urlscan.io logo urlscan.io
SecurityTrails logo

karwelmassage.janeapp.com Open in urlscan Pro
15.157.219.149  Public Scan

Go To Rescan Add Verdict Report
URL: https://karwelmassage.janeapp.com/
Submission: On August 21 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 28 HTTP transactions. The main IP is 15.157.219.149, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is karwelmassage.janeapp.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on June 3rd 2024. Valid for: a year.
This is the only time karwelmassage.janeapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 15.157.219.149 16509 (AMAZON-02)
20 52.85.61.66 16509 (AMAZON-02)
1 34.120.195.249 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.128.176 54113 (FASTLY)
1 151.101.64.176 ()
28 7
3    15.157.219.149 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-157-219-149.ca-central-1.compute.amazonaws.com
karwelmassage.janeapp.com
20    52.85.61.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-66.ewr53.r.cloudfront.net
assets-jane-cac1-1.janeapp.net
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o4505290921410560.ingest.sentry.io
2    2607:f8b0:4006:806::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    151.101.64.176 (None, )

ASN- ()
js.stripe.com
Apex Domain
Subdomains		 Transfer
20 janeapp.net
assets-jane-cac1-1.janeapp.net
2 MB
3 janeapp.com
karwelmassage.janeapp.com
174 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
156 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
3 KB
1 sentry.io
o4505290921410560.ingest.sentry.io — Cisco Umbrella Rank: 224632
299 B
28 5
Domain Requested by
20 assets-jane-cac1-1.janeapp.net karwelmassage.janeapp.com
assets-jane-cac1-1.janeapp.net
3 karwelmassage.janeapp.com karwelmassage.janeapp.com
assets-jane-cac1-1.janeapp.net
2 js.stripe.com assets-jane-cac1-1.janeapp.net
js.stripe.com
2 fonts.googleapis.com assets-jane-cac1-1.janeapp.net
1 o4505290921410560.ingest.sentry.io assets-jane-cac1-1.janeapp.net
28 5

This site contains links to these domains. Also see Links.

Domain
jane.app
Subject Issuer Validity Valid
*.janeapp.net
Amazon RSA 2048 M03		 2024-06-03 -
2025-07-02		 a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-07-23 -
2024-10-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://karwelmassage.janeapp.com/
Frame ID: E644192DAE04EF67C3CBFFF107865365
Requests: 28 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: BC62CF01B8D9B0FF429266A083A22730
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Book Online | karwel massage therapy

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

28
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

5
Subdomains

7
IPs

2
Countries

2683 kB
Transfer

11144 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
karwelmassage.janeapp.com/ 		145 KB
150 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.157.219.149 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-157-219-149.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
be59b3cc13324a40159bd025dce60cd739501101397af59c005ce8bc84b8271a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; child-src 'self'; connect-src 'self' properties https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net wss://*.janeapp.com wss://*.janeapp.co.uk wss://*.janeapp.com.au wss://*.janeapp.net https://jane.app https://jane.statuspage.io https://icanhazdadjoke.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.googleapis.com https://d3hb14vkzrxvla.cloudfront.net https://beaconapi.helpscout.net https://chatapi.helpscout.net wss://*.pusher.com https://sockjs-helpscout.pusher.com https://edge.fullstory.com/ https://rs.fullstory.com/ https://*.sentry.io https://rum.browser-intake-datadoghq.com/ https://logs.browser-intake-datadoghq.com/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com https://*.device.stripe-terminal-local-reader.net:4443/protojsonservice/JackRabbitService https://*.stripe.com https://qrcode-monkey.p.rapidapi.com/ https://*.launchdarkly.com/ https://*.commandbar.com/ https://*.google.com https://*.google.com.au https://*.google.ca https://*.google.co.uk https://s3-ca-central-1.amazonaws.com/jane-files-ca/ https://s3-eu-west-2.amazonaws.com/jane-files-gb/ https://s3-ap-southeast-2.amazonaws.com/jane-files-au/ https://s3-us-west-2.amazonaws.com/jane-files-us/ https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.sendbird.com; font-src 'self' data: https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.gstatic.com https://*.typekit.net/ https://*.gstatic.com/ https://*.hotjar.com; form-action 'self' auth.janeapp.com https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://connect.stripe.com https://*.physitrack.com https://*.mailchimp.com janeapp://*; frame-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://*.stripe.com https://player.vimeo.com https://*.appcues.com https://td.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net https://*.commandbar.com/; img-src * data: blob: 'unsafe-inline'; manifest-src 'self' https://assets-jane-cac1-1.janeapp.net; media-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net data: jane-files-ca.s3.ca-central-1.amazonaws.com jane-files-gb.s3.eu-west-2.amazonaws.com jane-files-au.s3.ap-southeast-2.amazonaws.com jane-files-us.s3.us-west-2.amazonaws.com ca-east-data-transfers-1.s3.ca-central-1.amazonaws.com ca-east-data-transfers-2.s3.ca-central-1.amazonaws.com ca-east-data-transfers-3.s3.ca-central-1.amazonaws.com jane-west1-backup.s3.ca-central-1.amazonaws.com https://beacon-v2.helpscout.net https://*.gstatic.com/ https://*.commandbar.com/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://maps.googleapis.com https://*.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://www.google.com/ https://www.gstatic.com/ https://*.stripe.com https://*.helpscout.net https://www.datadoghq-browser-agent.com/datadog-logs.js https://fullstory.com/ https://edge.fullstory.com/ https://*.googletagmanager.com https://*.appcues.com https://*.appcues.net https://cdn.rudderlabs.com/ https://*.commandbar.com/ https://*.hotjar.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.googleapis.com https://fonts.google.com https://*.appcues.com https://*.appcues.net https://beacon-v2.helpscout.net https://*.googletagmanager.com https://www.gstatic.com/ https://*.typekit.net https://*.commandbar.com/ https://*.hotjar.com; worker-src 'self' blob:; report-uri /csp_report
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-security-policy
