrikatonder.com/ HTTP 302
https://client.henrikatonder.com/login?step=signIn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
client.henrikatonder.com/
Redirect Chain

https://client.henrikatonder.com/
https://client.henrikatonder.com/login?step=signIn

23 KB
23 KB

427ms
427ms

Document
text/html

34.120.230.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://client.henrikatonder.com/login?step=signIn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.230.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.230.120.34.bc.googleusercontent.com
Software: Caddy Qloaked / Express
Resource Hash: 0a08302774c74202e70a7ca27117924d08374f6f397d050456f4752c4585e36a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Thu, 09 Dec 2021 14:06:08 GMT
etag: W/"5b57-ccnIzgHEBSKzr23ru3N7wdWtZW8"
server: Caddy Qloaked
x-powered-by: Express
x-qloaked-clientip: 185.213.155.176
content-length: 23383

Redirect headers

content-type: text/html; charset=utf-8
date: Thu, 09 Dec 2021 14:06:07 GMT
location: /login?step=signIn
server: Caddy Qloaked
vary: Accept
x-powered-by: Express
x-qloaked-clientip: 185.213.155.176
content-length: 80

GET
H2 200 vendors.02a818ff.chunk.js Show response
d1oc9bxqq1xq12.cloudfront.net/ 3 MB
585 KB 57ms
9ms Script
application/javascript 2600:9000:20eb:7c00:1d:f0ca:c180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oc9bxqq1xq12.cloudfront.net/vendors.02a818ff.chunk.js
Requested by: Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7c00:1d:f0ca:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.0 / Express
Resource Hash: 73cd23ce9a5d363de4b86250d9adeca3ccb6cf8e0789e1d7d70056138db00edc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:35:37 GMT
content-encoding: br
etag: W/"28f41b-17d9b408a70"
last-modified: Wed, 08 Dec 2021 18:13:58 GMT
server: nginx/1.20.0
age: 70231
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: iPQ-uNaed8UpGBcoa0ia_usC0dy2wuQJmWAjNaBh6D5Dk3hNbSqNJQ==

GET
H2 200 client.4ce85f10.js Show response
d1oc9bxqq1xq12.cloudfront.net/ 595 KB
121 KB 70ms
22ms Script
application/javascript 2600:9000:20eb:7c00:1d:f0ca:c180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oc9bxqq1xq12.cloudfront.net/client.4ce85f10.js
Requested by: Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7c00:1d:f0ca:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.0 / Express
Resource Hash: c4834efc070b2b779395d2fb174af096a16e53860130378354d6786c4b073c9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:35:36 GMT
content-encoding: br
etag: W/"94a8f-17d9b408a70"
last-modified: Wed, 08 Dec 2021 18:13:58 GMT
server: nginx/1.20.0
age: 70232
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: zU03URS6H9xeepJUp_3OfwNWINa2zUg1E4UwjGZJM5YJh__x3m8B0g==

GET
H2 200 vendors~article~client-details-page~extensions~files~form-edit~form-response~form-submit~forms~getti~561b7c75.af05e98e.chunk.js Show response
d1oc9bxqq1xq12.cloudfront.net/ 93 KB
28 KB 66ms
18ms Script
application/javascript 2600:9000:20eb:7c00:1d:f0ca:c180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oc9bxqq1xq12.cloudfront.net/vendors~article~client-details-page~extensions~files~form-edit~form-response~form-submit~forms~getti~561b7c75.af05e98e.chunk.js
Requested by: Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7c00:1d:f0ca:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.0 / Express
Resource Hash: e6bd64edcf0c6edde7e2414efb4f8b662bd845fed706b38477643b3a223c8b0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:35:37 GMT
content-encoding: br
etag: W/"173a0-17d9b408a70"
last-modified: Wed, 08 Dec 2021 18:13:58 GMT
server: nginx/1.20.0
age: 70231
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: oeeksDgmDRgd3ZAlppYm1jzUguvq8fBm2uBj90u8an5SfUD8U2gwLQ==

GET
H2 200 vendors~article~client-details-page~extensions~files~form-edit~form-response~form-submit~forms~getti~0c4572da.e9d9d6da.chunk.js Show response
d1oc9bxqq1xq12.cloudfront.net/ 76 KB
20 KB 73ms
26ms Script
application/javascript 2600:9000:20eb:7c00:1d:f0ca:c180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oc9bxqq1xq12.cloudfront.net/vendors~article~client-details-page~extensions~files~form-edit~form-response~form-submit~forms~getti~0c4572da.e9d9d6da.chunk.js
Requested by: Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7c00:1d:f0ca:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.0 / Express
Resource Hash: 66aaf47f2be09b15909744fd9b92587b33433051085082f4f968daa886f21045

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:35:37 GMT
content-encoding: br
etag: W/"130d0-17d9b408a70"
last-modified: Wed, 08 Dec 2021 18:13:58 GMT
server: nginx/1.20.0
age: 70231
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 2R57sHBkvG9ttFdqxapMhmDvGMlqWA8kwV5WMjC_fs0elFQuYtwX2w==

GET
H2 200 vendors~login.c92cb2f1.chunk.js Show response
d1oc9bxqq1xq12.cloudfront.net/ 155 KB
36 KB 74ms
27ms Script
application/javascript 2600:9000:20eb:7c00:1d:f0ca:c180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oc9bxqq1xq12.cloudfront.net/vendors~login.c92cb2f1.chunk.js
Requested by: Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7c00:1d:f0ca:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.0 / Express
Resource Hash: 47aeb8dfb4c7509a5a6e91372f08ef34b5883229b18415a50eea1287cc9c1835

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:35:36 GMT
content-encoding: br
etag: W/"26b10-17d9b408a70"
last-modified: Wed, 08 Dec 2021 18:13:58 GMT
server: nginx/1.20.0
age: 70232
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: tk-pT_jjlM76ejVsdqHOiJnU7mHGv_4QMX8wY0VmpupZSgIlSCfOkw==

GET
H2 200 login.116c1a55.chunk.js Show response
d1oc9bxqq1xq12.cloudfront.net/ 157 KB
27 KB 75ms
29ms Script
application/javascript 2600:9000:20eb:7c00:1d:f0ca:c180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oc9bxqq1xq12.cloudfront.net/login.116c1a55.chunk.js
Requested by: Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7c00:1d:f0ca:c180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.20.0 / Express
Resource Hash: a02149fdbaec0e8f20a1aed005955a1b86522357d06c1b57a6d1bb95ae97e079

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 18:35:36 GMT
content-encoding: br
etag: W/"27382-17d9b408a70"
last-modified: Wed, 08 Dec 2021 18:13:58 GMT
server: nginx/1.20.0
age: 70232
x-powered-by: Express
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: KSkBZ02_DhPU9v-PRWZkQ0r4-3C46wuF6Gt2AbJ_bfFDvChvMkkIMQ==

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 134ms
48ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:300,400,500,600,700,800,900&display=swap

