urlscan.io logo urlscan.io
SecurityTrails logo

app.holded.com Open in urlscan Pro
34.144.247.221  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.holded.com/
Effective URL: https://app.holded.com/
Submission: On January 10 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 73 HTTP transactions. The main IP is 34.144.247.221, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is app.holded.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 11th 2024. Valid for: a year.
This is the only time app.holded.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 34.144.247.221 396982 (GOOGLE-CL...)
42 34.120.3.106 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 108.138.26.50 16509 (AMAZON-02)
2 18.245.86.4 16509 (AMAZON-02)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
3 18.245.46.55 16509 (AMAZON-02)
1 172.217.16.195 15169 (GOOGLE)
3 54.173.227.161 14618 (AMAZON-AES)
2 35.164.193.242 16509 (AMAZON-02)
1 34.120.195.249 396982 (GOOGLE-CL...)
73 13
4    34.144.247.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.247.144.34.bc.googleusercontent.com
app.holded.com
42    34.120.3.106 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 106.3.120.34.bc.googleusercontent.com
assets.holded.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    108.138.26.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-50.fra56.r.cloudfront.net
widget.intercom.io
2    18.245.86.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-4.fra60.r.cloudfront.net
cdn.amplitude.com
10    2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
1    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
3    18.245.46.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-55.fra56.r.cloudfront.net
js.intercomcdn.com
1    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net
fonts.gstatic.com
3    54.173.227.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-227-161.compute-1.amazonaws.com
api-iam.intercom.io
2    35.164.193.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-193-242.us-west-2.compute.amazonaws.com
api2.amplitude.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o448960.ingest.sentry.io
Apex Domain
Subdomains		 Transfer
46 holded.com
app.holded.com
assets.holded.com
3 MB
10 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 329
226 KB
4 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 3096
api2.amplitude.com — Cisco Umbrella Rank: 1129
27 KB
4 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2266
api-iam.intercom.io — Cisco Umbrella Rank: 2695
10 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2998
315 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
274 KB
1 sentry.io
o448960.ingest.sentry.io
534 B
1 gstatic.com
fonts.gstatic.com
39 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 514
303 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
73 10
Domain Requested by
42 assets.holded.com app.holded.com
assets.holded.com
10 cdn.cookielaw.org www.googletagmanager.com
cdn.cookielaw.org
assets.holded.com
app.holded.com
4 app.holded.com
3 api-iam.intercom.io js.intercomcdn.com
3 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
2 api2.amplitude.com assets.holded.com
2 cdn.amplitude.com www.googletagmanager.com
cdn.amplitude.com
2 www.googletagmanager.com app.holded.com
www.googletagmanager.com
1 o448960.ingest.sentry.io assets.holded.com
1 fonts.gstatic.com fonts.googleapis.com
1 geolocation.onetrust.com assets.holded.com
1 widget.intercom.io www.googletagmanager.com
1 fonts.googleapis.com app.holded.com
73 13

This site contains links to these domains. Also see Links.

Domain
www.holded.com
cookiepedia.co.uk
www.onetrust.com
Subject Issuer Validity Valid
*.holded.com
Sectigo RSA Domain Validation Secure Server CA		 2024-11-11 -
2025-12-12		 a year crt.sh
upload.video.google.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-12-14 -
2026-01-11		 a year crt.sh
cdn.amplitude.com
Amazon RSA 2048 M03		 2024-11-14 -
2025-12-13		 a year crt.sh
cookielaw.org
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh
geolocation.onetrust.com
WE1		 2024-12-09 -
2025-03-09		 3 months crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2024-10-31 -
2025-11-28		 a year crt.sh
*.gstatic.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2024-01-31 -
2025-03-02		 a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-03 -
2025-07-29		 10 months crt.sh

This page contains 2 frames:

Primary Page: https://app.holded.com/
Frame ID: 6B870FD52CBF98ED31C6C6418B3C09CD
Requests: 66 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.046d1ca8.js
Frame ID: 1DDF86C0101F2B63F265396372BDE619
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Iniciar sesión - Holded

Page URL History Show full URLs

  1. http://app.holded.com/ HTTP 307
    https://app.holded.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Page Statistics