default-src 'none'; base-uri 'self'; child-src 'self'; connect-src 'self' properties https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net wss://*.janeapp.com wss://*.janeapp.co.uk wss://*.janeapp.com.au wss://*.janeapp.net https://jane.app https://jane.statuspage.io https://icanhazdadjoke.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.googleapis.com https://d3hb14vkzrxvla.cloudfront.net https://beaconapi.helpscout.net https://chatapi.helpscout.net wss://*.pusher.com https://sockjs-helpscout.pusher.com https://edge.fullstory.com/ https://rs.fullstory.com/ https://*.sentry.io https://rum.browser-intake-datadoghq.com/ https://logs.browser-intake-datadoghq.com/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com https://*.device.stripe-terminal-local-reader.net:4443/protojsonservice/JackRabbitService https://*.stripe.com https://qrcode-monkey.p.rapidapi.com/ https://*.launchdarkly.com/ https://*.commandbar.com/ https://*.google.com https://*.google.com.au https://*.google.ca https://*.google.co.uk https://s3-ca-central-1.amazonaws.com/jane-files-ca/ https://s3-eu-west-2.amazonaws.com/jane-files-gb/ https://s3-ap-southeast-2.amazonaws.com/jane-files-au/ https://s3-us-west-2.amazonaws.com/jane-files-us/ https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.sendbird.com; font-src 'self' data: https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.gstatic.com https://*.typekit.net/ https://*.gstatic.com/ https://*.hotjar.com; form-action 'self' auth.janeapp.com https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://connect.stripe.com https://*.physitrack.com https://*.mailchimp.com janeapp://*; frame-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://*.stripe.com https://player.vimeo.com https://*.appcues.com https://td.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net https://*.commandbar.com/; img-src * data: blob: 'unsafe-inline'; manifest-src 'self' https://assets-jane-cac1-1.janeapp.net; media-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net data: jane-files-ca.s3.ca-central-1.amazonaws.com jane-files-gb.s3.eu-west-2.amazonaws.com jane-files-au.s3.ap-southeast-2.amazonaws.com jane-files-us.s3.us-west-2.amazonaws.com ca-east-data-transfers-1.s3.ca-central-1.amazonaws.com ca-east-data-transfers-2.s3.ca-central-1.amazonaws.com ca-east-data-transfers-3.s3.ca-central-1.amazonaws.com jane-west1-backup.s3.ca-central-1.amazonaws.com https://beacon-v2.helpscout.net https://*.gstatic.com/ https://*.commandbar.com/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://maps.googleapis.com https://*.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://www.google.com/ https://www.gstatic.com/ https://*.stripe.com https://*.helpscout.net https://www.datadoghq-browser-agent.com/datadog-logs.js https://fullstory.com/ https://edge.fullstory.com/ https://*.googletagmanager.com https://*.appcues.com https://*.appcues.net https://cdn.rudderlabs.com/ https://*.commandbar.com/ https://*.hotjar.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.googleapis.com https://fonts.google.com https://*.appcues.com https://*.appcues.net https://beacon-v2.helpscout.net https://*.googletagmanager.com https://www.gstatic.com/ https://*.typekit.net https://*.commandbar.com/ https://*.hotjar.com; worker-src 'self' blob:; report-uri /csp_report
content-type
text/html; charset=utf-8
date
Wed, 21 Aug 2024 18:48:22 GMT
etag
W/"be59b3cc13324a40159bd025dce60cd7"
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
strict-transport-security
max-age=31556952; includeSubDomains
x-content-type-options
nosniff
x-jane-version
{"current":"6.3.476","unobtrusive":"6.3.299","immediate":"6.3.449","minimum":"4.18.252"}
x-jane-version-compatibility
"unsupported"
x-request-id
a9827107-bdcb-4429-b0c4-3047eb42a1b6
x-robots-tag
all
x-runtime
0.110406
x-xss-protection
1; mode=block
core_js_polyfills-277f54535c98b71ea847.js
assets-jane-cac1-1.janeapp.net/assets/ 		176 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/core_js_polyfills-277f54535c98b71ea847.js
Requested by
Host: karwelmassage.janeapp.com
URL: https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01e8d534c487d2911244e6cec20c5aeef6c108c3dbf0669dd2c448a6be79a69e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 26 Jul 2024 15:47:28 GMT
x-amz-version-id
KTiaCGoPkzDpwL_ZJ8zmWV0Z.z7xLI5Y
content-encoding
br
x-content-type-options
nosniff
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
2257255
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 26 Jun 2024 15:36:29 GMT
server
AmazonS3
etag
W/"4f1f691d5e59045a6a5033dd28c976ac"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=315569520
x-amz-cf-id
rFMvMHe6j8m7KWoxoscMXYFkyU9mbl1GKMjmjKS85Q29xYrGvAnoXg==
monitoring-1ca32ba1df263ca9cb50.js
assets-jane-cac1-1.janeapp.net/assets/ 		2 MB
280 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/monitoring-1ca32ba1df263ca9cb50.js
Requested by
Host: karwelmassage.janeapp.com
URL: https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6334e60c6496c484adfca40ea5c36076d2983994f0bd80b7a2fb82f89182cd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 20:10:30 GMT
x-amz-version-id
jGyF7aidtuLVQVKDzyp7iVJGwnpvU.YQ
content-encoding
br
x-content-type-options
nosniff
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
1204673
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 07 Aug 2024 20:03:41 GMT
server
AmazonS3
etag
W/"4ca28da07f5d295208387c45b2df6fe3"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=315569520
x-amz-cf-id
LDpWgbs7Id1MwBK8QSNBrTUYtigUbHrpd9ylH0xX6PMbHxcOWjiQpg==
vendor_styles-461423004cb492fe97b9.css
assets-jane-cac1-1.janeapp.net/assets/ 		287 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/vendor_styles-461423004cb492fe97b9.css
Requested by
Host: karwelmassage.janeapp.com
URL: https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f35372f49909c99828532d34ece3fc1f5b14f7eb22375b3d241445d572aba9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 17:04:34 GMT
x-amz-version-id
9YjMTGpX5sK9PJLK3dh5euob7a4KLYgJ
content-encoding
br
x-content-type-options
nosniff
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
6229
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 21 Aug 2024 17:01:32 GMT
server
AmazonS3
etag
W/"c13dc4a1409544a0606b1833ec6b1626"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=315569520
x-amz-cf-id
Dkn6HEBkdUf6AHRCxI6n1EfojuprIN1xKj5N7smO64g4lbMB-Fsl5w==
application_styles-461423004cb492fe97b9.css
assets-jane-cac1-1.janeapp.net/assets/ 		452 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/application_styles-461423004cb492fe97b9.css
Requested by
Host: karwelmassage.janeapp.com
URL: https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f0f40fad366e53ba3ac58cc4cae562524c2f5e7f952fc85a1d7ed5837a47b3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 17:04:34 GMT