Requested by

Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2c5ae2b849aaa6d57725431ce79c24c4636c2d6c2937308862b024d3b5501ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 14:06:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 09 Dec 2021 14:06:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 Dec 2021 14:06:08 GMT

GET
H2 200 overrides.css
client.henrikatonder.com/styles/ 1 KB
2 KB 190ms
189ms Stylesheet
text/css 34.120.230.5
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://client.henrikatonder.com/styles/overrides.css
Requested by: Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.230.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.230.120.34.bc.googleusercontent.com
Software: Caddy, Qloaked / Express
Resource Hash: 2d03868ef2caefd67a61696e2f68d9c26522bc49c9fb999e712982dbf2d9d1ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/login?step=signIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 14:06:08 GMT
last-modified: Wed, 08 Dec 2021 18:03:25 GMT
server: Caddy, Qloaked
x-powered-by: Express
etag: W/"5dc-17d9b36e1c8"
content-type: text/css; charset=UTF-8
x-qloaked-clientip: 185.213.155.176
accept-ranges: bytes
content-length: 1500

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 264ms
66ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-125597201-2

Requested by

Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59e1a1b981db5e4e8d86e522dab8832c4e86f64fe416e52d2a7d7f7efbf16f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 14:06:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37124
x-xss-protection: 0
expires: Thu, 09 Dec 2021 14:06:08 GMT

OPTIONS
H2 200 /
cognito-identity.us-west-2.amazonaws.com/ Frame 0
0 526ms
169ms Preflight 2600:1f14:179:3f01:aa87:295c:bd93:5666
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cognito-identity.us-west-2.amazonaws.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:179:3f01:aa87:295c:bd93:5666 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
Origin: https://client.henrikatonder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
content-length: 0
x-amzn-requestid: b67b19b9-8e23-47dd-8e7c-6a0f63132dec
access-control-allow-origin: *
access-control-allow-headers: amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
access-control-allow-methods: POST
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/F6s3JUgKSNX63ueUJmrAABhbtROuY7kD/ 89 KB
24 KB 751ms
609ms Script
text/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/F6s3JUgKSNX63ueUJmrAABhbtROuY7kD/analytics.min.js
Requested by: Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ca0ba6aba44c2f21a57563a70ddf127c9f20b0151a3e81a7d01b8e33ba53339

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: T.4WEcOJ8D1w1NfBVLwOlbK1QW1zyeZr
content-encoding: br
etag: W/"8911091a273967bde75afbdceb32d428"
x-amz-cf-pop: FRA2-C1
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 17 Nov 2021 18:36:25 GMT
server: AmazonS3
date: Thu, 09 Dec 2021 14:06:10 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: CWO9mCONMP-t5FvC2Y-6BPQuw6NBR_ZnDulqBjwrMf3EjXjZizJhNg==

GET
H2 200 index.js Show response
static.highlight.run/ 636 KB
141 KB 795ms
710ms Script
text/javascript 216.24.57.3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.highlight.run/index.js?912

Requested by

Host: d1oc9bxqq1xq12.cloudfront.net
URL: https://d1oc9bxqq1xq12.cloudfront.net/vendors.02a818ff.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.24.57.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

216-24-57-3.ip.win.net

Software

cloudflare /

Resource Hash

cc67f4eae8de450588684ae9b2d1b2abc9d77eee5dc4ad78f58bdef64c86a7b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
age: 0
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 143452
x-served-by: cache-fra19125-FRA
last-modified: Thu, 09 Dec 2021 03:35:08 UTC
server: cloudflare
x-timer: S1639058769.032434,VS0,VE670
etag: "f76075cde133e4156eddd11e05e1a77f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=0, s-maxage=300
accept-ranges: bytes
cf-ray: 6baecada4cc06964-FRA
x-cache-hits: 0

GET
H2 200 v3 Show response
js.stripe.com/ 268 KB
65 KB 52ms
6ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: d1oc9bxqq1xq12.cloudfront.net
URL: https://d1oc9bxqq1xq12.cloudfront.net/vendors.02a818ff.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0897c0aafa10feb29e1861ecfe3ffe46cfabafd33e018e66f4a0bed9f3049045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 50
x-cache: HIT
content-length: 65805
etag: "80c3f61e18b6c5a85c076f0f0194d565"
x-request-id: e2e92fb0-fc4c-4416-9c04-3c6bfbd209f7
x-served-by: cache-hhn4023-HHN
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 16:41:43 GMT
server: Fastly
date: Thu, 09 Dec 2021 14:06:08 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 73

GET
H2 200 auth_image.png
client.henrikatonder.com/images/ 230 KB
231 KB 192ms
191ms Image
image/png 34.120.230.5
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://client.henrikatonder.com/images/auth_image.png
Requested by: Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.230.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 5.230.120.34.bc.googleusercontent.com
Software: Caddy, Qloaked / Express
Resource Hash: 834e21b741700105f2cddc126d68061c79721f4c6eb9aac41ac983810460cf2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/login?step=signIn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
last-modified: Wed, 08 Dec 2021 18:03:25 GMT
server: Caddy, Qloaked
x-powered-by: Express
etag: W/"3998e-17d9b36e1c8"
content-type: image/png
x-qloaked-clientip: 185.213.155.176
accept-ranges: bytes
content-length: 235918

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ 37 KB
38 KB 126ms
42ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:300,400,500,600,700,800,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://client.henrikatonder.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 03:57:25 GMT
x-content-type-options: nosniff
age: 209324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37780
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 17:59:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 07 Dec 2022 03:57:25 GMT

GET
H2 200 000000.png&text=H
dummyimage.com/512/ffffff/ 629 B
2 KB 204ms
174ms Image
image/png 2606:4700:3032::ac43:89f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dummyimage.com/512/ffffff/000000.png&text=H

Requested by

Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:89f5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WordOps

Resource Hash

ebd2ac11dcb1170f2619f0b448532df334c296c2758f177b309d71ba4fbe6d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: WordOps
cf-ray: 6baecada888d4309-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 629
x-xss-protection: 1; mode=block
referrer-policy: no-referrer, strict-origin-when-cross-origin
last-modified: Thu, 09 Dec 2021 14:04:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrQ%2F%2BsROahihBPfL4SGUmyXWRvtjrGJc8Zqpd2k6QCIu5wwWpERv%2FnRZSBdj0qPlVigyJlnzr6eDAaSsf7uV2%2BAOvaWKeJJBR5ZpuO0Vh03b3uyLnnqYBwFZTXmgMGCEgXBK4cNceRz1QgSXhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=7776000
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Wed, 09 Mar 2022 14:04:39 GMT

POST
H2 200 / Show response
cognito-identity.us-west-2.amazonaws.com/ 63 B
271 B 177ms
177ms Fetch
application/x-amz-json-1.1 2600:1f14:179:3f01:aa87:295c:bd93:5666
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cognito-identity.us-west-2.amazonaws.com/
Requested by: Host: d1oc9bxqq1xq12.cloudfront.net
URL: https://d1oc9bxqq1xq12.cloudfront.net/vendors.02a818ff.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:179:3f01:aa87:295c:bd93:5666 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 90b9c65db685b23d14b5fc7de5cc92ed675490d29d855ea44c03c01ec8f4579a

