backoffice.staging.understory.io Open in urlscan Pro
76.76.21.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://admin.staging.understory.io/
Effective URL:
https://backoffice.staging.understory.io/
Submission: On December 05 via api (December 5th 2024, 11:55:05 pm UTC) from US — Scanned from CA

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 39 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is backoffice.staging.understory.io.
TLS certificate: Issued by R10 on December 5th 2024. Valid for: 3 months.

This is the only time backoffice.staging.understory.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:c65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:a8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:d65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:2800:11f... 2606:2800:11f:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	3.33.235.18 3.33.235.18	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
2	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
1	34.246.100.235 34.246.100.235	16509 (AMAZON-02) (AMAZON-02)
5	184.72.183.168 184.72.183.168	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.64.81 108.138.64.81	16509 (AMAZON-02) (AMAZON-02)
2	18.154.227.3 18.154.227.3	16509 (AMAZON-02) (AMAZON-02)
39	15

10 76.76.21.21 (Walnut, United States) 1 redirects

ASN16509 (AMAZON-02, US)

admin.staging.understory.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
backoffice.staging.understory.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:c65 (United States)

ASN13335 (CLOUDFLARENET, US)

js.jam.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:a8b (United States)

ASN13335 (CLOUDFLARENET, US)

load.tthdxkqy.holdbar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d65 (United States)

ASN13335 (CLOUDFLARENET, US)

i.jam.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

policy.app.cookieinformation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.235.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa1ba9bef7b18c265.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

flag.lab.eu.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.100.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-100-235.eu-west-1.compute.amazonaws.com

opjy4le9j4.execute-api.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.72.183.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-183-168.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.64.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-81.iad12.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.154.227.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-3.iad55.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 696 clientstream.launchdarkly.com — Cisco Umbrella Rank: 939 events.launchdarkly.com — Cisco Umbrella Rank: 877	2 KB
10	understory.io 1 redirects admin.staging.understory.io backoffice.staging.understory.io	2 MB
4	cookieinformation.com policy.app.cookieinformation.com — Cisco Umbrella Rank: 33657	41 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2998	287 KB
2	amplitude.com flag.lab.eu.amplitude.com — Cisco Umbrella Rank: 81958	415 B
2	holdbar.com load.tthdxkqy.holdbar.com api.app.staging.holdbar.com Failed	225 KB
2	jam.dev js.jam.dev — Cisco Umbrella Rank: 99206 i.jam.dev — Cisco Umbrella Rank: 105178	89 KB
1	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2266	3 KB
1	amazonaws.com opjy4le9j4.execute-api.eu-west-1.amazonaws.com	234 B
1	gstatic.com fonts.gstatic.com	36 KB
39	11

	Domain	Requested by
9	backoffice.staging.understory.io	backoffice.staging.understory.io
5	events.launchdarkly.com	js.jam.dev
4	policy.app.cookieinformation.com	load.tthdxkqy.holdbar.com js.jam.dev policy.app.cookieinformation.com
4	app.launchdarkly.com	backoffice.staging.understory.io
3	fonts.googleapis.com	backoffice.staging.understory.io
2	js.intercomcdn.com	widget.intercom.io
2	flag.lab.eu.amplitude.com	backoffice.staging.understory.io
2	load.tthdxkqy.holdbar.com	backoffice.staging.understory.io load.tthdxkqy.holdbar.com
1	widget.intercom.io	backoffice.staging.understory.io
1	opjy4le9j4.execute-api.eu-west-1.amazonaws.com	js.jam.dev
1	fonts.gstatic.com	fonts.googleapis.com
1	clientstream.launchdarkly.com	backoffice.staging.understory.io
1	i.jam.dev	js.jam.dev
1	js.jam.dev	backoffice.staging.understory.io
1	admin.staging.understory.io	1 redirects
0	api.app.staging.holdbar.com Failed	js.jam.dev
39	16

This site contains no links.

Subject Issuer	Validity	Valid
backoffice.staging.understory.io R10	`2024-12-05` - `2025-03-05`	3 months	crt.sh
jam.dev WE1	`2024-11-24` - `2025-02-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
load.tthdxkqy.holdbar.com WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
sni9bc9gl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-29` - `2025-01-28`	a year	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M03	`2024-07-16` - `2025-08-14`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.lab.eu.amplitude.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-01` - `2025-07-03`	a year	crt.sh
*.execute-api.eu-west-1.amazonaws.com Amazon RSA 2048 M02	`2024-06-20` - `2025-07-18`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M03	`2024-07-16` - `2025-08-14`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2024-10-31` - `2025-11-28`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://backoffice.staging.understory.io/
Frame ID: EEBFD5B884421CC9FD56E9E44FDBB081
Requests: 30 HTTP requests in this frame

Frame: https://i.jam.dev/support?host_url=https%3A%2F%2Fbackoffice.staging.understory.io%2F
Frame ID: AB7EB7C4DBF80BBA432AF06B3BC50670
Requests: 1 HTTP requests in this frame