x-amz-version-id
z2HNeO2__c4H8fIqTGi.hjtj24xBedBB
content-encoding
br
x-content-type-options
nosniff
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
6229
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 21 Aug 2024 17:01:31 GMT
server
AmazonS3
etag
W/"475a07c8a1a92b0ac041131a4c5437c1"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=315569520
x-amz-cf-id
InFJDBrpj87B9ogiL4iCodWp18LQ4GmPeqpL72G2_EAx11XLNMs12A==
public-461423004cb492fe97b9.css
assets-jane-cac1-1.janeapp.net/assets/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/public-461423004cb492fe97b9.css
Requested by
Host: karwelmassage.janeapp.com
URL: https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53c808e65df6fe4088e2a50ba5639d5300ac469243f2312351216211cb2da678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 17:04:34 GMT
x-amz-version-id
y91LNwvBX5_9rJrXNKIXy2Xc999LhaN3
content-encoding
br
x-content-type-options
nosniff
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
6229
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 21 Aug 2024 17:01:32 GMT
server
AmazonS3
etag
W/"e858412747456fa225496b2736c4f41a"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=315569520
x-amz-cf-id
H11N7h4Q-YInlGliLsJ1ZNi1ynemGedDvBdJI8TQgdZaVRZY35M2HA==
vendor_public-461423004cb492fe97b9.css
assets-jane-cac1-1.janeapp.net/assets/ 		341 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/vendor_public-461423004cb492fe97b9.css
Requested by
Host: karwelmassage.janeapp.com
URL: https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a21e77b802d77c4af86284c3161a9824a02ad71857d1b315ab030748454e6d49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 17:04:34 GMT
x-amz-version-id
.Bpr1DRjXI4hard3YVzY1gZZagNao3PW
content-encoding
br
x-content-type-options
nosniff
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
6229
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 21 Aug 2024 17:01:32 GMT
server
AmazonS3
etag
W/"6c7b510240feda49f6e0993d67308596"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=315569520
x-amz-cf-id
-ZS9mDRAW0bpKetf2qwKVueSZ1BjOafKoUbaCslA5U92mnj97bKhHQ==
styles.css
karwelmassage.janeapp.com/ 		16 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://karwelmassage.janeapp.com/styles.css
Requested by
Host: karwelmassage.janeapp.com
URL: https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.157.219.149 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-157-219-149.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
6427803a61fbf0900a35f17b039f9241427a2aa00277c74cbb19db958acb3d04
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; child-src 'self'; connect-src 'self' properties https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net wss://*.janeapp.com wss://*.janeapp.co.uk wss://*.janeapp.com.au wss://*.janeapp.net https://jane.app https://jane.statuspage.io https://icanhazdadjoke.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.googleapis.com https://d3hb14vkzrxvla.cloudfront.net https://beaconapi.helpscout.net https://chatapi.helpscout.net wss://*.pusher.com https://sockjs-helpscout.pusher.com https://edge.fullstory.com/ https://rs.fullstory.com/ https://*.sentry.io https://rum.browser-intake-datadoghq.com/ https://logs.browser-intake-datadoghq.com/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com https://*.device.stripe-terminal-local-reader.net:4443/protojsonservice/JackRabbitService https://*.stripe.com https://qrcode-monkey.p.rapidapi.com/ https://*.launchdarkly.com/ https://*.commandbar.com/ https://*.google.com https://*.google.com.au https://*.google.ca https://*.google.co.uk https://s3-ca-central-1.amazonaws.com/jane-files-ca/ https://s3-eu-west-2.amazonaws.com/jane-files-gb/ https://s3-ap-southeast-2.amazonaws.com/jane-files-au/ https://s3-us-west-2.amazonaws.com/jane-files-us/ https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.sendbird.com; font-src 'self' data: https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.gstatic.com https://*.typekit.net/ https://*.gstatic.com/ https://*.hotjar.com; form-action 'self' auth.janeapp.com https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://connect.stripe.com https://*.physitrack.com https://*.mailchimp.com janeapp://*; frame-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://*.stripe.com https://player.vimeo.com https://*.appcues.com https://td.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net https://*.commandbar.com/; img-src * data: blob: 'unsafe-inline'; manifest-src 'self' https://assets-jane-cac1-1.janeapp.net; media-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net data: jane-files-ca.s3.ca-central-1.amazonaws.com jane-files-gb.s3.eu-west-2.amazonaws.com jane-files-au.s3.ap-southeast-2.amazonaws.com jane-files-us.s3.us-west-2.amazonaws.com ca-east-data-transfers-1.s3.ca-central-1.amazonaws.com ca-east-data-transfers-2.s3.ca-central-1.amazonaws.com ca-east-data-transfers-3.s3.ca-central-1.amazonaws.com jane-west1-backup.s3.ca-central-1.amazonaws.com https://beacon-v2.helpscout.net https://*.gstatic.com/ https://*.commandbar.com/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://maps.googleapis.com https://*.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://www.google.com/ https://www.gstatic.com/ https://*.stripe.com https://*.helpscout.net https://www.datadoghq-browser-agent.com/datadog-logs.js https://fullstory.com/ https://edge.fullstory.com/ https://*.googletagmanager.com https://*.appcues.com https://*.appcues.net https://cdn.rudderlabs.com/ https://*.commandbar.com/ https://*.hotjar.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.googleapis.com https://fonts.google.com https://*.appcues.com https://*.appcues.net https://beacon-v2.helpscout.net https://*.googletagmanager.com https://www.gstatic.com/ https://*.typekit.net https://*.commandbar.com/ https://*.hotjar.com; worker-src 'self' blob:; report-uri /csp_report
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-runtime
0.044622
date
Wed, 21 Aug 2024 18:48:22 GMT
strict-transport-security
max-age=31556952; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy