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/x-amz-json-1.1
amz-sdk-invocation-id: 10aa988f-bc99-4390-b5fe-780439eba17d
Referer: https://client.henrikatonder.com/
amz-sdk-request: attempt=1; max=3
x-amz-target: AWSCognitoIdentityService.GetId
x-amz-user-agent: aws-sdk-js-v3-@aws-sdk/client-cognito-identity/1.0.0-gamma.8 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 aws-amplify/3.6.0 js

Response headers

access-control-allow-origin: *
date: Thu, 09 Dec 2021 14:06:09 GMT
content-type: application/x-amz-json-1.1
x-amzn-requestid: 41e00821-cbdf-4e90-ac57-447048e2349e
content-length: 63
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date

GET
BLOB 200
OK f803a04d-8b21-4528-80cc-8b40afe22cfb
https://client.henrikatonder.com/ 12 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://client.henrikatonder.com/f803a04d-8b21-4528-80cc-8b40afe22cfb
Requested by: Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7564304b9694e33ed0c8e8def8fa2318fef866ca88870dfad88f23f2584b7728

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 12749
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7MLHNJPJ2T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125597201-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ff891d95412079eb007b7e3359b115868dc3ba8ae3fc46db4b466f9746026f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61803
x-xss-protection: 0
expires: Thu, 09 Dec 2021 14:06:09 GMT

GET
H2 200 controller-f0d6055a2a4e767d4432101a6e5a5831.html Show response
js.stripe.com/v3/ Frame 7144 349 B
598 B 7ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-f0d6055a2a4e767d4432101a6e5a5831.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e8b46f05df61667f1aff6786272b1acc6e4da2802ee32c2fc152f0b055dca84c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/

Response headers

last-modified: Wed, 08 Dec 2021 16:22:11 GMT
etag: "f0d6055a2a4e767d4432101a6e5a5831"
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 09 Dec 2021 14:06:09 GMT
via: 1.1 varnish
age: 22
x-request-id: 2a03c6e6-c65e-4bec-9809-e989c3e8dafd
x-served-by: cache-hhn4023-HHN
x-cache: HIT
x-cache-hits: 6
vary: Accept-Encoding
timing-allow-origin: *
cache-control: max-age=60
content-length: 166

POST
H2 200 csp-report
q.stripe.com/ Frame 7144 0
347 B 523ms
170ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 2
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 shared-0df1c29f796802f0311bdd9069a60497.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7144 197 KB
49 KB 13ms
12ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-0df1c29f796802f0311bdd9069a60497.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-f0d6055a2a4e767d4432101a6e5a5831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6dae59a0b7258a02686ffa048c835e6386211b233aff2eaf44171ce669bf440b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-f0d6055a2a4e767d4432101a6e5a5831.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 4
x-cache: HIT
content-length: 49603
etag: "39ef7fe79c4cf86bad219ad48b4bc7c2"
x-request-id: 02195252-47f3-4871-945c-f37230894bf2
x-served-by: cache-hhn4023-HHN
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 16:22:12 GMT
server: Fastly
date: Thu, 09 Dec 2021 14:06:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 controller-9c6bc7408e3409c8ce7e9e3eab9da5f4.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7144 308 KB
78 KB 7ms
7ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-9c6bc7408e3409c8ce7e9e3eab9da5f4.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-f0d6055a2a4e767d4432101a6e5a5831.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ea7107fa8e62ff2c27d692f6dac45c546f5df01cdbe9a977ab590b013b3decf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-f0d6055a2a4e767d4432101a6e5a5831.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 107
x-cache: HIT
content-length: 80052
etag: "3cc4c190a5a14b2680fa9b0502c0bba6"
x-request-id: 18948cdf-bd3f-4689-95f1-5d764f301c15
x-served-by: cache-hhn4023-HHN
access-control-allow-origin: *
last-modified: Wed, 08 Dec 2021 16:22:12 GMT
server: Fastly
date: Thu, 09 Dec 2021 14:06:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 55

POST
H2 200 0 Show response
r.stripe.com/ Frame 7144 0
213 B 684ms
334ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df1c29f796802f0311bdd9069a60497.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7144 0
213 B 680ms
334ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df1c29f796802f0311bdd9069a60497.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7144 0
214 B 679ms
333ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df1c29f796802f0311bdd9069a60497.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7144 0
213 B 680ms
335ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df1c29f796802f0311bdd9069a60497.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7144 0
213 B 678ms
334ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df1c29f796802f0311bdd9069a60497.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7144 0
213 B 680ms
336ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df1c29f796802f0311bdd9069a60497.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7144 0
213 B 680ms
337ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df1c29f796802f0311bdd9069a60497.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 7144 0
213 B 680ms
337ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df1c29f796802f0311bdd9069a60497.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
177 B 170ms
85ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7MLHNJPJ2T&gtm=2oec10&_p=1526819331&sr=1600x1200&ul=en-us&cid=896732376.1639058769&_s=1&dl=https%3A%2F%2Fclient.henrikatonder.com%2Flogin%3Fstep%3DsignIn&dt=Henrika%20Tonder&sid=1639058769&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7MLHNJPJ2T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://client.henrikatonder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 14:06:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.henrikatonder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
41ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125597201-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1871
date: Thu, 09 Dec 2021 13:34:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 09 Dec 2021 15:34:58 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 88ms
43ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1526819331&t=pageview&_s=1&dl=https%3A%2F%2Fclient.henrikatonder.com%2Flogin%3Fstep%3DsignIn&ul=en-us&de=UTF-8&dt=Henrika%20Tonder&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=206794247&gjid=487952339&cid=896732376.1639058769&tid=UA-125597201-2&_gid=2015660289.1639058769&_r=1&gtm=2ouc10&z=632306709

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://client.henrikatonder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 14:06:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.henrikatonder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/F6s3JUgKSNX63ueUJmrAABhbtROuY7kD/ 3 KB
2 KB 28ms
12ms XHR
application/json 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/F6s3JUgKSNX63ueUJmrAABhbtROuY7kD/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/F6s3JUgKSNX63ueUJmrAABhbtROuY7kD/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29bce324859cde09b10a2f1717bf5d30c3c43c7d9a4a4e130d81f62e41fdb2ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: QMz489.qdEJSLvb0FXTnzCui75r.lQ1W
content-encoding: br
etag: W/"ca78196ac08571859198809326ca5c15"
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 02 Nov 2021 16:36:46 GMT
server: AmazonS3
date: Thu, 09 Dec 2021 14:06:09 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control: public, max-age=10800
x-amz-cf-id: EV9VSU4VTFqZoSbwpQdK_ME83z0yTCbShjC583vD0VJpnEQwiMDxcA==