Frame: https://policy.app.cookieinformation.com/cookiesharingiframe.html
Frame ID: DBA92EA9A6DD29260969CF12FA828636
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.b2104c8b.js
Frame ID: A1B362F61DA203C3B6AA9278453B93DA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log in - Holdbar

Page URL History Show full URLs

https://admin.staging.understory.io/ HTTP 301
https://backoffice.staging.understory.io/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

39
Requests

95 %
HTTPS

43 %
IPv6

11
Domains

16
Subdomains

15
IPs

2
Countries

2518 kB
Transfer

9322 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://admin.staging.understory.io/ HTTP 301
https://backoffice.staging.understory.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
backoffice.staging.understory.io/
Redirect Chain

https://admin.staging.understory.io/
https://backoffice.staging.understory.io/

3 KB
2 KB

670ms
245ms

Document
text/html

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backoffice.staging.understory.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

da8e2ebdc8509d26becc2706de1eaaf3513850b1f3031217c96d6bc60ad37ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 34597
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 05 Dec 2024 23:54:56 GMT
etag: W/"2f77e33a60d2f3a019c6490e74037b13"
last-modified: Thu, 05 Dec 2024 14:18:18 GMT
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
x-vercel-id: cle1:cle1:cle1::zm6lp-1733442896362-0f5c9cebce9d

Redirect headers

cache-control: public, max-age=0, must-revalidate
content-type: text/html
date: Thu, 05 Dec 2024 23:54:55 GMT
location: https://backoffice.staging.understory.io/
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-id: cle1::cdx6r-1733442895804-d235b30758b2

GET
H2 200 afcef2aa-2925-47a6-9ab0-d479873ee931.js Show response
js.jam.dev/support/ 557 KB
89 KB 916ms
115ms Script
text/javascript 2606:4700::6812:c65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.jam.dev/support/afcef2aa-2925-47a6-9ab0-d479873ee931.js

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

398d7b50f649b6050225f0c573dd8b7e5291edfed6441c6b51523d994a3d7f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: max-age=300, stale-while-revalidate=86400
content-encoding: br
cf-ray: 8ed7f6ddfbe30f9f-EWR
date: Thu, 05 Dec 2024 23:54:57 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
747 B 825ms
104ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Code+Pro&display=swap

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed5da21d7e3be55371162149859bd67ac61e0beccf89beb7d1bd28f9995c6b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 23:54:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 23:54:57 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 05 Dec 2024 22:07:47 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 820ms
99ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;500;600;700&display=swap

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bac2694e8961649fe284300bedf26f4f6cf7937bac6e81f34d426fce078cd06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 23:54:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 23:54:57 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 05 Dec 2024 23:07:47 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 53 KB
3 KB 821ms
101ms Stylesheet
text/css 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=DM+Sans:wght@300;400;500;600;700&family=Montserrat:wght@300;400;500;600;700&family=Arial:wght@300;400;500;600;700&family=Open+Sans:wght@300;400;500;600;700&family=Raleway:wght@300;400;500;600;700&family=Poppins:wght@300;400;500;600;700

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9cd7bd3df89967add705baa70018e916587347bc18529a9c8b3039e9304cf42b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 23:54:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 05 Dec 2024 23:54:57 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 05 Dec 2024 23:54:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 main.8c3cf1e1.js Show response
backoffice.staging.understory.io/static/js/ 6 MB
2 MB 100ms
99ms Script
application/javascript 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backoffice.staging.understory.io/static/js/main.8c3cf1e1.js

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f1b790ee0b1a901020836522785f8e439a08a98e9dd91456ab08d00d76be43a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

strict-transport-security: max-age=63072000
cache-control: s-maxage=31536000, immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"ec7bafd88127ec699bb595afa3cef715"
age: 34597
access-control-allow-origin: *
date: Thu, 05 Dec 2024 23:54:56 GMT
content-disposition: inline; filename="main.8c3cf1e1.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 05 Dec 2024 14:18:19 GMT
x-vercel-id: cle1::ck7qh-1733442896816-c65b75425b90

GET
H2 200 main.7a4bbfc0.css
backoffice.staging.understory.io/static/css/ 75 KB
23 KB 74ms
73ms Stylesheet
text/css 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backoffice.staging.understory.io/static/css/main.7a4bbfc0.css

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9e8bbadd2ec816bebe554fd08c0c6d3d5924d83c286ac471c91e4035d937d947

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

strict-transport-security: max-age=63072000
cache-control: s-maxage=31536000, immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"e27e4ad27cbde835787bdd72022139fe"
age: 34597
access-control-allow-origin: *
date: Thu, 05 Dec 2024 23:54:56 GMT
content-disposition: inline; filename="main.7a4bbfc0.css"
content-type: text/css; charset=utf-8
server: Vercel
last-modified: Thu, 05 Dec 2024 14:18:18 GMT
x-vercel-id: cle1::zxl4s-1733442896776-c8abed11ccf7