73
Requests

100 %
HTTPS

31 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

3687 kB
Transfer

11086 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.holded.com/ HTTP 307
    https://app.holded.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.holded.com/
Redirect Chain
  • http://app.holded.com/
  • https://app.holded.com/
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.144.247.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.247.144.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
16603080c9d3e1470aa66b715996d46f19c29294730ae732ca9dc8ffefb8f2ad
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-ancestors 'self' https:;connect-src 'self' https: wss: blob:;frame-src * https: blob: data:;style-src * 'unsafe-inline' https:;script-src 'self' https://*.googletagmanager.com https://*.google-analytics.com https://*.intercomcdn.com https://*.intercom.io https://*.amplitude.com https://*.sentry-cdn.com https://*.hotjar.com https://*.cookielaw.org https://*.facebook.net https://*.licdn.com https://*.canny.io https://*.bing.com https://*.tiktok.com https://*.clarity.ms https://*.stripe.com https://*.squarecdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.hs-analytics.net https://js.hscollectedforms.net/collectedforms.js https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.min.js https://*.chilipiper.com https://*.getripe.com https://cdn.segment.com https://assets.holded.com https://assets.holdedstaging.com 'nonce-f86198c73a8654e3b49c7a820c28fd8f';img-src * data: https: blob:;worker-src * data: https: blob:;media-src * data: https: blob:;font-src * data: https:;base-uri 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self';frame-ancestors 'self' https:;connect-src 'self' https: wss: blob:;frame-src * https: blob: data:;style-src * 'unsafe-inline' https:;script-src 'self' https://*.googletagmanager.com https://*.google-analytics.com https://*.intercomcdn.com https://*.intercom.io https://*.amplitude.com https://*.sentry-cdn.com https://*.hotjar.com https://*.cookielaw.org https://*.facebook.net https://*.licdn.com https://*.canny.io https://*.bing.com https://*.tiktok.com https://*.clarity.ms https://*.stripe.com https://*.squarecdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.hs-analytics.net https://js.hscollectedforms.net/collectedforms.js https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.min.js https://*.chilipiper.com https://*.getripe.com https://cdn.segment.com https://assets.holded.com https://assets.holdedstaging.com 'nonce-f86198c73a8654e3b49c7a820c28fd8f';img-src * data: https: blob:;worker-src * data: https: blob:;media-src * data: https: blob:;font-src * data: https:;base-uri 'self';
content-type
text/html; charset=UTF-8
date
Fri, 10 Jan 2025 11:34:32 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
permissions-policy
accelerometer=(),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
pragma
no-cache
referrer-policy
same-origin
server
nginx
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-correlationid
f86198c73a8654e3b49c7a820c28fd8f
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://app.holded.com/
Non-Authoritative-Reason
HttpsUpgrades
auth-D4Cm3RZX.js
assets.holded.com/frontend-next-gen/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/auth-D4Cm3RZX.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1b950b377ab9238a6a35eeb8ac661fbfa7b57213d2a0d7aeeaf1e2464626ae07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d8-719"
age
6246
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:50:26 GMT
last-modified
Fri, 10 Jan 2025 03:41:12 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
1014
server
nginx
x-C-w6nJ31.js
assets.holded.com/frontend-next-gen/@mui/ 		893 KB
267 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ce8192fe3a3b5d1081f38fe012a3fee32597b6514c3f59241656617c18e63e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
content-encoding
gzip
etag
W/"67801af7-df55a"
age
10443
access-control-allow-methods
GET, OPTIONS
via
1.1 google
referrer-policy
same-origin
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 08:40:29 GMT
last-modified
Thu, 09 Jan 2025 18:52:39 GMT
content-type
application/javascript
server
nginx
vary
Accept-Encoding
@dnd-kit-C0mf_sk4.js
assets.holded.com/frontend-next-gen/ 		187 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/@dnd-kit-C0mf_sk4.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
513e96eb40ff782c94c9b227fc339e242bebc4d1a785921ac5d60cf312d408cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d7-2ed74"
age
6394
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:47:58 GMT
last-modified
Fri, 10 Jan 2025 03:41:11 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
62008
server
nginx
@mathjs-W_n9tebL.js
assets.holded.com/frontend-next-gen/ 		657 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/@mathjs-W_n9tebL.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bca1afb8df471b6032b2ba258a3d1ff511ca767d0b372d8209887ef3765ed1d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d8-a429a"
age
6348
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:48:44 GMT
last-modified
Fri, 10 Jan 2025 03:41:12 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
194482
server
nginx
types-Bq-E50yK.js
assets.holded.com/frontend-next-gen/ 		403 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/types-Bq-E50yK.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3cc2e30a300110e0e056959f389ccffa475ca5c88108e69a14164236b1c5764a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d7-64b99"
age
6394
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:47:58 GMT
last-modified
Fri, 10 Jan 2025 03:41:11 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
108574
server
nginx
@notistack-yKRTdW0z.js
assets.holded.com/frontend-next-gen/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/@notistack-yKRTdW0z.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1a1a29b7b411db022f4b56a0b653bfbad431366efc8b6be95bc8273d6cf4018d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d8-6061"
age
6393
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:47:59 GMT
last-modified
Fri, 10 Jan 2025 03:41:12 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
8923
server
nginx
@sentry-CTCeWF7P.js
assets.holded.com/frontend-next-gen/ 		122 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/@sentry-CTCeWF7P.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ed99e5bcb38e880759c30995c838b40b099c51d3b8ad9548964a25ab583aff4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d7-1e853"
age
6393
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:47:59 GMT
last-modified
Fri, 10 Jan 2025 03:41:11 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
43274
server
nginx
@fortawesome-DaOKOR9A.js
assets.holded.com/frontend-next-gen/ 		5 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/@fortawesome-DaOKOR9A.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3c7fd35f93c85364b128c8576d3d6c6a4a2ab75388a4fbf11733446ef9ae9b01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
content-encoding
gzip
etag
W/"67801af8-51e140"
age
6394
access-control-allow-methods
GET, OPTIONS
via
1.1 google
referrer-policy
same-origin
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:47:58 GMT
last-modified
Thu, 09 Jan 2025 18:52:40 GMT
content-type
application/javascript
server
nginx
vary
Accept-Encoding
@react-router-B5dmopDI.js
assets.holded.com/frontend-next-gen/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/@react-router-B5dmopDI.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
92b8f21b2d7cb0096546104cde8f6393e07d455ae1e79d36c046766513323712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d7-10315"
age
6374
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:48:18 GMT
last-modified
Fri, 10 Jan 2025 03:41:11 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
22589
server
nginx
index-DqXQkaSm.js
assets.holded.com/frontend-next-gen/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/index-DqXQkaSm.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dc16053e3164f50a89ca936c3c9f3dc8b111991ecd36d003d390131a67eb8d29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af7-3771"
age
16018
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 07:07:34 GMT
last-modified
Thu, 09 Jan 2025 18:52:39 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
5094
server
nginx
email-DUrxqBQF.js
assets.holded.com/frontend-next-gen/ 		512 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/email-DUrxqBQF.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fd96c95f561020c6cce4fef7df6e58155aa7d7ce000108ea8282b5f1b1dfa3f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af8-200"
age
16018
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 07:07:34 GMT
last-modified
Thu, 09 Jan 2025 18:52:40 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
341
server
nginx
utils-DOXrrtR6.js
assets.holded.com/frontend-next-gen/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/utils-DOXrrtR6.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4b15d5a65a7381c0d9c84ef6c5aa3aa35fa1f59f8db7c491f2a9ea7266cdc3e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af7-43ed"
age
6322
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:49:10 GMT
last-modified
Thu, 09 Jan 2025 18:52:39 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
4797
server
nginx
account-CAe7N-Gt.js
assets.holded.com/frontend-next-gen/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/account-CAe7N-Gt.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1c6d544b0e2b1c34395cd073aad0bbcc05ba2ab5bb67369807ace6f13fbabbf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d7-fc5"
age
6374
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:48:18 GMT
last-modified
Fri, 10 Jan 2025 03:41:11 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
1615
server
nginx
ErrorPage-BFG08s39.js
assets.holded.com/frontend-next-gen/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/ErrorPage-BFG08s39.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a5f8384ad3ca9e492a450699adce2134f16516bde22d90d8f017311780b04cf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af7-3773"
age
16018
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 07:07:34 GMT
last-modified
Thu, 09 Jan 2025 18:52:39 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
3207
server
nginx
error-page-DkXnhRyR.js
assets.holded.com/frontend-next-gen/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/error-page-DkXnhRyR.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e7646cd4bbda09f86f2873f8177187170d5a9bff71a653515ce8653815a410ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d8-563b"
age
6374
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:48:18 GMT
last-modified
Fri, 10 Jan 2025 03:41:12 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
5796
server
nginx
useBreakpoint-CeUutCeq.js
assets.holded.com/frontend-next-gen/ 		644 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/useBreakpoint-CeUutCeq.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e6920c44c84a1d33ef44762a99db8c4486d41800cf25bf843434a9de76e35035
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d7-284"
age
28184
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 03:44:48 GMT
last-modified
Fri, 10 Jan 2025 03:41:11 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
380
server
nginx
monitoring-qvR9Lb93.js
assets.holded.com/frontend-next-gen/ 		59 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/monitoring-qvR9Lb93.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ac649276cbc3655ec3bfdb58e585b2aed072b481685b7bcf7b71a989d021e669
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af8-eb14"
age
6361
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:48:31 GMT
last-modified
Thu, 09 Jan 2025 18:52:40 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
21659
server
nginx
index-Hjo3Hj-U.js
assets.holded.com/frontend-next-gen/ 		630 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/index-Hjo3Hj-U.js
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
13f82e4e9cda970fe93f11c7e8c8c55ad50aac1bf470ffcd30beb5f1d1ef9553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"677f9b3b-276"
age
34664
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 01:56:48 GMT
last-modified
Thu, 09 Jan 2025 09:47:39 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
367
server
nginx
css2
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e03021bbfb5ae6e1dee9f03d868637c4e90af3fc5f445c520579fe8152521948
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 10 Jan 2025 11:34:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 11:34:32 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 10 Jan 2025 11:04:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		471 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVM4ZTD
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d29fbb109e4d1bd961de01938c52ff4aa4747f02de8e2d48b6f1a6efac6abc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 10 Jan 2025 11:34:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 11:34:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 10 Jan 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135314
x-xss-protection
0
server
Google Tag Manager
gwbpci68
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/gwbpci68
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVM4ZTD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
451e5cd03b307e7941a0a9c143b05d5feeb91c800d8c49fa635923f9e3a578d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
tADWpg.1p4Jj21aWEbjVsMcXSvD8RQhU
etag
"072a7a5a564ad9bcf2fdcbc04119c8f5"
age
198
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
x-amz-cf-id
ZtSfBgxSBrfu1YSgGmIC_jsiDbLDQTy16J6lVaBgm2Zk-hY-xbvTsg==
date
Fri, 10 Jan 2025 11:31:15 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding, Origin
last-modified
Thu, 09 Jan 2025 16:18:09 GMT
cache-control
max-age=300, s-maxage=300, public
cross-origin-resource-policy
cross-origin
via
1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2664
x-amz-cf-pop
FRA56-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
analytics-browser-gtm-wrapper-3.7.7.js.br
cdn.amplitude.com/libs/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/analytics-browser-gtm-wrapper-3.7.7.js.br
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVM4ZTD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