default-src 'none'; base-uri 'self'; child-src 'self'; connect-src 'self' properties https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net wss://*.janeapp.com wss://*.janeapp.co.uk wss://*.janeapp.com.au wss://*.janeapp.net https://jane.app https://jane.statuspage.io https://icanhazdadjoke.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.googleapis.com https://d3hb14vkzrxvla.cloudfront.net https://beaconapi.helpscout.net https://chatapi.helpscout.net wss://*.pusher.com https://sockjs-helpscout.pusher.com https://edge.fullstory.com/ https://rs.fullstory.com/ https://*.sentry.io https://rum.browser-intake-datadoghq.com/ https://logs.browser-intake-datadoghq.com/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com https://*.device.stripe-terminal-local-reader.net:4443/protojsonservice/JackRabbitService https://*.stripe.com https://qrcode-monkey.p.rapidapi.com/ https://*.launchdarkly.com/ https://*.commandbar.com/ https://*.google.com https://*.google.com.au https://*.google.ca https://*.google.co.uk https://s3-ca-central-1.amazonaws.com/jane-files-ca/ https://s3-eu-west-2.amazonaws.com/jane-files-gb/ https://s3-ap-southeast-2.amazonaws.com/jane-files-au/ https://s3-us-west-2.amazonaws.com/jane-files-us/ https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.sendbird.com; font-src 'self' data: https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.gstatic.com https://*.typekit.net/ https://*.gstatic.com/ https://*.hotjar.com; form-action 'self' auth.janeapp.com https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://connect.stripe.com https://*.physitrack.com https://*.mailchimp.com janeapp://*; frame-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://*.stripe.com https://player.vimeo.com https://*.appcues.com https://td.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net https://*.commandbar.com/; img-src * data: blob: 'unsafe-inline'; manifest-src 'self' https://assets-jane-cac1-1.janeapp.net; media-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net data: jane-files-ca.s3.ca-central-1.amazonaws.com jane-files-gb.s3.eu-west-2.amazonaws.com jane-files-au.s3.ap-southeast-2.amazonaws.com jane-files-us.s3.us-west-2.amazonaws.com ca-east-data-transfers-1.s3.ca-central-1.amazonaws.com ca-east-data-transfers-2.s3.ca-central-1.amazonaws.com ca-east-data-transfers-3.s3.ca-central-1.amazonaws.com jane-west1-backup.s3.ca-central-1.amazonaws.com https://beacon-v2.helpscout.net https://*.gstatic.com/ https://*.commandbar.com/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://maps.googleapis.com https://*.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://www.google.com/ https://www.gstatic.com/ https://*.stripe.com https://*.helpscout.net https://www.datadoghq-browser-agent.com/datadog-logs.js https://fullstory.com/ https://edge.fullstory.com/ https://*.googletagmanager.com https://*.appcues.com https://*.appcues.net https://cdn.rudderlabs.com/ https://*.commandbar.com/ https://*.hotjar.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.googleapis.com https://fonts.google.com https://*.appcues.com https://*.appcues.net https://beacon-v2.helpscout.net https://*.googletagmanager.com https://www.gstatic.com/ https://*.typekit.net https://*.commandbar.com/ https://*.hotjar.com; worker-src 'self' blob:; report-uri /csp_report
etag
W/"6427803a61fbf0900a35f17b039f9241"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
cache-control
max-age=0, private, must-revalidate
x-jane-version
{"current":"6.3.476","unobtrusive":"6.3.299","immediate":"6.3.449","minimum":"4.18.252"}
x-jane-version-compatibility
"unsupported"
x-robots-tag
all
x-xss-protection
1; mode=block
x-request-id
7f37602f-8ff3-47b1-928a-002af3a586cc
W1siZiIsImRyYWdvbmZseS85MDA1L3VzZXIvcGhvdG8vMjAxOS0wNS0yOS8xOTUwNDQvNTdkNjhkYTMtMGVjOC00NDkwLTgxMmUtNmU4M2E3NDJiYzlhL3NoYXJhaXNpZW1lbnNwaG90by00OS5qcGciXSxbInAiLCJ0aHVtYiIsIjE5MngyMjgjIl1d
assets-jane-cac1-1.janeapp.net/pub/ 		66 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jane-cac1-1.janeapp.net/pub/W1siZiIsImRyYWdvbmZseS85MDA1L3VzZXIvcGhvdG8vMjAxOS0wNS0yOS8xOTUwNDQvNTdkNjhkYTMtMGVjOC00NDkwLTgxMmUtNmU4M2E3NDJiYzlhL3NoYXJhaXNpZW1lbnNwaG90by00OS5qcGciXSxbInAiLCJ0aHVtYiIsIjE5MngyMjgjIl1d?sha=5bcd336e4807c8a7&for=karwelmassage.janeapp.com
Requested by
Host: karwelmassage.janeapp.com
URL: https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
/
Resource Hash
5c2050e6366913994866e5471104a2b46054dd06012577968553a13be5a12904
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 18:48:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
content-security-policy-report-only
default-src 'none'; base-uri 'self'; child-src 'self'; connect-src 'self' properties https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net wss://*.janeapp.com wss://*.janeapp.co.uk wss://*.janeapp.com.au wss://*.janeapp.net https://jane.app https://jane.statuspage.io https://icanhazdadjoke.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.googleapis.com https://d3hb14vkzrxvla.cloudfront.net https://beaconapi.helpscout.net https://chatapi.helpscout.net wss://*.pusher.com https://sockjs-helpscout.pusher.com https://edge.fullstory.com/ https://rs.fullstory.com/ https://*.sentry.io https://rum.browser-intake-datadoghq.com/ https://logs.browser-intake-datadoghq.com/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com https://*.device.stripe-terminal-local-reader.net:4443/protojsonservice/JackRabbitService https://*.stripe.com https://qrcode-monkey.p.rapidapi.com/ https://*.launchdarkly.com/ https://*.commandbar.com/ https://*.google.com https://*.google.com.au https://*.google.ca https://*.google.co.uk https://s3-ca-central-1.amazonaws.com/jane-files-ca/ https://s3-eu-west-2.amazonaws.com/jane-files-gb/ https://s3-ap-southeast-2.amazonaws.com/jane-files-au/ https://s3-us-west-2.amazonaws.com/jane-files-us/ https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.sendbird.com; font-src 'self' data: https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.gstatic.com https://*.typekit.net/ https://*.gstatic.com/ https://*.hotjar.com; form-action 'self' auth.janeapp.com https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://connect.stripe.com https://*.physitrack.com https://*.mailchimp.com janeapp://*; frame-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://*.stripe.com https://player.vimeo.com https://*.appcues.com https://td.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net https://*.commandbar.com/; img-src * data: blob: 'unsafe-inline'; manifest-src 'self' https://assets-jane-cac1-1.janeapp.net; media-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net data: jane-files-ca.s3.ca-central-1.amazonaws.com jane-files-gb.s3.eu-west-2.amazonaws.com jane-files-au.s3.ap-southeast-2.amazonaws.com jane-files-us.s3.us-west-2.amazonaws.com ca-east-data-transfers-1.s3.ca-central-1.amazonaws.com ca-east-data-transfers-2.s3.ca-central-1.amazonaws.com ca-east-data-transfers-3.s3.ca-central-1.amazonaws.com jane-west1-backup.s3.ca-central-1.amazonaws.com https://beacon-v2.helpscout.net https://*.gstatic.com/ https://*.commandbar.com/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://maps.googleapis.com https://*.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://www.google.com/ https://www.gstatic.com/ https://*.stripe.com https://*.helpscout.net https://www.datadoghq-browser-agent.com/datadog-logs.js https://fullstory.com/ https://edge.fullstory.com/ https://*.googletagmanager.com https://*.appcues.com https://*.appcues.net https://cdn.rudderlabs.com/ https://*.commandbar.com/ https://*.hotjar.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.googleapis.com https://fonts.google.com https://*.appcues.com https://*.appcues.net https://beacon-v2.helpscout.net https://*.googletagmanager.com https://www.gstatic.com/ https://*.typekit.net https://*.commandbar.com/ https://*.hotjar.com; worker-src 'self' blob:; report-uri /csp_report