GET
H3 200 tthdxkqy.js Show response
load.tthdxkqy.holdbar.com/ 277 KB
93 KB 1519ms
761ms Script
application/javascript 2606:4700:20::681a:a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://load.tthdxkqy.holdbar.com/tthdxkqy.js?st=PQVKVD8

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:a8b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c162c44a34276ba257ea5f83060a75d1f10f332bd525aa9820b920d91cfb0265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 23:54:58 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54474&min_rtt=51999&rtt_var=11830&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4356&recv_bytes=4386&delivery_rate=357&cwnd=12000&unsent_bytes=0&cid=49a456ddd0ede41d&ts=1245&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 05 Dec 2024 23:54:58 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 05 Dec 2024 22:58:26 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Cache-Control
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, max-age=900
x-stape-version: 1.2.0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
referrer-policy: same-origin
cf-ray: 8ed7f6dddefb80d9-EWR
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
x-xss-protection: 1; mode=block
server: cloudflare

OPTIONS
H2 200 6569c5d4213f790ffb6181d2
app.launchdarkly.com/sdk/goals/ Frame 0
0 536ms
118ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/6569c5d4213f790ffb6181d2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://backoffice.staging.understory.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 05 Dec 2024 23:54:58 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yul1970074-YUL
x-timer: S1733442898.332694,VS0,VE18

OPTIONS
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiNTUyYjdlNzAtYjM2NC0xMWVmLWI2M2QtZTU0NWU3MTYxY2RmIn0
app.launchdarkly.com/sdk/evalx/6569c5d4213f790ffb6181d2/contexts/ Frame 0
0 533ms
117ms Preflight 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/6569c5d4213f790ffb6181d2/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiNTUyYjdlNzAtYjM2NC0xMWVmLWI2M2QtZTU0NWU3MTYxY2RmIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://backoffice.staging.understory.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Thu, 05 Dec 2024 23:54:58 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-yul1970074-YUL
x-timer: S1733442898.332716,VS0,VE16

GET
H2 200 6569c5d4213f790ffb6181d2 Show response
app.launchdarkly.com/sdk/goals/ 2 B
177 B 115ms
114ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/6569c5d4213f790ffb6181d2

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/static/js/main.8c3cf1e1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.0.4
Referer: https://backoffice.staging.understory.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent: JSClient/3.1.2

Response headers

content-md5: d751713988987e9331980363e24189ce
access-control-max-age: 300
content-encoding: gzip
etag: "d751713988987e9331980363e24189ce"
age: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-cache: MISS
date: Thu, 05 Dec 2024 23:54:58 GMT
content-type: application/json
x-served-by: cache-yul1970074-YUL
x-cache-hits: 0
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cache-control: max-age=0
x-timer: S1733442898.452991,VS0,VE54
ld-region: us-east-1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiNTUyYjdlNzAtYjM2NC0xMWVmLWI2M2QtZTU0NWU3MTYxY2RmIn0 Show response
app.launchdarkly.com/sdk/evalx/6569c5d4213f790ffb6181d2/contexts/ 5 KB
1014 B 191ms
190ms XHR
application/json 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/6569c5d4213f790ffb6181d2/contexts/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiNTUyYjdlNzAtYjM2NC0xMWVmLWI2M2QtZTU0NWU3MTYxY2RmIn0
Requested by: Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/static/js/main.8c3cf1e1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 296b1620454e11445f6a1130cbb7d9c6262a1d10621a967d480e26adab59f50f

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.0.4
Referer: https://backoffice.staging.understory.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent: JSClient/3.1.2

Response headers

access-control-max-age: 3600
content-encoding: gzip
etag: "67dbb"
age: 0
access-control-allow-methods: OPTIONS, GET
x-cache: MISS
date: Thu, 05 Dec 2024 23:54:58 GMT
content-type: application/json
vary: Authorization, Accept-Encoding
x-served-by: cache-yul1970068-YUL, cache-yul1970074-YUL
x-cache-hits: 0
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
cache-control: max-age=0
x-timer: S1733442898.452995,VS0,VE111
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 648

GET
H2 200 translation.json Show response
backoffice.staging.understory.io/locales/en-US/ 3 KB
2 KB 106ms
105ms Fetch
text/html 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backoffice.staging.understory.io/locales/en-US/translation.json

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/static/js/main.8c3cf1e1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

da8e2ebdc8509d26becc2706de1eaaf3513850b1f3031217c96d6bc60ad37ca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

strict-transport-security: max-age=63072000
cache-control: s-maxage=0
content-encoding: br
x-vercel-cache: HIT
etag: W/"2f77e33a60d2f3a019c6490e74037b13"
age: 32098
access-control-allow-origin: *
date: Thu, 05 Dec 2024 23:54:58 GMT
content-disposition: inline; filename="index.html"
content-type: text/html; charset=utf-8
server: Vercel
last-modified: Thu, 05 Dec 2024 14:59:59 GMT
x-vercel-id: cle1::qghsg-1733442898016-38e4191a6200

GET
H2 200 translation.json Show response
backoffice.staging.understory.io/locales/en/ 176 KB
46 KB 109ms
108ms Fetch
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backoffice.staging.understory.io/locales/en/translation.json