215dceb9394451f5428655fc07a6266644e311ee3ab4a5f34aa65d06205d81a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
"8f96d9a2c246078abccf35c1a18b3f3f"
x-amz-version-id
6RP1FR4XzZiqyE1Ymax3FKPaumo4mmA4
age
1042283
x-cache
Hit from cloudfront
x-amz-cf-id
QhhgYI4ESta7wvu56JpZ5qDfjumpexYjmhd6a88Ur09sXiG98sl7fw==
date
Sun, 29 Dec 2024 10:03:10 GMT
content-type
application/javascript
last-modified
Fri, 22 Mar 2024 23:55:50 GMT
cache-control
max-age=31536000
via
1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
8939
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		446 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P5G2YFXN2W&l=dataLayer&cx=c&gtm=45He5190v813560655za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVM4ZTD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
109022fc85b0dc94a72da0e0f4a27aaa4b0f763f3e1cdf014a573f7031f6ebda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 10 Jan 2025 11:34:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 11:34:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
143819
x-xss-protection
0
server
Google Tag Manager
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=8ba51f48-43c3-4fad-b6ff-6b6e8d0fd749-test
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVM4ZTD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52e5401f96ca9a7fc38248bf9469bdc7006f53de52d7abfec96f4a39cf665d6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
TR3+yr7DZCz8Fh2PJMSBjQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD2FB477FE0A6F
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
24456
x-content-type-options
nosniff
date
Fri, 10 Jan 2025 11:34:32 GMT
content-type
application/javascript
last-modified
Wed, 08 Jan 2025 07:17:11 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
3be21f5c-a01e-000a-59a7-618a03000000
cf-ray
8ffc5bc78eccf774-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
7211
x-ms-blob-type
BlockBlob
server
cloudflare
8ba51f48-43c3-4fad-b6ff-6b6e8d0fd749-test.json
cdn.cookielaw.org/consent/8ba51f48-43c3-4fad-b6ff-6b6e8d0fd749-test/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/8ba51f48-43c3-4fad-b6ff-6b6e8d0fd749-test/8ba51f48-43c3-4fad-b6ff-6b6e8d0fd749-test.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=8ba51f48-43c3-4fad-b6ff-6b6e8d0fd749-test
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b75057948c4470b70ba50b4b9992ffdb9baef9eafe966471d7f9ff602344578
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
xkKPQFaHdJtemRY0AWQG5g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DD2F037CFF6DFF
age
4961
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Sat, 11 Jan 2025 11:34:33 GMT
date
Fri, 10 Jan 2025 11:34:33 GMT
content-type
application/json
last-modified
Tue, 07 Jan 2025 10:10:18 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
ba664982-701e-008b-10ec-602854000000
cf-ray
8ffc5bc87915b10f-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
1740
x-ms-blob-type
BlockBlob
server
cloudflare
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		67 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@sentry-CTCeWF7P.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ccfd8491a4f2101549ea6031091edc3616340f714216323f1f604f674749239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8ffc5bca6e05af9b-MAD
access-control-allow-origin
*
date
Fri, 10 Jan 2025 11:34:33 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
Login-v4YU9PB0.js
assets.holded.com/frontend-next-gen/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/Login-v4YU9PB0.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3719f1f770fed5511f8e48b267113f9dfce1211f39dd2ad4b50d213363b512cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d8-366c"
age
5681
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:59:52 GMT
last-modified
Fri, 10 Jan 2025 03:41:12 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
5258
server
nginx
index.esm-Dgq6PzRD.js
assets.holded.com/frontend-next-gen/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/index.esm-Dgq6PzRD.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4bf769538d66a9dca858f602953dc2b49452dc9221039b4c3e2fe7df8b49b165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"677f9b3a-6f37"
age
34426
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 02:00:47 GMT
last-modified
Thu, 09 Jan 2025 09:47:38 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
10600
server
nginx
useDocMeta-BLp97qwR.js
assets.holded.com/frontend-next-gen/ 		972 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/useDocMeta-BLp97qwR.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
66b17fd420c71bb817a0b1d046c947a3e5acda2c21ae19a5cc4e980e49e6ff70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af7-3cc"
age
6326
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:49:07 GMT
last-modified
Thu, 09 Jan 2025 18:52:39 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
560
server
nginx
AuthHeader-CCxo-ANr.js
assets.holded.com/frontend-next-gen/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/AuthHeader-CCxo-ANr.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f8cfca285b93fe6a229348b2ba2b5da029c3dd6fa2ea0d24e6c5c06b4fa49d05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d7-c92"
age
6327
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:49:06 GMT
last-modified
Fri, 10 Jan 2025 03:41:11 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
1416
server
nginx
LanguageSwitcher-DFJQ8C_1.js
assets.holded.com/frontend-next-gen/ 		1 KB
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/LanguageSwitcher-DFJQ8C_1.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
937b8b5e252c3dd64612124e818b85041e13847405d024a819f2575dcfad735a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d8-4ce"
age
6327
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:49:06 GMT
last-modified
Fri, 10 Jan 2025 03:41:12 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
707
server
nginx
useAuthGlobalData-CO4t-Kgi.js
assets.holded.com/frontend-next-gen/ 		877 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/useAuthGlobalData-CO4t-Kgi.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
893dffc95801c30ec0b01666eac5acbf53266567571e2d095a0a5098fcbfa9b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d7-36d"
age
6327
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:49:06 GMT
last-modified
Fri, 10 Jan 2025 03:41:11 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
540
server
nginx
useMutation-M76qxLcD.js
assets.holded.com/frontend-next-gen/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/useMutation-M76qxLcD.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3594b9beb8291d05893feda8260c060bfbe88702acc83f3d7b8e6ed350453a79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"677f9b3a-bf5"
age
63116
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 18:02:37 GMT
last-modified
Thu, 09 Jan 2025 09:47:38 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
1170
server
nginx
utils-CQqdkLYN.js
assets.holded.com/frontend-next-gen/ 		526 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/utils-CQqdkLYN.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
96e5d645f9c954982bec287327487746855d04900af63ccc688f92db8420648d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af7-20e"
age
6362
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:48:31 GMT
last-modified
Thu, 09 Jan 2025 18:52:39 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
342
server
nginx
useBoolean-BDkfBYCv.js
assets.holded.com/frontend-next-gen/ 		562 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/useBoolean-BDkfBYCv.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b9d826180a328719057aacd34c466699345698532346f67a37c1507b40b231a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af8-232"
age
6395
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:47:58 GMT
last-modified
Thu, 09 Jan 2025 18:52:40 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
351
server
nginx
Avatar-B50aQkUh.js
assets.holded.com/frontend-next-gen/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/Avatar-B50aQkUh.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d3b0b38e939e19c12f37ced45f3c08e174302c064fa4a2ad3818811c71a9d659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af7-be7"
age
6362
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:48:31 GMT
last-modified
Thu, 09 Jan 2025 18:52:39 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
1530
server
nginx
holded-logo-horizontal-IQK45TM9.js
assets.holded.com/frontend-next-gen/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/holded-logo-horizontal-IQK45TM9.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fe7899a7108c25daa88c9d581c77bde63b4e2fb380eef6a9a2d94752ac7ff8dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d7-113f"
age
16106
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 07:06:07 GMT
last-modified
Fri, 10 Jan 2025 03:41:11 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
1853
server
nginx
Separator-kQnVIibZ.js
assets.holded.com/frontend-next-gen/ 		740 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/Separator-kQnVIibZ.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d6cf51b127944ecdab59f715656fd7285b9f64a859e7d6153af4b73b4884b577
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d8-2e4"
age
6375
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:48:18 GMT
last-modified
Fri, 10 Jan 2025 03:41:12 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
457
server
nginx
LoginSso-B9amjf5a.js
assets.holded.com/frontend-next-gen/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/LoginSso-B9amjf5a.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fb640da7e7fe074fe5fbd5e0bfab6f5fa324119ce7b2dcaa42dc3a2dba4554e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af7-89d"
age
16019
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 07:07:34 GMT
last-modified
Thu, 09 Jan 2025 18:52:39 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
1161
server
nginx
google-F8ikcy6D.js
assets.holded.com/frontend-next-gen/ 		2 KB
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/google-F8ikcy6D.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7b457b13d71fa682fbdb6988762266daba9ef0a9e858e1e7c26a9d08e868308d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af7-684"
age
18151
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 06:32:02 GMT
last-modified
Thu, 09 Jan 2025 18:52:39 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
866
server
nginx
PasswordField-XGy_VBbc.js
assets.holded.com/frontend-next-gen/ 		1 KB
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/PasswordField-XGy_VBbc.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3795dce606aee51a0282e27d916d56d005b5ffcdcfdc861dfebf5108c6065731
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af8-48c"
age
18277
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 06:29:56 GMT
last-modified
Thu, 09 Jan 2025 18:52:40 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
680
server
nginx
signup-events-CyyuLq1x.js
assets.holded.com/frontend-next-gen/ 		618 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/signup-events-CyyuLq1x.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6f89036df043ab5d9760b31506836d8aa6dcdcfa7a4be7d12d5d80cf43f29e43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d8-26a"
age
18429
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 06:27:24 GMT
last-modified
Fri, 10 Jan 2025 03:41:12 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
371
server
nginx
events-Chh4MGn9.js
assets.holded.com/frontend-next-gen/ 		580 B
477 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/events-Chh4MGn9.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
182909d51233d8e58235f3be2724a9ee9e61dd5d627d0c8ac3969f7e66ae6a13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af7-244"
age
41181
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 00:08:12 GMT
last-modified
Thu, 09 Jan 2025 18:52:39 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
383
server
nginx
LoadingButton-Cgqv1DyZ.js
assets.holded.com/frontend-next-gen/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/LoadingButton-Cgqv1DyZ.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fe4033582908a83fd16fe987676beb8c26bbcd5193f3df61ac486a9545b9c753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d8-ea9"
age
6367
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:48:26 GMT
last-modified
Fri, 10 Jan 2025 03:41:12 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
1374
server
nginx
two-factor-auth-CwdQU1el.js
assets.holded.com/frontend-next-gen/ 		672 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/two-factor-auth-CwdQU1el.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
4cf37c922368eef0178eb7048ea2f1860f1fb3321eaae039adba706fe3ae0608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af8-2a0"
age
13553
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 07:48:40 GMT
last-modified
Thu, 09 Jan 2025 18:52:40 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
396
server
nginx
useCountdown-Dh8yM__u.js
assets.holded.com/frontend-next-gen/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/useCountdown-Dh8yM__u.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cefc479d7ce8bf17edf854509bc1b2138c035858ef1c61e21f9bf3173d547058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af8-a6b"
age
12746
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 08:02:07 GMT
last-modified
Thu, 09 Jan 2025 18:52:40 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
1403
server
nginx
AuthLayout-DnHxIWwq.js
assets.holded.com/frontend-next-gen/ 		848 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/AuthLayout-DnHxIWwq.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c00b4edac0e2f8ee93ef0dc496d508f715cf02310b5303e9a33e420d73a261b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"67801af8-350"
age
20004
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 06:01:09 GMT
last-modified
Thu, 09 Jan 2025 18:52:40 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
487
server
nginx
useDocTitle-CVv-R1kF.js
assets.holded.com/frontend-next-gen/ 		730 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/useDocTitle-CVv-R1kF.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@mui/x-C-w6nJ31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
deabbdf0b15362f33079d74762792c32bef4da682a29714bbf1fde1c8559deae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