GET
H2 200 130.bundle.55742ac9337d9e12bdd6.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 7ms
7ms Script
application/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/130.bundle.55742ac9337d9e12bdd6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/F6s3JUgKSNX63ueUJmrAABhbtROuY7kD/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98cfbc4941d976520dde0a548b87b499e1c0454f9bc38aeb581b9e13b1e219a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:50:07 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3496563
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 23:16:36 GMT
server: AmazonS3
etag: W/"c32e07e36ae390e42c9cea85fcb9bb33"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: UvSxvdHgsDlPO8OsHFG8aObTtbAtOVjt
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: 5R-XqpUDHpcItBZV7zaXFuBnEw7ixSh8NmLcZiKxas6McORehP67xw==

GET
H2 200 ajs-destination.bundle.36b90a11867ae217be52.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 8ms
8ms Script
application/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.36b90a11867ae217be52.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/F6s3JUgKSNX63ueUJmrAABhbtROuY7kD/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4397a57f8357b3b0371c6df32a62b87eaa43218c42fa538fb34980bfb0b20a78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:50:07 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3496563
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 29 Oct 2021 23:16:36 GMT
server: AmazonS3
etag: W/"605f393e8c3fbadf09528d469743232e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: FjBsbHA.8FN2h5.3COmnYMKZvuK7a99Y
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: 2PzFNAtPDNO9o5WJY73bQudtrrNE8jSgY3p5IxK1ka14RyHqlpDtrg==

GET
H2 200 customerio.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/customerio/2.2.3/ 3 KB
2 KB 12ms
8ms Script
application/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/customerio/2.2.3/customerio.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/F6s3JUgKSNX63ueUJmrAABhbtROuY7kD/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17141bd76f59e71ae5cb0d6948a08ed8d2de3070da130069289b516717342aab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 23:23:16 GMT
content-encoding: gzip
age: 6014574
x-cache: Hit from cloudfront
content-length: 1477
access-control-allow-origin: *
last-modified: Tue, 28 Sep 2021 23:16:38 GMT
server: AmazonS3
etag: "3c70590cd646cf14363d6c714c214145"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: bVE7oZTiorIsOCFZp7z20WNjX8EqcW3P
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: mczY5MF47XtiGf-4kgmpnoFo4xznCUZN0sKZmSxKpcDNqsHkg4r0vQ==

GET
H2 200 amplitude.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/ 9 KB
4 KB 8ms
7ms Script
application/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/amplitude/3.3.3/amplitude.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/F6s3JUgKSNX63ueUJmrAABhbtROuY7kD/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fdf49508346acd9ea140cd09bce9dfde1e2c7ba5527d96ad6f15c65cafe63de1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 06:56:11 GMT
content-encoding: gzip
age: 3222599
x-cache: Hit from cloudfront
content-length: 3183
access-control-allow-origin: *
last-modified: Tue, 26 Oct 2021 16:57:51 GMT
server: AmazonS3
etag: "d83179c25dde0340502b9078dff72c63"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: e47gq4UifuVv9l8b.Ud1MiVx8EOBn8_n
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: XzbNB3AcfDDpqaFU1d8IH8L4Vaq_Bjo8htN9jEIo-42ZwrDTRiChgg==

GET
H2 200 commons.54701049fd6fb8497e9e.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 8ms
8ms Script
application/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/F6s3JUgKSNX63ueUJmrAABhbtROuY7kD/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 20:15:27 GMT
content-encoding: gzip
age: 755443
x-cache: Hit from cloudfront
content-length: 22174
access-control-allow-origin: *
last-modified: Mon, 22 Nov 2021 18:20:53 GMT
server: AmazonS3
etag: "7741fd16ad2418cd17ab981f8207b106"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: Nv59DlQr8i3j.fsaRICt.2vwrMylALgO
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 1nOdEY0-ZvRXkoKS1CbsrOA9pR_ZnxPyLb6vs30ZQG4H3S2TS6KpRg==

GET
H2 200 commons.3495c86769f191d6894f.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 11ms
11ms Script
application/javascript 13.224.197.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/F6s3JUgKSNX63ueUJmrAABhbtROuY7kD/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.197.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-197-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b5e884ac6bca471440d62a21038e1b0342c4bc6e840388256b5f4137c2e666e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:50:32 GMT
content-encoding: gzip
age: 7884937
x-cache: Hit from cloudfront
content-length: 22175
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 21:35:44 GMT
server: AmazonS3
etag: "97bdd3686696ee0e0f60bfaaa6b5693b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: ycGBqmRQJe7ubt596zlSYLfgMdBxARsQ
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: uOUA-G1Ql87YUma-F6ZArdB2omwJMA2sJO14_of_DIqHUWxhwR4Bfw==

GET
H2 200 amplitude-5.2.2-min.gz.js Show response
cdn.amplitude.com/libs/ 54 KB
18 KB 38ms
9ms Script
application/javascript 13.224.194.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-86.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 26 Jan 2021 01:09:14 GMT
content-encoding: gzip
age: 27435416
x-cache: Hit from cloudfront
content-length: 17889
access-control-allow-origin: *
last-modified: Mon, 21 Oct 2019 15:45:34 GMT
server: AmazonS3
etag: "b568e7b3c9d94da6a1d4845b18400f7a"
x-amz-version-id: aZB1RIRJqET7nosqRtOBVideRuh0jIV6
via: 1.1 0f538ee832e1105649039b38ce89e883.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: gKOgj8d8tyACWyxv57JhRNYFmKbrVSYcUHpFCHsXHWVxMrlQ7XjtGA==

GET
H2 200 track.js Show response
assets.customer.io/assets/ 5 KB
2 KB 36ms
6ms Script
application/javascript 108.161.187.71
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.customer.io/assets/track.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.3495c86769f191d6894f.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.187.71 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 765618d1667ba791f2d492d121d2da42ff7d7e079a4773462a381ac9aceab0c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 23:16:41 GMT
server: NetDNA-cache/2.2
x-amz-request-id: NH119HREX5VTBDTH
etag: W/"15e89eedddf82c193d5c3574b756f5a7"
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-amz-id-2: B4XwPBze765k/3P8u5HBZrKja0Yuc1v1JRkJbPmHH4YUrM116HroptRCn0oJqfMXlVthzkAkmSM=

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
148 B 511ms
168ms Fetch
application/json 100.20.244.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/p
Requested by: Host: d1oc9bxqq1xq12.cloudfront.net
URL: https://d1oc9bxqq1xq12.cloudfront.net/vendors.02a818ff.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.20.244.74 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-244-74.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://client.henrikatonder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://client.henrikatonder.com
date: Thu, 09 Dec 2021 14:06:09 GMT
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 / Show response
api.amplitude.com/ 7 B
168 B 535ms
191ms XHR
text/html 54.188.162.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.188.162.134 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-188-162-134.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://client.henrikatonder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 09 Dec 2021 14:06:10 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H2 200 / Show response
cognito-identity.us-west-2.amazonaws.com/ 2 KB
2 KB 203ms
203ms Fetch
application/x-amz-json-1.1 2600:1f14:179:3f01:aa87:295c:bd93:5666
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cognito-identity.us-west-2.amazonaws.com/
Requested by: Host: d1oc9bxqq1xq12.cloudfront.net
URL: https://d1oc9bxqq1xq12.cloudfront.net/vendors.02a818ff.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:179:3f01:aa87:295c:bd93:5666 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c5f2942327bfe6adf6581c99625664ba01625834ca7341d695c00ecf7ec00a65