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/static/js/main.8c3cf1e1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c0361a3ed9f87acfc0110640a77a8654ef58cb04629e4449ca7da5d61c0c6be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"0d8c735583d8da312442953763dff580"
age: 32098
access-control-allow-origin: *
date: Thu, 05 Dec 2024 23:54:58 GMT
content-disposition: inline; filename="translation.json"
content-type: application/json; charset=utf-8
server: Vercel
last-modified: Thu, 05 Dec 2024 14:59:59 GMT
x-vercel-id: cle1::nsl5t-1733442898017-248104ae64ad

GET
H2 200 translation.json Show response
backoffice.staging.understory.io/locales/da/ 179 KB
48 KB 113ms
113ms Fetch
application/json 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backoffice.staging.understory.io/locales/da/translation.json

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/static/js/main.8c3cf1e1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

542cf50c65edd96cae4974948bc6c9b7271cb3b01fa997a6b084af8f1f16e8b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"2a734efe92caf25e195c277ab0d04d81"
age: 32098
access-control-allow-origin: *
date: Thu, 05 Dec 2024 23:54:58 GMT
content-disposition: inline; filename="translation.json"
content-type: application/json; charset=utf-8
server: Vercel
last-modified: Thu, 05 Dec 2024 14:59:59 GMT
x-vercel-id: cle1::ck7qh-1733442898018-ac3c01752e9b

GET
H2 200 support
i.jam.dev/ Frame AB7E 0
0 328ms
121ms Document
text/html 2606:4700::6812:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i.jam.dev/support?host_url=https%3A%2F%2Fbackoffice.staging.understory.io%2F

Requested by

Host: js.jam.dev
URL: https://js.jam.dev/support/afcef2aa-2925-47a6-9ab0-d479873ee931.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://backoffice.staging.understory.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=0, must-revalidate
cf-ray: 8ed7f6e3c8281795-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 05 Dec 2024 23:54:58 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 uc.js Show response
policy.app.cookieinformation.com/ 40 KB
41 KB 445ms
150ms Script
application/javascript 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://policy.app.cookieinformation.com/uc.js?language=DA&gcmEnabledByConsentLibrary=false
Requested by: Host: load.tthdxkqy.holdbar.com
URL: https://load.tthdxkqy.holdbar.com/tthdxkqy.js?st=PQVKVD8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2f9f2a0c3f7b65f9d2ad44a2587ca07eff0e1715ad90825466a175f9ca5a9cd8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

content-md5: LbDNynLy3zeTJ50F/wtb5g==
x-robots-tag: noindex, noarchive, nosnippet
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8DD0FAC18F33ED3
expires: Thu, 05 Dec 2024 23:59:58 GMT
date: Thu, 05 Dec 2024 23:54:58 GMT
content-type: application/javascript
last-modified: Thu, 28 Nov 2024 12:56:38 GMT
cache-control: max-age=300
x-ms-request-id: 73417f6e-e01e-007f-7b71-47417b000000
access-control-allow-origin: *
content-length: 41217
x-ms-blob-type: BlockBlob
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H3 200 js Show response
load.tthdxkqy.holdbar.com/gtag/ 405 KB
133 KB 490ms
490ms Script
application/javascript 2606:4700:20::681a:a8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://load.tthdxkqy.holdbar.com/gtag/js?id=G-X3RP4G56LK&l=dataLayer&cx=c&gtm=45He4c40v9104703030za204

Requested by

Host: load.tthdxkqy.holdbar.com
URL: https://load.tthdxkqy.holdbar.com/tthdxkqy.js?st=PQVKVD8

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:a8b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

813cde2137121a70e9d13e7c64fe28e37ec355ae042059956a89f74e3aa2ba66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

x-robots-tag: noindex
content-encoding: br
cf-cache-status: EXPIRED
x-content-type-options: nosniff
expires: Thu, 05 Dec 2024 23:54:58 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=53807&min_rtt=50883&rtt_var=583&sent=100&recv=55&lost=0&retrans=0&sent_bytes=101374&recv_bytes=6592&delivery_rate=956514&cwnd=51600&unsent_bytes=0&cid=49a456ddd0ede41d&ts=1921&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 05 Dec 2024 23:54:58 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 05 Dec 2024 23:54:58 GMT
vary: Accept-Encoding
priority: u=3,i=?0
access-control-allow-headers: Cache-Control
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private, max-age=900
x-stape-version: 1.2.0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
referrer-policy: same-origin
cf-ray: 8ed7f6e3de4680d9-EWR
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiNTUyYjdlNzAtYjM2NC0xMWVmLWI2M2QtZTU0NWU3MTYxY2RmIn0
clientstream.launchdarkly.com/eval/6569c5d4213f790ffb6181d2/ 5 KB
0 379ms
83ms EventSource
text/event-stream 3.33.235.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/6569c5d4213f790ffb6181d2/eyJhbm9ueW1vdXMiOnRydWUsImtpbmQiOiJ1c2VyIiwia2V5IjoiNTUyYjdlNzAtYjM2NC0xMWVmLWI2M2QtZTU0NWU3MTYxY2RmIn0