content-encoding
gzip
etag
W/"678096d7-2da"
age
6375
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 09:48:18 GMT
last-modified
Fri, 10 Jan 2025 03:41:11 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
442
server
nginx
frame-modern.046d1ca8.js
js.intercomcdn.com/ Frame 1DDF 		474 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.046d1ca8.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/gwbpci68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb3eb6a35af40e654c0686cc808082a6daa035fd12f95960258411528718ef74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
9rwAbZFXqbEMg6nCB8a4BVIkR7dZpCN.
etag
"bc845e8a0f6b993a6016557a245fee92"
age
4582
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
LCCuQe6cOS47RBxYSw_CDZONT-v2tX9JzIcpvPHQiPUebDrwcZT6sw==
date
Fri, 10 Jan 2025 10:18:12 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding
last-modified
Thu, 09 Jan 2025 16:15:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
145963
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor-modern.ce2bb6ad.js
js.intercomcdn.com/ Frame 1DDF 		491 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.ce2bb6ad.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/gwbpci68
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce7f9c5fa857af83001a20740f0c2f393d041ac15f2b6ec35586c3df37f631cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
bKb4MPGp5t0.79RZoYVmueJM2PacTzSt
etag
"689f20e6b66393ae77322d1163bca6a6"
age
907
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
3M6ANtr88aoESlGQbPG5k-cqai67iW8ijglVmZx2sfNobaT98kThVQ==
date
Fri, 10 Jan 2025 11:19:27 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding
last-modified
Wed, 08 Jan 2025 18:28:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
155717
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
analytics-browser-gtm-2.5.2-min.js.gz
cdn.amplitude.com/libs/ 		65 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/analytics-browser-gtm-2.5.2-min.js.gz
Requested by
Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/analytics-browser-gtm-wrapper-3.7.7.js.br
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-4.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c328f92e807e5029a5b9dedf9e7ea21af51c8fb381a47474827bb3bf3306aadc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"c35f967cf7d730a1bd082d33f3b58ed7"
x-amz-version-id
uS1xmOT5A_6ehs7_u39.iJx0i82O5jbK
age
136030
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
WyGPV16ASYlFS8yZ4EK7ONWbrbp7CxdUGpQE40eXgYfFJ64qg6oZ_g==
date
Wed, 08 Jan 2025 21:47:24 GMT
content-type
application/javascript
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Tue, 27 Feb 2024 19:37:01 GMT
cache-control
max-age=31536000
via
1.1 cbd5498107be7e5bcccda272c5fdbef4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
17861
x-amz-cf-pop
FRA60-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
es-Chs7Rm1w.js
assets.holded.com/frontend-next-gen/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/es-Chs7Rm1w.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/types-Bq-E50yK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
da550e15858e66ec3f9f551e3e1b5bfe0e0fb46766c03ecd43b059850dda17a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer
https://assets.holded.com/frontend-next-gen/types-Bq-E50yK.js