x-cache
Miss from cloudfront
content-disposition
filename="sharaisiemensphoto-49.jpg"
content-length
67151
x-xss-protection
1; mode=block
x-request-id
fcba9556-c6d2-4bae-bba1-e6cd9f45d91d
x-runtime
1.008634
referrer-policy
strict-origin-when-cross-origin
etag
"ecac18d42fc42d7efd059a608f2bd66dad1e6812"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-id
OvBApkNxFmjO-LrUKTtSvkNUip9t73fzhgF3Tsv-kAEOMtahxoGa7w==
empty-state-booking-af03cd9a8955b0eaffd6635d492dec57fe3b13f63c7e54ba15a1557ed3f5e2c5.png
assets-jane-cac1-1.janeapp.net/assets/EmptyState/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/EmptyState/empty-state-booking-af03cd9a8955b0eaffd6635d492dec57fe3b13f63c7e54ba15a1557ed3f5e2c5.png
Requested by
Host: karwelmassage.janeapp.com
URL: https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af03cd9a8955b0eaffd6635d492dec57fe3b13f63c7e54ba15a1557ed3f5e2c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 11:16:28 GMT
x-amz-version-id
UqHumbMAk8YOm8v4JnNMYUuN8PnCHydg
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
459115
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
16096
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 18:22:30 GMT
server
AmazonS3
etag
"edd4fd8f35611fe59d13ae45ba2e75b8"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
cache-control
public, max-age=315569520
accept-ranges
bytes
x-amz-cf-id
vxwblVAvTH8LvHwbjRhtpIFf4p8uc6nJAoEa5wbXv33eSDDZDltIEA==
vendor_public-fca3d7c67130b8d53d79.js
assets-jane-cac1-1.janeapp.net/assets/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/vendor_public-fca3d7c67130b8d53d79.js
Requested by
Host: karwelmassage.janeapp.com
URL: https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
798d4394b9c5e12af56c53a2d8d633be95c17f60dde83ad14e0739f6dbd5ae09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
Origin
https://karwelmassage.janeapp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 17:35:38 GMT
x-amz-version-id
4qGjTOkt4jg3UxN_c6JaH.woBHnduDg.
content-encoding
br
x-content-type-options
nosniff
via
1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
177166
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 19 Aug 2024 17:27:18 GMT
server
AmazonS3
etag
W/"4f43066889006db12dd5d7d10e011102"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://karwelmassage.janeapp.com
cache-control
public, max-age=315569520
x-amz-cf-id
RXwfxow53zYvWQrpy1zk-gKVMOM0fqRUFQ-j60Df7d3XHtaq-XxWOA==
public-404fd26094059708ebb9.js
assets-jane-cac1-1.janeapp.net/assets/ 		1 MB
277 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/public-404fd26094059708ebb9.js
Requested by
Host: karwelmassage.janeapp.com
URL: https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f11c034ac86d1e7495efdb71d2141c5460999f0bfd18533fb9d2b6c51e00552
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
Origin
https://karwelmassage.janeapp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 17:04:34 GMT
x-amz-version-id
kfroR0rszfr1Sx9FruP2_J1tA.q60WH3
content-encoding
br
x-content-type-options
nosniff
via
1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
6230
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 21 Aug 2024 17:01:32 GMT
server
AmazonS3
etag
W/"1dba6d7d4134dbe65ea841d20ed18e41"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
https://karwelmassage.janeapp.com
cache-control
public, max-age=315569520
x-amz-cf-id
DaumgTIfFshyBhaGDlDu3sf251RA819kwyb4Abm23hMkuiQnhWHvyg==
en.js
assets-jane-cac1-1.janeapp.net/javascripts/i18n/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/javascripts/i18n/en.js?v=6.3.476
Requested by
Host: karwelmassage.janeapp.com
URL: https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
/
Resource Hash
0f54e3b4acc470bae4dd8f70c07701580ac1feed0c2d42e53ddcdb8c575c68af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 17:04:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-amz-cf-pop
EWR53-P1
age
6251
content-security-policy-report-only
default-src 'none'; base-uri 'self'; child-src 'self'; connect-src 'self' properties https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net wss://*.janeapp.com wss://*.janeapp.co.uk wss://*.janeapp.com.au wss://*.janeapp.net https://jane.app https://jane.statuspage.io https://icanhazdadjoke.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.googleapis.com https://d3hb14vkzrxvla.cloudfront.net https://beaconapi.helpscout.net https://chatapi.helpscout.net wss://*.pusher.com https://sockjs-helpscout.pusher.com https://edge.fullstory.com/ https://rs.fullstory.com/ https://*.sentry.io https://rum.browser-intake-datadoghq.com/ https://logs.browser-intake-datadoghq.com/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com https://*.device.stripe-terminal-local-reader.net:4443/protojsonservice/JackRabbitService https://*.stripe.com https://qrcode-monkey.p.rapidapi.com/ https://*.launchdarkly.com/ https://*.commandbar.com/ https://*.google.com https://*.google.com.au https://*.google.ca https://*.google.co.uk https://s3-ca-central-1.amazonaws.com/jane-files-ca/ https://s3-eu-west-2.amazonaws.com/jane-files-gb/ https://s3-ap-southeast-2.amazonaws.com/jane-files-au/ https://s3-us-west-2.amazonaws.com/jane-files-us/ https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.sendbird.com; font-src 'self' data: https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.gstatic.com https://*.typekit.net/ https://*.gstatic.com/ https://*.hotjar.com; form-action 'self' auth.janeapp.com https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://connect.stripe.com https://*.physitrack.com https://*.mailchimp.com janeapp://*; frame-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://*.stripe.com https://player.vimeo.com https://*.appcues.com https://td.