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.33.235.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aa1ba9bef7b18c265.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Cache-Control: no-cache
Referer: https://backoffice.staging.understory.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/event-stream

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
cache-control: no-cache, no-store, must-revalidate
ld-region: us-east-1
access-control-allow-methods: GET,OPTIONS
accept-ranges: bytes
access-control-allow-origin: *
date: Thu, 05 Dec 2024 23:54:58 GMT
content-type: text/event-stream; charset=utf-8
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET search
api.app.staging.holdbar.com/v1/ 0
0

GET
H3 200 rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v15/ 36 KB
36 KB 207ms
63ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@300;400;500;600;700&family=Montserrat:wght@300;400;500;600;700&family=Arial:wght@300;400;500;600;700&family=Open+Sans:wght@300;400;500;600;700&family=Raleway:wght@300;400;500;600;700&family=Poppins:wght@300;400;500;600;700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://backoffice.staging.understory.io
Referer: https://fonts.googleapis.com/

Response headers

age: 595745
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 29 Nov 2025 02:25:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 29 Nov 2024 02:25:53 GMT
last-modified: Thu, 21 Mar 2024 23:58:47 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 36848
x-xss-protection: 0
server: sffe

OPTIONS
H2 200 flags
flag.lab.eu.amplitude.com/sdk/v2/ Frame 0
0 409ms
110ms Preflight 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://flag.lab.eu.amplitude.com/sdk/v2/flags

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-library
Access-Control-Request-Method: GET
Origin: https://backoffice.staging.understory.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-library
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://backoffice.staging.understory.io
access-control-max-age: 1800
age: 21
cache-control: no-store
content-length: 0
date: Thu, 05 Dec 2024 23:54:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amzn-trace-id: Root=1-67523d3e-7afd471876b793441c3e0527
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-served-by: cache-yul1970032-YUL
x-timer: S1733442899.139522,VS0,VE1

GET
H2 200 flags Show response
flag.lab.eu.amplitude.com/sdk/v2/ 393 B
415 B 450ms
446ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://flag.lab.eu.amplitude.com/sdk/v2/flags

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/static/js/main.8c3cf1e1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ef07e097cb31c67f6beca489c0d0afc4332becfcbd0474ca178eb86c72c7631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Authorization: Api-Key 0f87928e6a4348c0caf12ce1d309ef06
Referer: https://backoffice.staging.understory.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Amp-Exp-Library: experiment-js-client/1.12.3

Response headers

content-encoding: gzip
age: 0
cache-tag: 0f87928e6a4348c0caf12ce1d309ef06
x-content-type-options: nosniff
x-cache: MISS
date: Thu, 05 Dec 2024 23:54:59 GMT
content-type: application/json;charset=utf-8
x-served-by: cache-yul1970032-YUL
x-cache-hits: 0
vary: Origin, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-store
x-timer: S1733442899.251924,VS0,VE392
x-amzn-trace-id: Root=1-67523d53-048ce58b5dddc11b2c83a820
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: https://backoffice.staging.understory.io
content-length: 234

GET /
api.app.staging.holdbar.com/v1/suggestions/ 0
0

GET
H2 401 metrics Show response
opjy4le9j4.execute-api.eu-west-1.amazonaws.com/ 86 B
234 B 1355ms
910ms XHR
application/json 34.246.100.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://opjy4le9j4.execute-api.eu-west-1.amazonaws.com/metrics?from=2024-12-02&to=2024-12-08&experienceIds=
Requested by: Host: js.jam.dev
URL: https://js.jam.dev/support/afcef2aa-2925-47a6-9ab0-d479873ee931.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.246.100.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-100-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c5e73194756bb481110b61cb441d686fe636647947dc1e2ec2053bae65d0898c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://backoffice.staging.understory.io/

Response headers

apigw-requestid: CV6FGhj0joEEMVA=
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 86
date: Thu, 05 Dec 2024 23:55:00 GMT
content-type: application/json

GET
H2 200 holdbar-logo-black.svg
backoffice.staging.understory.io/ 5 KB
2 KB 90ms
90ms Image
image/svg+xml 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://backoffice.staging.understory.io/holdbar-logo-black.svg

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

50aa305808943033517bb9e64c448dfa39bff8b025e7f53c4fb09481bcd16dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/login

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"fa5c3f0ad3793496cc1047e5ef8f318f"
age: 32098
access-control-allow-origin: *
date: Thu, 05 Dec 2024 23:54:58 GMT
content-disposition: inline; filename="holdbar-logo-black.svg"
content-type: image/svg+xml
server: Vercel
last-modified: Thu, 05 Dec 2024 15:00:00 GMT
x-vercel-id: cle1::x9z2x-1733442898882-164751b25bd9

GET
H2 200 en.svg
backoffice.staging.understory.io/flags/svg/ 1 KB
653 B 90ms
90ms Image
image/svg+xml 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://backoffice.staging.understory.io/flags/svg/en.svg