Response headers

content-encoding
gzip
etag
W/"67801af7-3cd5"
age
16085
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 07:06:28 GMT
last-modified
Thu, 09 Jan 2025 18:52:39 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
4970
server
nginx
en-Cc0NMNML.js
assets.holded.com/frontend-next-gen/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.holded.com/frontend-next-gen/en-Cc0NMNML.js
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/types-Bq-E50yK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.3.106 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
106.3.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
87f23b0ad6dbc1612374945b8ca7eef3c1ddc142434b005a27c9e8c3d0cfc5bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer
https://assets.holded.com/frontend-next-gen/types-Bq-E50yK.js

Response headers

content-encoding
gzip
etag
W/"67801af8-387b"
age
16018
access-control-allow-methods
GET, OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 07:07:35 GMT
last-modified
Thu, 09 Jan 2025 18:52:40 GMT
content-type
application/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload; includeSubDomains
cache-control
public,max-age=86400
referrer-policy
same-origin
via
1.1 google
access-control-allow-origin
*
content-length
4404
server
nginx
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202411.2.0/ 		463 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202411.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js?did=8ba51f48-43c3-4fad-b6ff-6b6e8d0fd749-test
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae29f342c886f7bb3f3e15bfe148c32f3369bd03906f585fa4a3aa7a9b1041b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
3Tj+MtO+kF+ccVkOGtcGGA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD1DE4B60BA578
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
58652
x-content-type-options
nosniff
date
Fri, 10 Jan 2025 11:34:33 GMT
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 15:17:10 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
57405d40-901e-00a8-285e-5a479f000000
cf-ray
8ffc5bcace1bf774-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
114856
x-ms-blob-type
BlockBlob
server
cloudflare
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v47/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://app.holded.com
Referer
https://fonts.googleapis.com/

Response headers

age
147999
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 08 Jan 2026 18:27:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 08 Jan 2025 18:27:54 GMT
last-modified
Wed, 08 Jan 2025 18:23:10 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
40128
x-xss-protection
0
server
sffe
en.json
cdn.cookielaw.org/consent/8ba51f48-43c3-4fad-b6ff-6b6e8d0fd749-test/018ee0d4-2f96-7845-8f4e-24ad39ab0c2d/ 		304 KB
48 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/8ba51f48-43c3-4fad-b6ff-6b6e8d0fd749-test/018ee0d4-2f96-7845-8f4e-24ad39ab0c2d/en.json
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@sentry-CTCeWF7P.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c85bc2b4c24345ac05babebee94131f59a978d5d0fd582cfd67cad5d71adaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
zyHlmRdDYytz6qixgdMb4Q==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DD2F037EF9309A
age
4904
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Sat, 11 Jan 2025 11:34:33 GMT
date
Fri, 10 Jan 2025 11:34:33 GMT
content-type
application/json
last-modified
Tue, 07 Jan 2025 10:10:21 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
25ae680f-a01e-00cd-24ec-60f6c2000000
cf-ray
8ffc5bcb687cb10f-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
48561
x-ms-blob-type
BlockBlob
server
cloudflare
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202411.2.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202411.2.0/assets/otCenterRounded.json
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@sentry-CTCeWF7P.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6853a1e9de5dc713d69cff9591ad8d3ecfb397dcd87d85fc6650550b35f1fa6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
IrvJo8WCyAdIAUpGpS0vUQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD1DE4B253D853
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
25200
x-content-type-options
nosniff
date
Fri, 10 Jan 2025 11:34:33 GMT
content-type
application/json
last-modified
Mon, 16 Dec 2024 15:17:03 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
f3ec25a0-201e-001b-53f9-51bd18000000
cf-ray
8ffc5bcbda65b10f-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
2584
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202411.2.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202411.2.0/assets/v2/otPcCenter.json
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@sentry-CTCeWF7P.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa9b802517c842d2b273a61895b70e180cd2dae00672bb2995b04b2482779fca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
fDQkbkE+dJJxCaoU+fD/jA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD1DE4B3408AB4
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
32085
x-content-type-options
nosniff
date
Fri, 10 Jan 2025 11:34:33 GMT
content-type
application/json
last-modified
Mon, 16 Dec 2024 15:17:05 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
42a0068a-901e-00a8-1bf9-51479f000000
cf-ray
8ffc5bcbda68b10f-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
12841
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202411.2.0/assets/ 		24 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202411.2.0/assets/otCommonStyles.css
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@sentry-CTCeWF7P.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0911f2ffd8f92d366f43fee3b83ab612f4bb9cf88f7d8d69fa09d7806a9029e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
vT8pSnMGi2T05S5Sw+4ubg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
77679
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 10 Jan 2025 11:34:33 GMT
content-type
text/css
last-modified
Mon, 16 Dec 2024 15:17:15 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
4abaab19-601e-00f9-1cf9-51596a000000
cf-ray
8ffc5bcbda6ab10f-MAD
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@sentry-CTCeWF7P.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
18833
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 10 Jan 2025 11:34:33 GMT
content-type
image/svg+xml
last-modified
Thu, 09 Jan 2025 20:16:28 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
98602341-601e-0094-6827-63f344000000
cf-ray
8ffc5bcc4b68b10f-MAD
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
Holded_H_Logo_R@2x.png
cdn.cookielaw.org/logos/80df487c-62ab-4978-b310-891309e09de5/3e805fe4-279a-49aa-8606-c7cb584bbc20/1dc5897a-ad1b-4ae5-88b5-c1a3c756b50b/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/80df487c-62ab-4978-b310-891309e09de5/3e805fe4-279a-49aa-8606-c7cb584bbc20/1dc5897a-ad1b-4ae5-88b5-c1a3c756b50b/Holded_H_Logo_R@2x.png
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aeeee3bbad742a03e52727b9c91ec94c21cfd76a1454c34b409877df2163984
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
U/WPMS62JtDpGIN2XUo6tQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DB42512BE15E91
age
81589
cf-cache-status
HIT
x-content-type-options
nosniff
date
Fri, 10 Jan 2025 11:34:33 GMT
content-type
image/png
last-modified
Fri, 21 Apr 2023 10:14:19 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
fe6c1b6d-501e-0072-5456-41e2b4000000
cf-ray
8ffc5bcc4909f774-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
33957
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: app.holded.com
URL: https://app.holded.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
12115
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 10 Jan 2025 11:34:33 GMT
content-type
image/svg+xml
last-modified
Thu, 09 Jan 2025 20:16:29 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
aeab4dc5-901e-00a3-0c1b-635feb000000
cf-ray
8ffc5bcc490bf774-MAD
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
launcher_settings
api-iam.intercom.io/messenger/web/ Frame 1DDF 		242 B
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/launcher_settings
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.046d1ca8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.173.227.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-227-161.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4655e533ad6da5ede66cdecab858b982aa1e5db44069a12027430f5de127c0fd
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

x-request-id
001vjcg6t87m7m2o3jb0
access-control-expose-headers
x-request-id
content-encoding
gzip
etag
W/"4655e533ad6da5ede66cdecab858b982"
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
status
200 OK
date
Fri, 10 Jan 2025 11:34:34 GMT
content-type
application/json; charset=utf-8
vary
Accept,Accept-Encoding
x-runtime
0.041312
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31556952; includeSubDomains; preload
x-request-queueing
0
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://app.holded.com
x-xss-protection
1; mode=block
x-intercom-version
55d2d982988da3653d9e76153ed17831ed96246d
x-ami-version
ami-06edf74bc984d57b5
server
nginx
ping
api-iam.intercom.io/messenger/web/ Frame 1DDF 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.046d1ca8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.173.227.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-227-161.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5726cf782a5d52dae76a16777e1a843ce132eae8ed6ee58823b4b4debd48c2d9
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