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net https://*.commandbar.com/; img-src * data: blob: 'unsafe-inline'; manifest-src 'self' https://assets-jane-cac1-1.janeapp.net; media-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net data: jane-files-ca.s3.ca-central-1.amazonaws.com jane-files-gb.s3.eu-west-2.amazonaws.com jane-files-au.s3.ap-southeast-2.amazonaws.com jane-files-us.s3.us-west-2.amazonaws.com ca-east-data-transfers-1.s3.ca-central-1.amazonaws.com ca-east-data-transfers-2.s3.ca-central-1.amazonaws.com ca-east-data-transfers-3.s3.ca-central-1.amazonaws.com jane-west1-backup.s3.ca-central-1.amazonaws.com https://beacon-v2.helpscout.net https://*.gstatic.com/ https://*.commandbar.com/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://maps.googleapis.com https://*.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://www.google.com/ https://www.gstatic.com/ https://*.stripe.com https://*.helpscout.net https://www.datadoghq-browser-agent.com/datadog-logs.js https://fullstory.com/ https://edge.fullstory.com/ https://*.googletagmanager.com https://*.appcues.com https://*.appcues.net https://cdn.rudderlabs.com/ https://*.commandbar.com/ https://*.hotjar.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.googleapis.com https://fonts.google.com https://*.appcues.com https://*.appcues.net https://beacon-v2.helpscout.net https://*.googletagmanager.com https://www.gstatic.com/ https://*.typekit.net https://*.commandbar.com/ https://*.hotjar.com; worker-src 'self' blob:; report-uri /csp_report
x-cache
Hit from cloudfront
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 20 Aug 2024 22:26:38 GMT
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=315569520
x-amz-cf-id
wXeUclsa6XUfbngjQO9rf_obyUCLHCL7rN6_q-RN-NSxMsKNENQz4A==
/
o4505290921410560.ingest.sentry.io/api/4505291008311296/envelope/ 		2 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4505290921410560.ingest.sentry.io/api/4505291008311296/envelope/?sentry_key=0a2411dd501e4441a1f4a27ebdb0b309&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.116.0
Requested by
Host: assets-jane-cac1-1.janeapp.net
URL: https://assets-jane-cac1-1.janeapp.net/assets/monitoring-1ca32ba1df263ca9cb50.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 21 Aug 2024 18:48:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap
Requested by
Host: assets-jane-cac1-1.janeapp.net
URL: https://assets-jane-cac1-1.janeapp.net/assets/vendor_public-461423004cb492fe97b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://assets-jane-cac1-1.janeapp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Aug 2024 18:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 21 Aug 2024 17:20:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Aug 2024 18:48:24 GMT
css
fonts.googleapis.com/ 		7 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,600,700&display=swap
Requested by
Host: assets-jane-cac1-1.janeapp.net
URL: https://assets-jane-cac1-1.janeapp.net/assets/vendor_public-461423004cb492fe97b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dd4346a722f73229419ca5e2a2902f05f182a432adb7eea2fad34ce01b8e4ba7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://assets-jane-cac1-1.janeapp.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Aug 2024 18:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 21 Aug 2024 17:22:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Aug 2024 18:48:24 GMT
truncated
/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
997c2e298a8d14c9d64bda1cc72fe351e894160a631148129f8c8beea25e62ce

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
img/png
bg-gradient-38002f3b52e3788e66764182aca85a79.jpg
assets-jane-cac1-1.janeapp.net/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/bg-gradient-38002f3b52e3788e66764182aca85a79.jpg
Requested by
Host: assets-jane-cac1-1.janeapp.net
URL: https://assets-jane-cac1-1.janeapp.net/assets/application_styles-461423004cb492fe97b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5fa644a716cd85b46d1ed48ae749af7af0fa8f88241afc83640cd6a58d9e4c49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets-jane-cac1-1.janeapp.net/assets/application_styles-461423004cb492fe97b9.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
JYuQ5qjaV_Lsudke73_7yMW11iNSsgnR
date
Mon, 19 Aug 2024 00:51:40 GMT
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
237406
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1512
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 18:22:32 GMT
server
AmazonS3
etag
"38002f3b52e3788e66764182aca85a79"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=315569520
accept-ranges
bytes
x-amz-cf-id
jvFJZC6Nhb8sn1Ssb-bQpO_DpgVnmnch1XZ3zwxfH7Q4SZk_n_aLvw==
tag-Booking-by-Jane-App-16248e38fc18bc88f65af6a28ca892da.png
assets-jane-cac1-1.janeapp.net/assets/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/tag-Booking-by-Jane-App-16248e38fc18bc88f65af6a28ca892da.png
Requested by
Host: assets-jane-cac1-1.janeapp.net
URL: https://assets-jane-cac1-1.janeapp.net/assets/application_styles-461423004cb492fe97b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14f28a18838e1aceeda071b377b4ae2e845b9fb8e0ae409a7977522c17f56ea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets-jane-cac1-1.janeapp.net/assets/application_styles-461423004cb492fe97b9.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 00:57:05 GMT
x-amz-version-id
WEZ3sgFd4EsEnIE3c5Ke35UYQuQe8QYr
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
1360281
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6487
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 18:22:41 GMT
server
AmazonS3
etag
"16248e38fc18bc88f65af6a28ca892da"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
cache-control
public, max-age=315569520
accept-ranges
bytes
x-amz-cf-id
0uoypTGklJ_0SdH3SPDg-F_YQdbMcmpO9pMcosTkE8DyaYruxVJp0g==
tag-See-Jane-Run-Your-Practice-dace492658ba48878a23205643013cf3.png
assets-jane-cac1-1.janeapp.net/assets/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/tag-See-Jane-Run-Your-Practice-dace492658ba48878a23205643013cf3.png
Requested by
Host: assets-jane-cac1-1.janeapp.net
URL: https://assets-jane-cac1-1.janeapp.net/assets/application_styles-461423004cb492fe97b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c69f25c3fb45191988ba01423acc6796f7adf26b77db35302f0d6c129e379d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets-jane-cac1-1.janeapp.net/assets/application_styles-461423004cb492fe97b9.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
hMBpCTX67vUUARZHh42O3Tsfp4cH74cq
date
Tue, 20 Aug 2024 16:48:39 GMT
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
837451