Requested by

Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6935ebe5f78ae23b8666cd1ad4dc931eaa23c91534967946f429539a5dca5c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/login

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"fb367ff4db19ebb3f01b5cb7ad7f7a93"
age: 32098
access-control-allow-origin: *
date: Thu, 05 Dec 2024 23:54:58 GMT
content-disposition: inline; filename="en.svg"
content-type: image/svg+xml
server: Vercel
last-modified: Thu, 05 Dec 2024 15:00:00 GMT
x-vercel-id: cle1::m6pww-1733442898895-82ad4c74efba

GET
H2 404 cabl.json Show response
policy.app.cookieinformation.com/cookie-data/backoffice.staging.understory.io/ 215 B
520 B 615ms
390ms XHR
application/xml 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://policy.app.cookieinformation.com/cookie-data/backoffice.staging.understory.io/cabl.json
Requested by: Host: js.jam.dev
URL: https://js.jam.dev/support/afcef2aa-2925-47a6-9ab0-d479873ee931.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6b236b19d47a20515f4359e34bcc7595db8b7efc64a33f6d3aa5ee7c4b55f3cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=300
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-request-id: 3a356bf9-d01e-0016-5271-477837000000
expires: Thu, 05 Dec 2024 23:59:59 GMT
access-control-allow-origin: *
content-length: 215
date: Thu, 05 Dec 2024 23:54:59 GMT
content-type: application/xml
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 cookiesharingiframe.html
policy.app.cookieinformation.com/ Frame DBA9 0
0 271ms
69ms Document
text/html 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://policy.app.cookieinformation.com/cookiesharingiframe.html
Requested by: Host: policy.app.cookieinformation.com
URL: https://policy.app.cookieinformation.com/uc.js?language=DA&gcmEnabledByConsentLibrary=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nyd/D14C) /
Resource Hash

Request headers

Referer: https://backoffice.staging.understory.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 277
cache-control: max-age=300
content-encoding: gzip
content-length: 2809
content-md5: xqkKVmywb8mz//pJblCHTA==
content-type: text/html
date: Thu, 05 Dec 2024 23:54:59 GMT
etag: 0x8DD0FAC18F3E4EB
expires: Thu, 05 Dec 2024 23:59:59 GMT
last-modified: Thu, 28 Nov 2024 12:56:38 GMT
server: ECAcc (nyd/D14C)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 58af82d8-601e-004e-7670-47a068000000
x-ms-version: 2009-09-19
x-robots-tag: noindex, noarchive, nosnippet

GET
H2 404 da.js
policy.app.cookieinformation.com/a38c7e/backoffice.staging.understory.io/ 0
0 375ms
375ms Script
application/xml 2606:2800:11f:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://policy.app.cookieinformation.com/a38c7e/backoffice.staging.understory.io/da.js
Requested by: Host: policy.app.cookieinformation.com
URL: https://policy.app.cookieinformation.com/uc.js?language=DA&gcmEnabledByConsentLibrary=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

x-robots-tag: noindex, noarchive, nosnippet
cache-control: max-age=300
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-request-id: 9b694d7a-001e-00de-6e71-479a06000000
expires: Thu, 05 Dec 2024 23:59:59 GMT
access-control-allow-origin: *
content-length: 215
date: Thu, 05 Dec 2024 23:54:58 GMT
content-type: application/xml
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

OPTIONS
H2 204 6569c5d4213f790ffb6181d2
events.launchdarkly.com/events/diagnostic/ Frame 0
0 422ms
102ms Preflight 184.72.183.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/6569c5d4213f790ffb6181d2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

184.72.183.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-72-183-168.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://backoffice.staging.understory.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 05 Dec 2024 23:54:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 202 6569c5d4213f790ffb6181d2 Show response
events.launchdarkly.com/events/diagnostic/ 0
358 B 87ms
85ms XHR
application/json 184.72.183.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/6569c5d4213f790ffb6181d2

Requested by

Host: js.jam.dev
URL: https://js.jam.dev/support/afcef2aa-2925-47a6-9ab0-d479873ee931.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

184.72.183.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-72-183-168.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.0.4
Referer: https://backoffice.staging.understory.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent: JSClient/3.1.2
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-expose-headers: Date
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
date: Thu, 05 Dec 2024 23:54:59 GMT
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags

GET
H2 200 bo8t1wpq Show response
widget.intercom.io/widget/ 7 KB
3 KB 400ms
82ms Script
application/javascript 108.138.64.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/bo8t1wpq
Requested by: Host: backoffice.staging.understory.io
URL: https://backoffice.staging.understory.io/static/js/main.8c3cf1e1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.64.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-64-81.iad12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ad73727392ab66bec3e16c496db85c8d0c5a96f173b2f8f199ec35c12e4de63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/