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/x-amz-json-1.1
amz-sdk-invocation-id: a919fc70-817a-451a-8d0f-c944e41eefe2
Referer: https://client.henrikatonder.com/
amz-sdk-request: attempt=1; max=3
x-amz-target: AWSCognitoIdentityService.GetCredentialsForIdentity
x-amz-user-agent: aws-sdk-js-v3-@aws-sdk/client-cognito-identity/1.0.0-gamma.8 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 aws-amplify/3.6.0 js

Response headers

access-control-allow-origin: *
date: Thu, 09 Dec 2021 14:06:10 GMT
content-type: application/x-amz-json-1.1
x-amzn-requestid: c56846e0-ab58-4f8e-9781-aa5d9e7d53e8
content-length: 1783
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date

OPTIONS
H2 200 /
cognito-identity.us-west-2.amazonaws.com/ Frame 0
0 168ms
168ms Preflight 2600:1f14:179:3f01:aa87:295c:bd93:5666
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cognito-identity.us-west-2.amazonaws.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:179:3f01:aa87:295c:bd93:5666 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
Origin: https://client.henrikatonder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 09 Dec 2021 14:06:09 GMT
content-length: 0
x-amzn-requestid: c959e84c-83b4-4627-ae29-73df4b5dfe6e
access-control-allow-origin: *
access-control-allow-headers: amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
access-control-allow-methods: POST
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800

OPTIONS
H2 200 /
pub.highlight.run/ Frame 0
0 357ms
109ms Preflight 18.216.1.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.highlight.run/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.1.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-1-167.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://client.henrikatonder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 09 Dec 2021 14:06:10 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://client.henrikatonder.com
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 / Show response
pub.highlight.run/ 131 B
280 B 275ms
275ms XHR
application/json 18.216.1.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.highlight.run/
Requested by: Host: static.highlight.run
URL: https://static.highlight.run/index.js?912
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.1.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-1-167.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: c8a9ad515d1585b716996cfc0d05c41ce6322b24205ae967cfd7e818b0e1fffb

Request headers

Referer: https://client.henrikatonder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://client.henrikatonder.com
date: Thu, 09 Dec 2021 14:06:10 GMT
content-encoding: br
access-control-allow-credentials: true
content-length: 103
vary: Accept-Encoding
content-type: application/json

GET
H2 200 m-outer-f7902241893e7a497417843cb15dc858.html Show response
js.stripe.com/v3/ Frame B2B5 240 B
673 B 15ms
14ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/

Response headers

last-modified: Wed, 27 Oct 2021 22:19:31 GMT
etag: "f7902241893e7a497417843cb15dc858"
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Thu, 09 Dec 2021 14:06:10 GMT
via: 1.1 varnish
age: 36
x-request-id: 40323b69-5640-47b6-a5fd-0cde500b9a9f
x-served-by: cache-hhn4023-HHN
x-cache: HIT
x-cache-hits: 103
vary: Accept-Encoding
timing-allow-origin: *
cache-control: max-age=60
content-length: 141

GET
H2 200 page.gif
track.customer.io/events/ 35 B
210 B 165ms
113ms Image
image/gif 35.227.225.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/page.gif?name=https%3A%2F%2Fclient.henrikatonder.com%2Flogin%3Fstep%3DsignIn&data%5Bstep%5D=signIn&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=5ee08af1-1769-45d5-9f87-820af0c9e143&site_id=5330afb02fcf2101b545&timestamp=1639058770086
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 14:06:10 GMT
via: 1.1 google
access-control-allow-origin: *
content-type: image/gif
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
content-disposition: attachment
alt-svc: clear
content-length: 35

GET
H2 200 page.gif
track.customer.io/events/ 35 B
97 B 167ms
116ms Image
image/gif 35.227.225.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/page.gif?name=https%3A%2F%2Fclient.henrikatonder.com%2Flogin%3Fstep%3DsignIn&data%5Bstep%5D=signIn&data%5Bpath%5D=%2Flogin&data%5Breferrer%5D=&data%5Bsearch%5D=%3Fstep%3DsignIn&data%5Btitle%5D=Henrika+Tonder&data%5Burl%5D=https%3A%2F%2Fclient.henrikatonder.com%2Flogin%3Fstep%3DsignIn&c=&s=5ee08af1-1769-45d5-9f87-820af0c9e143&site_id=5330afb02fcf2101b545&timestamp=1639058770087
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 09 Dec 2021 14:06:10 GMT
via: 1.1 google
access-control-allow-origin: *
content-type: image/gif
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
content-disposition: attachment
alt-svc: clear
content-length: 35

POST
H2 200 0 Show response
r.stripe.com/ Frame 7144 0
213 B 170ms
170ms XHR
application/octet-stream 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://r.stripe.com/0

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-0df1c29f796802f0311bdd9069a60497.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Dec 2021 14:06:10 GMT
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/octet-stream;charset=utf-8
access-control-allow-origin: https://js.stripe.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B2B5 0
346 B 180ms
180ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://q.stripe.com/csp-report
Requested by: Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://js.stripe.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 09 Dec 2021 14:06:10 GMT
server: nginx
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
x-envoy-upstream-service-time: 7
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length: 0

GET
H2 200 plan Show response
app-api.joinportal.com/portal/any/ 28 B
403 B 718ms
718ms XHR
application/json 13.224.189.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-api.joinportal.com/portal/any/plan
Requested by: Host: d1oc9bxqq1xq12.cloudfront.net
URL: https://d1oc9bxqq1xq12.cloudfront.net/vendors.02a818ff.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-128.fra2.r.cloudfront.net
Software: /
Resource Hash: f83bc4d226597a6e70e7a628027448c22765eb0de80a7c4ea2acbda1e986c8a8