x-request-id
00016n5olv0csvjqoceg
access-control-expose-headers
x-request-id
content-encoding
gzip
etag
W/"5726cf782a5d52dae76a16777e1a843c"
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
status
200 OK
date
Fri, 10 Jan 2025 11:34:34 GMT
content-type
application/json; charset=utf-8
vary
Accept,Accept-Encoding
x-runtime
0.348640
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31556952; includeSubDomains; preload
x-request-queueing
0
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://app.holded.com
x-xss-protection
1; mode=block
x-intercom-version
55d2d982988da3653d9e76153ed17831ed96246d
x-ami-version
ami-06edf74bc984d57b5
server
nginx
holded-logo.svg
app.holded.com/assets/img/brand/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.holded.com/assets/img/brand/holded-logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.144.247.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.247.144.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0bd84498cc72bbe695cc5fe76f04443d9cfbda51d9ef186a5648897147a0ff3f
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-ancestors 'self' https:;connect-src 'self' https: wss: blob:;frame-src * https: blob: data:;style-src * 'unsafe-inline' https:;script-src 'self' https://*.googletagmanager.com https://*.google-analytics.com https://*.intercomcdn.com https://*.intercom.io https://*.amplitude.com https://*.sentry-cdn.com https://*.hotjar.com https://*.cookielaw.org https://*.facebook.net https://*.licdn.com https://*.canny.io https://*.bing.com https://*.tiktok.com https://*.clarity.ms https://*.stripe.com https://*.squarecdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.hs-analytics.net https://js.hscollectedforms.net/collectedforms.js https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.min.js https://*.chilipiper.com https://*.getripe.com https://cdn.segment.com https://assets.holded.com https://assets.holdedstaging.com 'nonce-8b97af92cba6af20429e2d724f9f194a';img-src * data: https: blob:;worker-src * data: https: blob:;media-src * data: https: blob:;font-src * data: https:;base-uri 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.holded.com/

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-security-policy
default-src 'self';frame-ancestors 'self' https:;connect-src 'self' https: wss: blob:;frame-src * https: blob: data:;style-src * 'unsafe-inline' https:;script-src 'self' https://*.googletagmanager.com https://*.google-analytics.com https://*.intercomcdn.com https://*.intercom.io https://*.amplitude.com https://*.sentry-cdn.com https://*.hotjar.com https://*.cookielaw.org https://*.facebook.net https://*.licdn.com https://*.canny.io https://*.bing.com https://*.tiktok.com https://*.clarity.ms https://*.stripe.com https://*.squarecdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.hs-analytics.net https://js.hscollectedforms.net/collectedforms.js https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.min.js https://*.chilipiper.com https://*.getripe.com https://cdn.segment.com https://assets.holded.com https://assets.holdedstaging.com 'nonce-8b97af92cba6af20429e2d724f9f194a';img-src * data: https: blob:;worker-src * data: https: blob:;media-src * data: https: blob:;font-src * data: https:;base-uri 'self';
content-encoding
gzip
referrer-policy
same-origin
via
1.1 google
permissions-policy
accelerometer=(),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 11:34:33 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
x-correlationid
8b97af92cba6af20429e2d724f9f194a
holded-logo.svg
app.holded.com/assets/img/brand/ 		1 KB
737 B 		Other
General
Check archive.org
Download Go to
Full URL
https://app.holded.com/assets/img/brand/holded-logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.144.247.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.247.144.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0bd84498cc72bbe695cc5fe76f04443d9cfbda51d9ef186a5648897147a0ff3f
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-ancestors 'self' https:;connect-src 'self' https: wss: blob:;frame-src * https: blob: data:;style-src * 'unsafe-inline' https:;script-src 'self' https://*.googletagmanager.com https://*.google-analytics.com https://*.intercomcdn.com https://*.intercom.io https://*.amplitude.com https://*.sentry-cdn.com https://*.hotjar.com https://*.cookielaw.org https://*.facebook.net https://*.licdn.com https://*.canny.io https://*.bing.com https://*.tiktok.com https://*.clarity.ms https://*.stripe.com https://*.squarecdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.hs-analytics.net https://js.hscollectedforms.net/collectedforms.js https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.min.js https://*.chilipiper.com https://*.getripe.com https://cdn.segment.com https://assets.holded.com https://assets.holdedstaging.com 'nonce-5bdbc666c82aba820e1020b67589b968';img-src * data: https: blob:;worker-src * data: https: blob:;media-src * data: https: blob:;font-src * data: https:;base-uri 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.holded.com/

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-security-policy
default-src 'self';frame-ancestors 'self' https:;connect-src 'self' https: wss: blob:;frame-src * https: blob: data:;style-src * 'unsafe-inline' https:;script-src 'self' https://*.googletagmanager.com https://*.google-analytics.com https://*.intercomcdn.com https://*.intercom.io https://*.amplitude.com https://*.sentry-cdn.com https://*.hotjar.com https://*.cookielaw.org https://*.facebook.net https://*.licdn.com https://*.canny.io https://*.bing.com https://*.tiktok.com https://*.clarity.ms https://*.stripe.com https://*.squarecdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.hs-analytics.net https://js.hscollectedforms.net/collectedforms.js https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.min.js https://*.chilipiper.com https://*.getripe.com https://cdn.segment.com https://assets.holded.com https://assets.holdedstaging.com 'nonce-5bdbc666c82aba820e1020b67589b968';img-src * data: https: blob:;worker-src * data: https: blob:;media-src * data: https: blob:;font-src * data: https:;base-uri 'self';
content-encoding
gzip
referrer-policy
same-origin
via
1.1 google
permissions-policy
accelerometer=(),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 11:34:33 GMT
content-type
image/svg+xml
vary
Accept-Encoding
server
nginx
x-correlationid
5bdbc666c82aba820e1020b67589b968
holded3.png
app.holded.com/assets/img/ 		190 KB
190 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.holded.com/assets/img/holded3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.144.247.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.247.144.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ac4c02cf72e58f028cb50c8c61debc4edf0b7153f34581d80b877742655d57dc
Security Headers
Name Value
Content-Security-Policy default-src 'self';frame-ancestors 'self' https:;connect-src 'self' https: wss: blob:;frame-src * https: blob: data:;style-src * 'unsafe-inline' https:;script-src 'self' https://*.googletagmanager.com https://*.google-analytics.com https://*.intercomcdn.com https://*.intercom.io https://*.amplitude.com https://*.sentry-cdn.com https://*.hotjar.com https://*.cookielaw.org https://*.facebook.net https://*.licdn.com https://*.canny.io https://*.bing.com https://*.tiktok.com https://*.clarity.ms https://*.stripe.com https://*.squarecdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.hs-analytics.net https://js.hscollectedforms.net/collectedforms.js https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.min.js https://*.chilipiper.com https://*.getripe.com https://cdn.segment.com https://assets.holded.com https://assets.holdedstaging.com 'nonce-6943630c99f59946f77714a48e90e97b';img-src * data: https: blob:;worker-src * data: https: blob:;media-src * data: https: blob:;font-src * data: https:;base-uri 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://app.holded.com/