Response headers

content-encoding: gzip
x-amz-version-id: 0M6rSYMxehbhFzCB1TxGysJkeLhINYo1
etag: "c93ea346e25ecafe4219768c0b31ca1f"
age: 153
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: DgsyH_FiTlDxg398UG95l7msMqJSxqaJ8SszOpox2gy2lUW_dS9wRQ==
date: Thu, 05 Dec 2024 23:52:39 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding, Origin
last-modified: Thu, 05 Dec 2024 16:07:24 GMT
cache-control: max-age=300, s-maxage=300, public
cross-origin-resource-policy: cross-origin
via: 1.1 4a91a321d4c2ab7334c6f285093956ae.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2667
x-amz-cf-pop: IAD12-P1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 favicon-black.ico
backoffice.staging.understory.io/ 1 KB
1 KB 90ms
89ms Other
image/vnd.microsoft.icon 76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backoffice.staging.understory.io/favicon-black.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ab6af06f42e9d628c09f1172a1ee7a864234e1e44ee12c53095b3101c69d0326

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://backoffice.staging.understory.io/login

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: HIT
etag: W/"7bab78735fcc1b28b5e9972d0550a971"
age: 32099
access-control-allow-origin: *
date: Thu, 05 Dec 2024 23:54:59 GMT
content-disposition: inline; filename="favicon-black.ico"
content-type: image/vnd.microsoft.icon
server: Vercel
last-modified: Thu, 05 Dec 2024 15:00:00 GMT
x-vercel-id: cle1::x79cm-1733442899394-24f43e025da0

GET
H2 200 frame-modern.b2104c8b.js Show response
js.intercomcdn.com/ Frame A1B3 473 KB
143 KB 668ms
169ms Script
application/javascript 18.154.227.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.b2104c8b.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/bo8t1wpq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-3.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6a24684ccf510214ad5cb95ed33d5cdd3746622d474c3eed50b561326c35913b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: LdJ3z5dt_TFGgeSa4mog62pE3qCGLOz2
etag: "312cb5b85d149d315bd6db8bc2ec1fc5"
age: 6454
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: fyDOAlAYcrX0UzwsT13l8jWz7oECVGv33D0UfyuYIxyxBqMoJM_H8w==
date: Thu, 05 Dec 2024 22:07:27 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
last-modified: Thu, 05 Dec 2024 16:04:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 5d1a51a1eb09caa5b28051dd961c7c40.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 145535
x-amz-cf-pop: IAD55-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor-modern.5c288613.js Show response
js.intercomcdn.com/ Frame A1B3 456 KB
145 KB 586ms
88ms Script
application/javascript 18.154.227.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.5c288613.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/bo8t1wpq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.227.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-227-3.iad55.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ad0e16e3e83936688a11f292ef26cd62ff0b2125053c37e9cc8ac41b24f44342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-amz-version-id: z95Scsk4Tz_u5GQhOUQMNmarK2_MYRKW
etag: "cfcbe890471af67f5140f9f36766a673"
age: 1834
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 21N9keWzRW6zTCP3metaVavnvuVRASI7bRZgzy00pVGYXaGXqg68Sw==
date: Thu, 05 Dec 2024 23:24:27 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
last-modified: Thu, 05 Dec 2024 16:04:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy: cross-origin
via: 1.1 5d1a51a1eb09caa5b28051dd961c7c40.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 147369
x-amz-cf-pop: IAD55-P5
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 202 6569c5d4213f790ffb6181d2 Show response
events.launchdarkly.com/events/bulk/ 0
358 B 137ms
136ms XHR
application/json 184.72.183.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/6569c5d4213f790ffb6181d2

Requested by

Host: js.jam.dev
URL: https://js.jam.dev/support/afcef2aa-2925-47a6-9ab0-d479873ee931.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

184.72.183.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-72-183-168.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.0.4
X-LaunchDarkly-Event-Schema: 4
Referer: https://backoffice.staging.understory.io/
X-LaunchDarkly-Payload-ID: 573dbca0-b364-11ef-b63d-e545e7161cdf
X-LaunchDarkly-User-Agent: JSClient/3.1.2
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-expose-headers: Date
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
date: Thu, 05 Dec 2024 23:55:01 GMT
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags

OPTIONS
H2 204 6569c5d4213f790ffb6181d2
events.launchdarkly.com/events/bulk/ Frame 0
0 69ms
69ms Preflight 184.72.183.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/6569c5d4213f790ffb6181d2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

184.72.183.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-72-183-168.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://backoffice.staging.understory.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Thu, 05 Dec 2024 23:55:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 202 6569c5d4213f790ffb6181d2 Show response
events.launchdarkly.com/events/bulk/ 0
358 B 129ms
128ms XHR
application/json 184.72.183.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/6569c5d4213f790ffb6181d2

Requested by

Host: js.jam.dev
URL: https://js.jam.dev/support/afcef2aa-2925-47a6-9ab0-d479873ee931.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

184.72.183.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-184-72-183-168.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Wrapper: react-client-sdk/3.0.4
X-LaunchDarkly-Event-Schema: 4
Referer: https://backoffice.staging.understory.io/
X-LaunchDarkly-Payload-ID: 586f10b0-b364-11ef-b63d-e545e7161cdf
X-LaunchDarkly-User-Agent: JSClient/3.1.2
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-expose-headers: Date
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
date: Thu, 05 Dec 2024 23:55:03 GMT
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.app.staging.holdbar.com
URL: https://api.app.staging.holdbar.com/v1/search?term=