Request headers

Portal: us-west-2_XEpRiyM7R
Accept-Language: de-DE,de;q=0.9
Authorization: AWS4-HMAC-SHA256 Credential=ASIAQJQGUNGIWBK3J6MZ/20211209/us-west-2/execute-api/aws4_request, SignedHeaders=host;portal;x-amz-date;x-amz-security-token, Signature=1bd07d9042edae6e44d864c30c9c44d6953a3e87db880728f58c7f52c487de7c
Accept: application/json, text/plain, */*
X-Amz-Security-Token: IQoJb3JpZ2luX2VjEP7//////////wEaCXVzLXdlc3QtMiJHMEUCIGwso2oiMSnb1tj8i/Z8bzFIzxIBchF7t0MGAzhLeM69AiEA3TYm1BFLfThLNxHemFeThXfCef5VmDye/m5zrOeN3YIqmgYI1///////////ARAFGgwwMjA0MTUwMTUzMTMiDIB1DQy+ZRQnY42PQSruBVFwNFYo6N57ahgyl4eKpduzsBqivEbLrvpWhyJOirF+pttKIvvFPB11T8+8zbeSi2+RAniwtG/PxjQc+fRXJisq4CBxTrq0Q7wn8f0M5YJd7jdNDs3mM5D6xb2EQltx79naKmUjQaABwW7ikMhlJbzCguS+YiaQkgWyaOFYomL3eOSNMadubd5i+C95KWD/qiz+dSEOHrD6g4KkevBnFBrCXK1LUMSC1CxVC2XGYh06lRdjf8hcmnACOVDrur45WLWI/y5j72u13Vt+57ZUwqx5DcKuXCH62gDdwid9miy5cvHJiOjPwpm5vc0VfcczSPHJpdF6ZezplFSLym5dLmbmMI26p9eRGQqE8b/VQ9wpe4RAJQsDfEzH8CejxYfJVulMeo+x2qXlBYrujAQ7Y0baiM3TrOIY38TX5fSGvhE9/dt/VsaCMeO9aQkU+0DqdB8nmFP2ONGpTC0TDYuDwgLwT+gf5vHqNi780NDeTD04yO55vfAbgl5HJ7wKsURoWP40/Ejn/MdV/+piIGY5zd2Ktm2+8D7TqhrUt5zGEh4uUtM4zCKvaR5mFRXQDwBKYPErrgDjCqlVOETpmpPyRXO5Uc/zzyw/XYLCq28IspJHZd6hbhAxv70LTSBETEgTak9tMEtGUI3aAlsOCb2yCMo+Yx61I2YW1bzgEZxRUaz1Cw0m6b6sJyzsOHjva0MwAt1pAgHrw/XdzpqPLV4XZuFPdXsfZ0wUptat1Vg8bj/2kW9oG12ETYQ5AKWdfk9Ey8mQJ3HMbsnJ340UKBYiJSwblUVCjufXKEQxLXo6zd4CwEox+Qu+/BPHUYeFfdDD3Bnw4z97iW6b/52u33aP2QHw3/NSKXolhj0HBH98RI65OLOlXa8p5w8McNx5OngTYRiDceGDnnwnH6iobE0lpBjXlMBF2BrrZyk3cgtqCgxINp23BPWQDMoAKwb9g5yUGZLlZlK7jub55Ui4/jdccX5LUJdBppgPr85I+IlFCTDSmsiNBjqHAifL1uVmubk6AEffypdeZ+mIcoVvCTvHyTzrED45leZE9YtoorPNh1YQs5BMNNfTZhZMz8NniO65349dGisRwLqnCQMkU87sEKdXcCDRHwPVIQwY2V/w0tcx4uN0V8RTaV8Akvo39v48q5cfzZjz+mg3Nju2sa2eqSj05dAQNuRuLqZohB5loHo3WbL9USgGPilsiwQvYy7+ORe0YOhROKGq5TsJGbSYmNRLZsk3vtc2lGuGFD2Iqh49x+21sqE0WehoPRDnMwyKH/mIBKr1ulR3lzf4xQ8oqkAfYWQm3TZY8i6THveogw8ZpsX2IkQursWtJUcZJrLxienz6XPOv3eV1mLIBw8V
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Referer: https://client.henrikatonder.com/
x-amz-date: 20211209T140610Z

Response headers

date: Thu, 09 Dec 2021 14:06:11 GMT
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 0aef6064-1f17-4c36-aa65-cef7942e0f34
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61b20d52-76779c66291b797f05eff06c;Sampled=0
x-amz-apigw-id: KFcE_GdxPHcFcww=
content-length: 28
x-amz-cf-id: MFXLSpoJysmq1niQWNi3eSGvtirCrQhpty-DnD0iGWJmI4QtgC-_RQ==

OPTIONS
H2 200 plan
app-api.joinportal.com/portal/any/ Frame 0
0 483ms
447ms Preflight
application/json 13.224.189.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-api.joinportal.com/portal/any/plan
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-128.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,portal,x-amz-date,x-amz-security-token
Origin: https://client.henrikatonder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Thu, 09 Dec 2021 14:06:10 GMT
x-amzn-requestid: 2ed92812-6b03-4821-8d82-8cf5557d0b8f
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,Portal
x-amz-apigw-id: KFcE7EF5PHcF3Tw=
access-control-allow-methods: OPTIONS,DELETE,GET,HEAD,PATCH,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: FVGpeuIH9oEvqKguVLjbcwrMZBICIYbsa6jnFf4XuR-h2gAcSgJLDg==

GET
H2 200 m-outer-639174098ea8fe7fede6fa654790e8ec.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B2B5 1 KB
801 B 53ms
52ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 17
x-cache: HIT
content-length: 645
etag: "5213886b88cd72e6d0aebc89868e5d13"
x-request-id: 15494df5-004f-4791-b0aa-17f3f544d4ab
x-served-by: cache-hhn4023-HHN
access-control-allow-origin: *
last-modified: Mon, 25 Oct 2021 19:35:20 GMT
server: Fastly
date: Thu, 09 Dec 2021 14:06:10 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 50

GET
H2 200 inner.html Show response
m.stripe.network/ Frame AA92 932 B
2 KB 49ms
9ms Document
text/html 13.224.189.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-43.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 932
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
accept-ranges: bytes
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
x-content-type-options: nosniff
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy: connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
date: Thu, 09 Dec 2021 14:06:10 GMT
cache-control: max-age=300, public
etag: "f6254e6dd0cb06228801a1c8baf0939f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Gq1lcZ0jTLm9l3tAhHzy3mE6z0UwWoprc0Rp92lk_2yYD2_Dqdj8cg==

POST
H2 200 csp-report
q.stripe.com/ Frame AA92 0
120 B 172ms
171ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 09 Dec 2021 14:06:10 GMT
x-envoy-upstream-service-time: 4
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

POST
H2 200 csp-report
q.stripe.com/ Frame AA92 0
120 B 170ms
170ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: client.henrikatonder.com
URL: https://client.henrikatonder.com/login?step=signIn

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 09 Dec 2021 14:06:10 GMT
x-envoy-upstream-service-time: 2
server: nginx
content-length: 0
strict-transport-security: max-age=31556926; includeSubDomains; preload

GET
H2 200 out-4.5.41.js Show response
m.stripe.network/ Frame AA92 85 KB
14 KB 9ms
9ms Script
text/javascript 13.224.189.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.41.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-43.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 13
x-cache: Hit from cloudfront
date: Thu, 09 Dec 2021 14:05:58 GMT
last-modified: Thu, 04 Nov 2021 19:04:57 GMT
server: Cloudfront
etag: W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: FRA2-C1
timing-allow-origin: *
x-amz-cf-id: eDghESnDhQg8TD7N85RqWRK04m1vm4bO5rplFqoVjVtv8dD_lD6iow==

POST
H2 200 6 Show response
m.stripe.com/ Frame AA92 156 B
523 B 560ms
186ms XHR
application/json 34.215.192.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.192.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-192-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3c73fdc7c9713d7885f2dd81a24a4164ddf4184dcd1adf94efd639d08796bd8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 Dec 2021 14:06:10 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