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7204
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 18:22:41 GMT
server
AmazonS3
etag
"dace492658ba48878a23205643013cf3"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/png
cache-control
public, max-age=315569520
accept-ranges
bytes
x-amz-cf-id
DeZuncQ9ffK-rtc9Bvo3Hv7Ue7r-k3hGPcqpC3IUwtCkyy6jqDkZfQ==
proximanova-janesymbols-webfont-0b731ef8fcb05b6db8a28f48861ac7f2.woff2
assets-jane-cac1-1.janeapp.net/assets/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/proximanova-janesymbols-webfont-0b731ef8fcb05b6db8a28f48861ac7f2.woff2
Requested by
Host: assets-jane-cac1-1.janeapp.net
URL: https://assets-jane-cac1-1.janeapp.net/assets/vendor_styles-461423004cb492fe97b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94d20fee76c5e85925714b500fa29c86d48cab6d631de813eed365f8ea5ac5e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets-jane-cac1-1.janeapp.net/assets/vendor_styles-461423004cb492fe97b9.css
Origin
https://karwelmassage.janeapp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 09:59:03 GMT
x-amz-version-id
.tiiZd4rugZw8rin6Bbfbem4Zj4tkmGm
via
1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
463764
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
62736
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 18:22:38 GMT
server
AmazonS3
etag
"0b731ef8fcb05b6db8a28f48861ac7f2"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
font/woff2
access-control-allow-origin
https://karwelmassage.janeapp.com
cache-control
public, max-age=315569520
accept-ranges
bytes
x-amz-cf-id
SieRBq8p4xd1kA0h-yEy6R_YR4DjcfTMGpb-Hmn5md5ipVFqfZWPKw==
proximanova-sbold-webfont-7eba3f452f880fac74a78dc786892f76.woff2
assets-jane-cac1-1.janeapp.net/assets/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/proximanova-sbold-webfont-7eba3f452f880fac74a78dc786892f76.woff2
Requested by
Host: assets-jane-cac1-1.janeapp.net
URL: https://assets-jane-cac1-1.janeapp.net/assets/vendor_styles-461423004cb492fe97b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84f66802127df1e175ba95fe6247800e01367efbe122a484b975718fe495c7b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets-jane-cac1-1.janeapp.net/assets/vendor_styles-461423004cb492fe97b9.css
Origin
https://karwelmassage.janeapp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 07:06:36 GMT
x-amz-version-id
_LzDjpHqqaWAhIRb9TT.2LDvE35Z.6e3
via
1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
906111
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
43680
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 18:22:39 GMT
server
AmazonS3
etag
"7eba3f452f880fac74a78dc786892f76"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
font/woff2
access-control-allow-origin
https://karwelmassage.janeapp.com
cache-control
public, max-age=315569520
accept-ranges
bytes
x-amz-cf-id
DJxK0Aa9LAdIO_2TPvCASBIXFrams0wEXZPtl6FuXHSH8ZkDHkyBzQ==
proximanova-thin-webfont-af5e269a608cbc1a49696c81fdcb922e.woff2
assets-jane-cac1-1.janeapp.net/assets/ 		41 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/proximanova-thin-webfont-af5e269a608cbc1a49696c81fdcb922e.woff2
Requested by
Host: assets-jane-cac1-1.janeapp.net
URL: https://assets-jane-cac1-1.janeapp.net/assets/vendor_styles-461423004cb492fe97b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
/
Resource Hash
e3809eac1e4f60764ae8950b6a6b8223587bcdce0c961f02e7d775abb5cc8a4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets-jane-cac1-1.janeapp.net/assets/vendor_styles-461423004cb492fe97b9.css
Origin
https://karwelmassage.janeapp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 14 Aug 2024 14:09:51 GMT
x-content-type-options
nosniff
via
1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
age
621516
content-security-policy-report-only
default-src 'none'; base-uri 'self'; child-src 'self'; connect-src 'self' properties https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net wss://*.janeapp.com wss://*.janeapp.co.uk wss://*.janeapp.com.au wss://*.janeapp.net https://jane.app https://jane.statuspage.io https://icanhazdadjoke.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.googleapis.com https://d3hb14vkzrxvla.cloudfront.net https://beaconapi.helpscout.net https://chatapi.helpscout.net wss://*.pusher.com https://sockjs-helpscout.pusher.com https://edge.fullstory.com/ https://rs.fullstory.com/ https://*.sentry.io https://rum.browser-intake-datadoghq.com/ https://logs.browser-intake-datadoghq.com/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com https://*.device.stripe-terminal-local-reader.net:4443/protojsonservice/JackRabbitService https://*.stripe.com https://qrcode-monkey.p.rapidapi.com/ https://*.launchdarkly.com/ https://*.commandbar.com/ https://*.google.com https://*.google.com.au https://*.google.ca https://*.google.co.uk https://s3-ca-central-1.amazonaws.com/jane-files-ca/ https://s3-eu-west-2.amazonaws.com/jane-files-gb/ https://s3-ap-southeast-2.amazonaws.com/jane-files-au/ https://s3-us-west-2.amazonaws.com/jane-files-us/ https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com; font-src 'self' data: https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.gstatic.com https://*.typekit.net/ https://*.gstatic.com/ https://*.hotjar.com; form-action 'self' auth.janeapp.com https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://connect.stripe.com https://*.physitrack.com https://*.mailchimp.com janeapp://*; frame-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://*.stripe.com https://player.vimeo.com https://*.appcues.com https://td.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net https://*.commandbar.com/; img-src * data: blob: 'unsafe-inline'; manifest-src 'self' https://assets-jane-cac1-1.janeapp.net; media-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net data: jane-files-ca.s3.ca-central-1.amazonaws.com jane-files-gb.s3.eu-west-2.amazonaws.com jane-files-au.s3.ap-southeast-2.amazonaws.com jane-files-us.s3.us-west-2.amazonaws.com ca-east-data-transfers-1.s3.ca-central-1.amazonaws.com ca-east-data-transfers-2.s3.ca-central-1.amazonaws.com ca-east-data-transfers-3.s3.ca-central-1.amazonaws.com jane-west1-backup.s3.ca-central-1.amazonaws.com https://beacon-v2.helpscout.net https://*.gstatic.com/ https://*.commandbar.com/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://maps.googleapis.com https://*.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://www.google.com/ https://www.gstatic.com/ https://*.stripe.com https://*.helpscout.net https://www.datadoghq-browser-agent.com/datadog-logs.js https://fullstory.com/ https://edge.fullstory.com/ https://*.googletagmanager.com https://*.appcues.com https://*.appcues.net https://cdn.rudderlabs.com/ https://*.commandbar.com/ https://*.hotjar.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.googleapis.com https://fonts.google.com https://*.appcues.com https://*.appcues.net https://beacon-v2.helpscout.net https://*.googletagmanager.com https://www.gstatic.com/ https://*.typekit.net https://*.commandbar.com/ https://*.hotjar.com; worker-src 'self' blob:; report-uri /csp_report