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-security-policy
default-src 'self';frame-ancestors 'self' https:;connect-src 'self' https: wss: blob:;frame-src * https: blob: data:;style-src * 'unsafe-inline' https:;script-src 'self' https://*.googletagmanager.com https://*.google-analytics.com https://*.intercomcdn.com https://*.intercom.io https://*.amplitude.com https://*.sentry-cdn.com https://*.hotjar.com https://*.cookielaw.org https://*.facebook.net https://*.licdn.com https://*.canny.io https://*.bing.com https://*.tiktok.com https://*.clarity.ms https://*.stripe.com https://*.squarecdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.hs-analytics.net https://js.hscollectedforms.net/collectedforms.js https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.min.js https://*.chilipiper.com https://*.getripe.com https://cdn.segment.com https://assets.holded.com https://assets.holdedstaging.com 'nonce-6943630c99f59946f77714a48e90e97b';img-src * data: https: blob:;worker-src * data: https: blob:;media-src * data: https: blob:;font-src * data: https:;base-uri 'self';
referrer-policy
same-origin
via
1.1 google
permissions-policy
accelerometer=(),gyroscope=(),magnetometer=(),microphone=(),payment=(),usb=()
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 11:34:33 GMT
content-type
image/png
server
nginx
x-correlationid
6943630c99f59946f77714a48e90e97b
httpapi
api2.amplitude.com/2/ 		94 B
218 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@sentry-CTCeWF7P.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.164.193.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-193-242.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b0dac1bacc62227f79ccdc26497ae76cd0bd6fb751e4ba0474cbc4221c88a635
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/json

Response headers

strict-transport-security
max-age=15768000
access-control-allow-origin
*
content-length
94
date
Fri, 10 Jan 2025 11:34:35 GMT
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.164.193.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-164-193-242.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.holded.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Fri, 10 Jan 2025 11:34:35 GMT
strict-transport-security
max-age=15768000
vendors~locale-es-json-modern.82e2a483.js
js.intercomcdn.com/ Frame 1DDF 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~locale-es-json-modern.82e2a483.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.046d1ca8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c3bdec06eeb000bd9bba1a196b657a5a6cc0f0ac230b0c1499cebd9b6881dcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
0rg2IiyqBgTXQ5oPuYPCmcdWg8LIOcFj
etag
"4d271b2692fe46c80f8facd6433ad698"
age
1254
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
DAOkWNo__HNDUoKEQl_bqFwSQGgN_ATwV8KsM8ZvEIIBGZnAMUW7_Q==
date
Fri, 10 Jan 2025 11:13:55 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding
last-modified
Thu, 09 Jan 2025 16:15:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
18684
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
ping
api-iam.intercom.io/messenger/web/ Frame 1DDF 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.046d1ca8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.173.227.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-227-161.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e855156f4e4f1840d3d40e63667c9eacdbd6cb6739db917c6b6c79ddd240be64
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer

Response headers

x-request-id
001utei5g43snadicgv0
access-control-expose-headers
x-request-id
content-encoding
gzip
etag
W/"e855156f4e4f1840d3d40e63667c9eac"
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
status
200 OK
date
Fri, 10 Jan 2025 11:34:35 GMT
content-type
application/json; charset=utf-8
vary
Accept,Accept-Encoding
x-runtime
0.229092
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31556952; includeSubDomains; preload
x-request-queueing
1000
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-origin
https://app.holded.com
x-xss-protection
1; mode=block
x-intercom-version
55d2d982988da3653d9e76153ed17831ed96246d
x-ami-version
ami-06edf74bc984d57b5
server
nginx
/
o448960.ingest.sentry.io/api/6142053/envelope/ 		198 B
534 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o448960.ingest.sentry.io/api/6142053/envelope/?sentry_version=7&sentry_key=c452418ab0764a6f97f6f0b27c67def5&sentry_client=sentry.javascript.react%2F8.47.0
Requested by
Host: assets.holded.com
URL: https://assets.holded.com/frontend-next-gen/@sentry-CTCeWF7P.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://app.holded.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-sentry-rate-limits
60:transaction;profile:organization:transaction_usage_exceeded
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
retry-after
60
content-encoding
zstd
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 10 Jan 2025 11:34:36 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers, accept-encoding
server
nginx

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| getCookie object| google_tag_manager object| google_tag_data object| intercomSettings function| Intercom boolean| gtm_loaded object| otEventListeners function| onYouTubeIframeAPIReady object| _sentryDebugIds string| _sentryDebugIdIdentifier object| SENTRY_RELEASE object| __MUI_LICENSE_INFO__ object| __SENTRY__ object| FontAwesomeConfig object| ___FONT_AWESOME___ string| __reactRouterVersion object| DD_LOGS object| OtTrustedType function| __intercomAssignLocation function| __intercomReloadLocation object| amplitudeGTM object| amplitude function| _amplitude object| otStubData object| analyticsConnectorInstances object| Optanon object| OneTrust function| gtag string| OnetrustActiveGroups string| OptanonActiveGroups

11 Cookies

Domain/Path Name / Value
.holded.com/ Name: lang
Value: es
.holded.com/ Name: PHPSESSID
Value: 1cdaa0ff42d8460801a55265c758dabf
.holded.com/ Name: __gtm_user_mrr
Value: undefined
.holded.com/ Name: __gtm_first_int
Value: {"landing_page_cleaned":"https://app.holded.com/","http_referer":"null","landing_date":1736508872769,"utm_medium":"(none)","utm_source":"direct"}
.holded.com/ Name: __gtm_user_name
Value: undefined
.holded.com/ Name: AMP_MKTG_faba0f14b9
Value: JTdCJTdE
.holded.com/ Name: AMP_faba0f14b9
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjIwYmIxY2ViYS05MWE1LTQzNGEtYjEyMS00OWJiYTc0ZGFhMTclMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNzM2NTA4ODczNDc5JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTczNjUwODg3MzQ4NCUyQyUyMmxhc3RFdmVudElkJTIyJTNBMCUyQyUyMnBhZ2VDb3VudGVyJTIyJTNBMCU3RA==
app.holded.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Jan+10+2025+11%3A34%3A33+GMT%2B0000+(hora+est%C3%A1ndar+de+Europa+occidental)&version=202411.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=384a5a9a-f045-4fad-8dc6-7caa87db20ef&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fapp.holded.com%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.holded.com/ Name: intercom-id-gwbpci68
Value: 88a7d650-3c0b-4ce4-aaee-a324f9902d79
.holded.com/ Name: intercom-session-gwbpci68
Value:
.holded.com/ Name: intercom-device-id-gwbpci68
Value: 5b9e4e00-d5e6-4b2a-957e-567aedd6ca92