OPTIONS
H2 200 /
pub.highlight.run/ Frame 0
0 110ms
109ms Preflight 18.216.1.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.highlight.run/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.1.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-1-167.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://client.henrikatonder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 09 Dec 2021 14:06:10 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://client.henrikatonder.com
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 /
pub.highlight.run/ Frame 0
0 110ms
109ms Preflight 18.216.1.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.highlight.run/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.1.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-1-167.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://client.henrikatonder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 09 Dec 2021 14:06:10 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://client.henrikatonder.com
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET 000000.png&text=H
dummyimage.com/512/ffffff/ 0
0

POST
H2 200 / Show response
pub.highlight.run/ 39 B
219 B 129ms
128ms XHR
application/json 18.216.1.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.highlight.run/
Requested by: Host: static.highlight.run
URL: https://static.highlight.run/index.js?912
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.1.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-1-167.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 79bfede4e2fdd9a22b8eed7f12132519f892f1bff85934c30ce1487204e85c45

Request headers

Referer: https://client.henrikatonder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://client.henrikatonder.com
date: Thu, 09 Dec 2021 14:06:10 GMT
content-encoding: br
access-control-allow-credentials: true
content-length: 43
vary: Accept-Encoding
content-type: application/json

POST
H2 200 / Show response
pub.highlight.run/ 44 B
224 B 184ms
184ms XHR
application/json 18.216.1.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.highlight.run/
Requested by: Host: static.highlight.run
URL: https://static.highlight.run/index.js?912
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.1.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-1-167.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 005c77b119d9f55a2924bbd549db2bd28ac85db72ad41952fcb855b19a0fecf8

Request headers

Referer: https://client.henrikatonder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://client.henrikatonder.com
date: Thu, 09 Dec 2021 14:06:10 GMT
content-encoding: br
access-control-allow-credentials: true
content-length: 48
vary: Accept-Encoding
content-type: application/json

POST
H2 200 / Show response
pub.highlight.run/ 35 B
215 B 330ms
221ms XHR
application/json 18.216.1.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.highlight.run/
Requested by: Host: static.highlight.run
URL: https://static.highlight.run/index.js?912
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.1.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-1-167.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 9f23b08de307d49dd5e30732b47ac5c3345f9fa46736360f169168a1cea56bde

Request headers

Referer: https://client.henrikatonder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://client.henrikatonder.com
date: Thu, 09 Dec 2021 14:06:12 GMT
content-encoding: br
access-control-allow-credentials: true
content-length: 39
vary: Accept-Encoding
content-type: application/json

OPTIONS
H2 200 /
pub.highlight.run/ Frame 0
0 110ms
110ms Preflight 18.216.1.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.highlight.run/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.1.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-1-167.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://client.henrikatonder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 09 Dec 2021 14:06:11 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://client.henrikatonder.com
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 / Show response
pub.highlight.run/ 35 B
215 B 110ms
110ms XHR
application/json 18.216.1.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.highlight.run/
Requested by: Host: static.highlight.run
URL: https://static.highlight.run/index.js?912
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.1.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-1-167.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 9f23b08de307d49dd5e30732b47ac5c3345f9fa46736360f169168a1cea56bde

Request headers

Referer: https://client.henrikatonder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://client.henrikatonder.com
date: Thu, 09 Dec 2021 14:06:14 GMT
content-encoding: br
access-control-allow-credentials: true
content-length: 39
vary: Accept-Encoding
content-type: application/json

OPTIONS
H2 200 /
pub.highlight.run/ Frame 0
0 110ms
109ms Preflight 18.216.1.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.highlight.run/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.216.1.167 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-216-1-167.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://client.henrikatonder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 09 Dec 2021 14:06:14 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://client.henrikatonder.com
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 trusted-types-checker-cda1635e27dc416e23614def05f39e01.js Show response
js.stripe.com/v3/fingerprinted/js/ 172 B
270 B 6ms
6ms Script
application/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-cda1635e27dc416e23614def05f39e01.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

95606fd79e5ed034243c781bbfdacc97d7fbc04174981a4a45cd4ad63008afed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://client.henrikatonder.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 60
x-cache: HIT
content-length: 118
etag: "c78a4d54d725874984ae69d553523207"
x-request-id: bd5e6625-c4d8-4355-ac28-173e980ae443
x-served-by: cache-hhn4023-HHN
access-control-allow-origin: *
last-modified: Fri, 05 Nov 2021 21:06:48 GMT
server: Fastly
date: Thu, 09 Dec 2021 14:06:15 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 18

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 44ms
43ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-7MLHNJPJ2T&gtm=2oec10&_p=1526819331&sr=1600x1200&ul=en-us&cid=896732376.1639058769&_s=2&dl=https%3A%2F%2Fclient.henrikatonder.com%2Flogin%3Fstep%3DsignIn&dt=Henrika%20Tonder&sid=1639058769&sct=1&seg=0&en=scroll&_et=879&epn.percent_scrolled=90
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7MLHNJPJ2T&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://client.henrikatonder.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Dec 2021 14:06:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://client.henrikatonder.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST 0
r.stripe.com/ Frame 7144 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dummyimage.com
URL: https://dummyimage.com/512/ffffff/000000.png&text=H

Domain: r.stripe.com
URL: https://r.stripe.com/0

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
client.henrikatonder.com/	1969-12-31 23:59:59	Name: h38v29jajj9dje2bx Value: {"user":{"loaded":false,"loading":false,"updatingAttributes":false,"updatingPayment":false,"updatingSubscription":false,"isUnAuth":false,"data":null,"viewMode":"default","id":"","isClient":true}}
client.henrikatonder.com/	1970-01-19 23:27:43	Name: AWSALB Value: Of0WtejQkfHcfTTdBX2i37KPCxiCYJNVxv/7SaK3xViZfacrtSYWmL/o/7lEQBteKZHnzZjEKSy/JKycRBBYSpmDYP707X5tG1DSgcy5cCHAzbr1BAhSNt2Dlngh
client.henrikatonder.com/	1970-01-19 23:27:43	Name: AWSALBCORS Value: Of0WtejQkfHcfTTdBX2i37KPCxiCYJNVxv/7SaK3xViZfacrtSYWmL/o/7lEQBteKZHnzZjEKSy/JKycRBBYSpmDYP707X5tG1DSgcy5cCHAzbr1BAhSNt2Dlngh
.henrikatonder.com/	1970-01-20 16:48:50	Name: _ga Value: GA1.2.896732376.1639058769
.henrikatonder.com/	1970-01-19 23:19:05	Name: _gid Value: GA1.2.2015660289.1639058769
.henrikatonder.com/	1970-01-19 23:17:38	Name: _gat_gtag_UA_125597201_2 Value: 1
.henrikatonder.com/	1970-01-20 08:03:14	Name: ajs_anonymous_id Value: 5ee08af1-1769-45d5-9f87-820af0c9e143
.henrikatonder.com/	1969-12-31 23:59:59	Name: amplitude_idundefinedhenrikatonder.com Value: eyJvcHRPdXQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGwsImxhc3RFdmVudFRpbWUiOm51bGwsImV2ZW50SWQiOjAsImlkZW50aWZ5SWQiOjAsInNlcXVlbmNlTnVtYmVyIjowfQ==
.henrikatonder.com/	1970-01-23 14:53:38	Name: amplitude_id_2d5541de9068fe227606ac17310e4754henrikatonder.com Value: eyJkZXZpY2VJZCI6IjVjNTVkZWNlLWI2ZjEtNGQ4YS04MjhmLTRjNjYwYmFmZTJmN1IiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTYzOTA1ODc2OTYwOSwibGFzdEV2ZW50VGltZSI6MTYzOTA1ODc2OTYxMSwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjF9
.henrikatonder.com/	1970-01-20 16:48:50	Name: _ga_7MLHNJPJ2T Value: GS1.1.1639058769.1.0.1639058770.0
m.stripe.com/	1970-01-20 16:48:50	Name: m Value: dcea0297-9394-4bf5-8b73-4b93901cc9cd274dc8
.client.henrikatonder.com/	1970-01-20 08:03:14	Name: __stripe_mid Value: 74a025ff-be1b-4b75-9d21-03a3e0e8dcfed39a0c
.client.henrikatonder.com/	1970-01-19 23:17:40	Name: __stripe_sid Value: f4438fe8-5ed2-40ce-b41a-49dfa0ed87cc3d75cc