Domain: api.app.staging.holdbar.com
URL: https://api.app.staging.holdbar.com/v1/suggestions/

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://backoffice.staging.understory.io/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://policy.app.cookieinformation.com/a38c7e/backoffice.staging.understory.io/da.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://policy.app.cookieinformation.com/cookie-data/backoffice.staging.understory.io/cabl.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://opjy4le9j4.execute-api.eu-west-1.amazonaws.com/metrics?from=2024-12-02&to=2024-12-08&experienceIds= Message: Failed to load resource: the server responded with a status of 401 ()
javascript	error	URL: https://backoffice.staging.understory.io/login Message: Access to XMLHttpRequest at 'https://api.app.staging.holdbar.com/v1/search?term=' from origin 'https://backoffice.staging.understory.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.app.staging.holdbar.com/v1/search?term= Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://backoffice.staging.understory.io/login Message: Access to XMLHttpRequest at 'https://api.app.staging.holdbar.com/v1/suggestions/' from origin 'https://backoffice.staging.understory.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.app.staging.holdbar.com/v1/suggestions/ Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.staging.understory.io
api.app.staging.holdbar.com
app.launchdarkly.com
backoffice.staging.understory.io
clientstream.launchdarkly.com
events.launchdarkly.com
flag.lab.eu.amplitude.com
fonts.googleapis.com
fonts.gstatic.com
i.jam.dev
js.intercomcdn.com
js.jam.dev
load.tthdxkqy.holdbar.com
opjy4le9j4.execute-api.eu-west-1.amazonaws.com
policy.app.cookieinformation.com
widget.intercom.io
api.app.staging.holdbar.com
108.138.64.81
151.101.66.132
151.101.66.217
18.154.227.3
184.72.183.168
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:a8b
2606:4700::6812:c65
2606:4700::6812:d65
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::5f
3.33.235.18
34.246.100.235
76.76.21.21
0ad73727392ab66bec3e16c496db85c8d0c5a96f173b2f8f199ec35c12e4de63
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
296b1620454e11445f6a1130cbb7d9c6262a1d10621a967d480e26adab59f50f
2ef07e097cb31c67f6beca489c0d0afc4332becfcbd0474ca178eb86c72c7631
2f9f2a0c3f7b65f9d2ad44a2587ca07eff0e1715ad90825466a175f9ca5a9cd8
398d7b50f649b6050225f0c573dd8b7e5291edfed6441c6b51523d994a3d7f98
4bac2694e8961649fe284300bedf26f4f6cf7937bac6e81f34d426fce078cd06
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50aa305808943033517bb9e64c448dfa39bff8b025e7f53c4fb09481bcd16dd7
542cf50c65edd96cae4974948bc6c9b7271cb3b01fa997a6b084af8f1f16e8b4
6935ebe5f78ae23b8666cd1ad4dc931eaa23c91534967946f429539a5dca5c7d
6a24684ccf510214ad5cb95ed33d5cdd3746622d474c3eed50b561326c35913b
6b236b19d47a20515f4359e34bcc7595db8b7efc64a33f6d3aa5ee7c4b55f3cd
813cde2137121a70e9d13e7c64fe28e37ec355ae042059956a89f74e3aa2ba66
9cd7bd3df89967add705baa70018e916587347bc18529a9c8b3039e9304cf42b
9e8bbadd2ec816bebe554fd08c0c6d3d5924d83c286ac471c91e4035d937d947
ab6af06f42e9d628c09f1172a1ee7a864234e1e44ee12c53095b3101c69d0326
ad0e16e3e83936688a11f292ef26cd62ff0b2125053c37e9cc8ac41b24f44342
c0361a3ed9f87acfc0110640a77a8654ef58cb04629e4449ca7da5d61c0c6be6
c162c44a34276ba257ea5f83060a75d1f10f332bd525aa9820b920d91cfb0265
c5e73194756bb481110b61cb441d686fe636647947dc1e2ec2053bae65d0898c
da8e2ebdc8509d26becc2706de1eaaf3513850b1f3031217c96d6bc60ad37ca7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5da21d7e3be55371162149859bd67ac61e0beccf89beb7d1bd28f9995c6b33
f1b790ee0b1a901020836522785f8e439a08a98e9dd91456ab08d00d76be43a1

backoffice.staging.understory.io Open in urlscan Pro 76.76.21.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

95 %HTTPS

43 %IPv6

11 Domains

16 Subdomains

15 IPs

2 Countries

2518 kBTransfer

9322 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

backoffice.staging.understory.io Open in urlscan Pro
76.76.21.21 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

95 %
HTTPS

43 %
IPv6

11
Domains

16
Subdomains

15
IPs

2
Countries

2518 kB
Transfer

9322 kB
Size

0
Cookies

39 HTTP transactions
0 data transactions