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://app.holded.com/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://o448960.ingest.sentry.io/api/6142053/envelope/?sentry_version=7&sentry_key=c452418ab0764a6f97f6f0b27c67def5&sentry_client=sentry.javascript.react%2F8.47.0
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self';frame-ancestors 'self' https:;connect-src 'self' https: wss: blob:;frame-src * https: blob: data:;style-src * 'unsafe-inline' https:;script-src 'self' https://*.googletagmanager.com https://*.google-analytics.com https://*.intercomcdn.com https://*.intercom.io https://*.amplitude.com https://*.sentry-cdn.com https://*.hotjar.com https://*.cookielaw.org https://*.facebook.net https://*.licdn.com https://*.canny.io https://*.bing.com https://*.tiktok.com https://*.clarity.ms https://*.stripe.com https://*.squarecdn.com https://*.hs-banner.com https://*.hs-scripts.com https://*.hsleadflows.net https://*.hs-analytics.net https://js.hscollectedforms.net/collectedforms.js https://cdn.mxpnl.com/libs/mixpanel-js-wrapper.min.js https://*.chilipiper.com https://*.getripe.com https://cdn.segment.com https://assets.holded.com https://assets.holdedstaging.com 'nonce-f86198c73a8654e3b49c7a820c28fd8f';img-src * data: https: blob:;worker-src * data: https: blob:;media-src * data: https: blob:;font-src * data: https:;base-uri 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api2.amplitude.com
app.holded.com
assets.holded.com
cdn.amplitude.com
cdn.cookielaw.org
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
js.intercomcdn.com
o448960.ingest.sentry.io
widget.intercom.io
www.googletagmanager.com
108.138.26.50
172.217.16.195
18.245.46.55
18.245.86.4
2606:4700:4400::ac40:9b77
2606:4700::6812:562a
2a00:1450:4001:803::200a
2a00:1450:4001:810::2008
34.120.195.249
34.120.3.106
34.144.247.221
35.164.193.242
54.173.227.161
0911f2ffd8f92d366f43fee3b83ab612f4bb9cf88f7d8d69fa09d7806a9029e8
0bd84498cc72bbe695cc5fe76f04443d9cfbda51d9ef186a5648897147a0ff3f
109022fc85b0dc94a72da0e0f4a27aaa4b0f763f3e1cdf014a573f7031f6ebda
13f82e4e9cda970fe93f11c7e8c8c55ad50aac1bf470ffcd30beb5f1d1ef9553
16603080c9d3e1470aa66b715996d46f19c29294730ae732ca9dc8ffefb8f2ad
182909d51233d8e58235f3be2724a9ee9e61dd5d627d0c8ac3969f7e66ae6a13
1a1a29b7b411db022f4b56a0b653bfbad431366efc8b6be95bc8273d6cf4018d
1b950b377ab9238a6a35eeb8ac661fbfa7b57213d2a0d7aeeaf1e2464626ae07
1c6d544b0e2b1c34395cd073aad0bbcc05ba2ab5bb67369807ace6f13fbabbf9
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
215dceb9394451f5428655fc07a6266644e311ee3ab4a5f34aa65d06205d81a1
3594b9beb8291d05893feda8260c060bfbe88702acc83f3d7b8e6ed350453a79
3719f1f770fed5511f8e48b267113f9dfce1211f39dd2ad4b50d213363b512cc
3795dce606aee51a0282e27d916d56d005b5ffcdcfdc861dfebf5108c6065731
3c7fd35f93c85364b128c8576d3d6c6a4a2ab75388a4fbf11733446ef9ae9b01
3cc2e30a300110e0e056959f389ccffa475ca5c88108e69a14164236b1c5764a
3ccfd8491a4f2101549ea6031091edc3616340f714216323f1f604f674749239
451e5cd03b307e7941a0a9c143b05d5feeb91c800d8c49fa635923f9e3a578d7
4655e533ad6da5ede66cdecab858b982aa1e5db44069a12027430f5de127c0fd
4b15d5a65a7381c0d9c84ef6c5aa3aa35fa1f59f8db7c491f2a9ea7266cdc3e8
4bf769538d66a9dca858f602953dc2b49452dc9221039b4c3e2fe7df8b49b165
4cf37c922368eef0178eb7048ea2f1860f1fb3321eaae039adba706fe3ae0608
4d29fbb109e4d1bd961de01938c52ff4aa4747f02de8e2d48b6f1a6efac6abc5
513e96eb40ff782c94c9b227fc339e242bebc4d1a785921ac5d60cf312d408cb
52e5401f96ca9a7fc38248bf9469bdc7006f53de52d7abfec96f4a39cf665d6d
5726cf782a5d52dae76a16777e1a843ce132eae8ed6ee58823b4b4debd48c2d9
5c3bdec06eeb000bd9bba1a196b657a5a6cc0f0ac230b0c1499cebd9b6881dcc
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61c85bc2b4c24345ac05babebee94131f59a978d5d0fd582cfd67cad5d71adaf
66b17fd420c71bb817a0b1d046c947a3e5acda2c21ae19a5cc4e980e49e6ff70
6853a1e9de5dc713d69cff9591ad8d3ecfb397dcd87d85fc6650550b35f1fa6a
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6f89036df043ab5d9760b31506836d8aa6dcdcfa7a4be7d12d5d80cf43f29e43
7b457b13d71fa682fbdb6988762266daba9ef0a9e858e1e7c26a9d08e868308d
7b75057948c4470b70ba50b4b9992ffdb9baef9eafe966471d7f9ff602344578
7ce8192fe3a3b5d1081f38fe012a3fee32597b6514c3f59241656617c18e63e0
87f23b0ad6dbc1612374945b8ca7eef3c1ddc142434b005a27c9e8c3d0cfc5bf
893dffc95801c30ec0b01666eac5acbf53266567571e2d095a0a5098fcbfa9b6
8aeeee3bbad742a03e52727b9c91ec94c21cfd76a1454c34b409877df2163984
92b8f21b2d7cb0096546104cde8f6393e07d455ae1e79d36c046766513323712
937b8b5e252c3dd64612124e818b85041e13847405d024a819f2575dcfad735a
96e5d645f9c954982bec287327487746855d04900af63ccc688f92db8420648d
a5f8384ad3ca9e492a450699adce2134f16516bde22d90d8f017311780b04cf0
aa9b802517c842d2b273a61895b70e180cd2dae00672bb2995b04b2482779fca
ac4c02cf72e58f028cb50c8c61debc4edf0b7153f34581d80b877742655d57dc
ac649276cbc3655ec3bfdb58e585b2aed072b481685b7bcf7b71a989d021e669
ae29f342c886f7bb3f3e15bfe148c32f3369bd03906f585fa4a3aa7a9b1041b0
b0dac1bacc62227f79ccdc26497ae76cd0bd6fb751e4ba0474cbc4221c88a635
b9d826180a328719057aacd34c466699345698532346f67a37c1507b40b231a7
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bca1afb8df471b6032b2ba258a3d1ff511ca767d0b372d8209887ef3765ed1d7
c00b4edac0e2f8ee93ef0dc496d508f715cf02310b5303e9a33e420d73a261b2
c328f92e807e5029a5b9dedf9e7ea21af51c8fb381a47474827bb3bf3306aadc
ce7f9c5fa857af83001a20740f0c2f393d041ac15f2b6ec35586c3df37f631cd
cefc479d7ce8bf17edf854509bc1b2138c035858ef1c61e21f9bf3173d547058
d3b0b38e939e19c12f37ced45f3c08e174302c064fa4a2ad3818811c71a9d659
d6cf51b127944ecdab59f715656fd7285b9f64a859e7d6153af4b73b4884b577
da550e15858e66ec3f9f551e3e1b5bfe0e0fb46766c03ecd43b059850dda17a1
dc16053e3164f50a89ca936c3c9f3dc8b111991ecd36d003d390131a67eb8d29
deabbdf0b15362f33079d74762792c32bef4da682a29714bbf1fde1c8559deae
e03021bbfb5ae6e1dee9f03d868637c4e90af3fc5f445c520579fe8152521948
e6920c44c84a1d33ef44762a99db8c4486d41800cf25bf843434a9de76e35035
e7646cd4bbda09f86f2873f8177187170d5a9bff71a653515ce8653815a410ee
e855156f4e4f1840d3d40e63667c9eacdbd6cb6739db917c6b6c79ddd240be64
ed99e5bcb38e880759c30995c838b40b099c51d3b8ad9548964a25ab583aff4e
f8cfca285b93fe6a229348b2ba2b5da029c3dd6fa2ea0d24e6c5c06b4fa49d05
fb3eb6a35af40e654c0686cc808082a6daa035fd12f95960258411528718ef74
fb640da7e7fe074fe5fbd5e0bfab6f5fa324119ce7b2dcaa42dc3a2dba4554e3
fd96c95f561020c6cce4fef7df6e58155aa7d7ce000108ea8282b5f1b1dfa3f4
fe4033582908a83fd16fe987676beb8c26bbcd5193f3df61ac486a9545b9c753
fe7899a7108c25daa88c9d581c77bde63b4e2fb380eef6a9a2d94752ac7ff8dd