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
api.segment.io
app-api.joinportal.com
assets.customer.io
cdn.amplitude.com
cdn.segment.com
client.henrikatonder.com
cognito-identity.us-west-2.amazonaws.com
d1oc9bxqq1xq12.cloudfront.net
dummyimage.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
pub.highlight.run
q.stripe.com
r.stripe.com
static.highlight.run
track.customer.io
www.google-analytics.com
www.googletagmanager.com
dummyimage.com
r.stripe.com
100.20.244.74
108.161.187.71
13.224.189.128
13.224.189.43
13.224.194.86
13.224.197.80
151.101.128.176
18.216.1.167
216.24.57.3
2600:1f14:179:3f01:aa87:295c:bd93:5666
2600:9000:20eb:7c00:1d:f0ca:c180:21
2606:4700:3032::ac43:89f5
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
34.120.230.5
34.215.192.98
35.227.225.220
54.187.119.242
54.188.162.134
005c77b119d9f55a2924bbd549db2bd28ac85db72ad41952fcb855b19a0fecf8
0897c0aafa10feb29e1861ecfe3ffe46cfabafd33e018e66f4a0bed9f3049045
0a08302774c74202e70a7ca27117924d08374f6f397d050456f4752c4585e36a
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
17141bd76f59e71ae5cb0d6948a08ed8d2de3070da130069289b516717342aab
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
2173f130ca59dc5554498343432f02f92ecce45c4f9381ea12b203a2978f33d4
29bce324859cde09b10a2f1717bf5d30c3c43c7d9a4a4e130d81f62e41fdb2ef
2d03868ef2caefd67a61696e2f68d9c26522bc49c9fb999e712982dbf2d9d1ee
3c73fdc7c9713d7885f2dd81a24a4164ddf4184dcd1adf94efd639d08796bd8c
4397a57f8357b3b0371c6df32a62b87eaa43218c42fa538fb34980bfb0b20a78
47aeb8dfb4c7509a5a6e91372f08ef34b5883229b18415a50eea1287cc9c1835
4ca0ba6aba44c2f21a57563a70ddf127c9f20b0151a3e81a7d01b8e33ba53339
4ff891d95412079eb007b7e3359b115868dc3ba8ae3fc46db4b466f9746026f0
59e1a1b981db5e4e8d86e522dab8832c4e86f64fe416e52d2a7d7f7efbf16f1f
66aaf47f2be09b15909744fd9b92587b33433051085082f4f968daa886f21045
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dae59a0b7258a02686ffa048c835e6386211b233aff2eaf44171ce669bf440b
73cd23ce9a5d363de4b86250d9adeca3ccb6cf8e0789e1d7d70056138db00edc
7564304b9694e33ed0c8e8def8fa2318fef866ca88870dfad88f23f2584b7728
765618d1667ba791f2d492d121d2da42ff7d7e079a4773462a381ac9aceab0c5
79bfede4e2fdd9a22b8eed7f12132519f892f1bff85934c30ce1487204e85c45
7b5e884ac6bca471440d62a21038e1b0342c4bc6e840388256b5f4137c2e666e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
834e21b741700105f2cddc126d68061c79721f4c6eb9aac41ac983810460cf2d
90b9c65db685b23d14b5fc7de5cc92ed675490d29d855ea44c03c01ec8f4579a
95606fd79e5ed034243c781bbfdacc97d7fbc04174981a4a45cd4ad63008afed
98cfbc4941d976520dde0a548b87b499e1c0454f9bc38aeb581b9e13b1e219a7
9f23b08de307d49dd5e30732b47ac5c3345f9fa46736360f169168a1cea56bde
a02149fdbaec0e8f20a1aed005955a1b86522357d06c1b57a6d1bb95ae97e079
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
c4834efc070b2b779395d2fb174af096a16e53860130378354d6786c4b073c9d
c5f2942327bfe6adf6581c99625664ba01625834ca7341d695c00ecf7ec00a65
c8a9ad515d1585b716996cfc0d05c41ce6322b24205ae967cfd7e818b0e1fffb
cc67f4eae8de450588684ae9b2d1b2abc9d77eee5dc4ad78f58bdef64c86a7b1
e2c5ae2b849aaa6d57725431ce79c24c4636c2d6c2937308862b024d3b5501ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6bd64edcf0c6edde7e2414efb4f8b662bd845fed706b38477643b3a223c8b0a
e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa
e8b46f05df61667f1aff6786272b1acc6e4da2802ee32c2fc152f0b055dca84c
ea7107fa8e62ff2c27d692f6dac45c546f5df01cdbe9a977ab590b013b3decf9
ebd2ac11dcb1170f2619f0b448532df334c296c2758f177b309d71ba4fbe6d54
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
f83bc4d226597a6e70e7a628027448c22765eb0de80a7c4ea2acbda1e986c8a8
fdf49508346acd9ea140cd09bce9dfde1e2c7ba5527d96ad6f15c65cafe63de1

client.henrikatonder.com Open in urlscan Pro 34.120.230.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

75 Requests

96 %HTTPS

33 %IPv6

16 Domains

22 Subdomains

22 IPs

2 Countries

1693 kBTransfer

6151 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

client.henrikatonder.com Open in urlscan Pro
34.120.230.5 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

96 %
HTTPS

33 %
IPv6

16
Domains

22
Subdomains

22
IPs

2
Countries

1693 kB
Transfer

6151 kB
Size

13
Cookies

75 HTTP transactions
0 data transactions