x-cache
Hit from cloudfront
content-length
41964
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 12 Jul 2024 18:04:57 GMT
etag
"af5e269a608cbc1a49696c81fdcb922e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
https://karwelmassage.janeapp.com
cache-control
public, max-age=315569520
x-amz-cf-id
GsP4s3H-5VcygRnoe0jHqy19Qj_qh3j96eUCbOhq0ap9P9MzjkoUNw==
fa-solid-900-aab07e68e20ba82d4daf78ae09777bb3.woff2
assets-jane-cac1-1.janeapp.net/assets/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/assets/fa-solid-900-aab07e68e20ba82d4daf78ae09777bb3.woff2
Requested by
Host: assets-jane-cac1-1.janeapp.net
URL: https://assets-jane-cac1-1.janeapp.net/assets/vendor_styles-461423004cb492fe97b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07a40ad412a5d99f955c5b8d1690be15fe3e0d5deba550ac5ba5ecba4c69a466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets-jane-cac1-1.janeapp.net/assets/vendor_styles-461423004cb492fe97b9.css
Origin
https://karwelmassage.janeapp.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 12 Aug 2024 15:36:00 GMT
x-amz-version-id
Ju8Y5tNwPC1IOUGFXUXHieVi2SEKRHCg
via
1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-P1
age
789147
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
18524
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Jun 2024 18:22:35 GMT
server
AmazonS3
etag
"aab07e68e20ba82d4daf78ae09777bb3"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
font/woff2
access-control-allow-origin
https://karwelmassage.janeapp.com
cache-control
public, max-age=315569520
accept-ranges
bytes
x-amz-cf-id
pObhsZYjR-Q6mARh6fa9eyOA-1BUhAJIQgRJF_0STyLgtpQjFq4w4Q==
v3
js.stripe.com/ 		644 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: assets-jane-cac1-1.janeapp.net
URL: https://assets-jane-cac1-1.janeapp.net/assets/vendor_public-fca3d7c67130b8d53d79.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
65d3f15a19d21935405d9b65392ed1cf8d434c18561e2d5eb1bd19bf47a8d241
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 21 Aug 2024 18:48:27 GMT
via
1.1 varnish
age
8
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
159534
x-request-id
b27afc0e-b94a-4694-8ee2-40dfb1c94b06
x-served-by
cache-yul1970035-YUL
last-modified
Wed, 21 Aug 2024 17:55:40 GMT
server
Fastly
etag
"1ff10994ad2fce02efc5ad25804af186"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
5
feature_flags
karwelmassage.janeapp.com/api/v3/ 		656 B
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://karwelmassage.janeapp.com/api/v3/feature_flags
Requested by
Host: assets-jane-cac1-1.janeapp.net
URL: https://assets-jane-cac1-1.janeapp.net/assets/monitoring-1ca32ba1df263ca9cb50.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.157.219.149 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-157-219-149.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
3277a896fa34daeb3945183704e2c0468a683c8e56575d6931490a4d16acd151
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; child-src 'self'; connect-src 'self' properties https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net wss://*.janeapp.com wss://*.janeapp.co.uk wss://*.janeapp.com.au wss://*.janeapp.net https://jane.app https://jane.statuspage.io https://icanhazdadjoke.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.googleapis.com https://d3hb14vkzrxvla.cloudfront.net https://beaconapi.helpscout.net https://chatapi.helpscout.net wss://*.pusher.com https://sockjs-helpscout.pusher.com https://edge.fullstory.com/ https://rs.fullstory.com/ https://*.sentry.io https://rum.browser-intake-datadoghq.com/ https://logs.browser-intake-datadoghq.com/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com https://*.device.stripe-terminal-local-reader.net:4443/protojsonservice/JackRabbitService https://*.stripe.com https://qrcode-monkey.p.rapidapi.com/ https://*.launchdarkly.com/ https://*.commandbar.com/ https://*.google.com https://*.google.com.au https://*.google.ca https://*.google.co.uk https://s3-ca-central-1.amazonaws.com/jane-files-ca/ https://s3-eu-west-2.amazonaws.com/jane-files-gb/ https://s3-ap-southeast-2.amazonaws.com/jane-files-au/ https://s3-us-west-2.amazonaws.com/jane-files-us/ https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.sendbird.com; font-src 'self' data: https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.gstatic.com https://*.typekit.net/ https://*.gstatic.com/ https://*.hotjar.com; form-action 'self' auth.janeapp.com https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://connect.stripe.com https://*.physitrack.com https://*.mailchimp.com janeapp://*; frame-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://*.stripe.com https://player.vimeo.com https://*.appcues.com https://td.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net https://*.commandbar.com/; img-src * data: blob: 'unsafe-inline'; manifest-src 'self' https://assets-jane-cac1-1.janeapp.net; media-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net data: jane-files-ca.s3.ca-central-1.amazonaws.com jane-files-gb.s3.eu-west-2.amazonaws.com jane-files-au.s3.ap-southeast-2.amazonaws.com jane-files-us.s3.us-west-2.amazonaws.com ca-east-data-transfers-1.s3.ca-central-1.amazonaws.com ca-east-data-transfers-2.s3.ca-central-1.amazonaws.com ca-east-data-transfers-3.s3.ca-central-1.amazonaws.com jane-west1-backup.s3.ca-central-1.amazonaws.com https://beacon-v2.helpscout.net https://*.gstatic.com/ https://*.commandbar.com/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://maps.googleapis.com https://*.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://www.google.com/ https://www.gstatic.com/ https://*.stripe.com https://*.helpscout.net https://www.datadoghq-browser-agent.com/datadog-logs.js https://fullstory.com/ https://edge.fullstory.com/ https://*.googletagmanager.com https://*.appcues.com https://*.appcues.net https://cdn.rudderlabs.com/ https://*.commandbar.com/ https://*.hotjar.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.googleapis.com https://fonts.google.com https://*.appcues.com https://*.appcues.net https://beacon-v2.helpscout.net https://*.googletagmanager.com https://www.gstatic.com/ https://*.typekit.net https://*.commandbar.com/ https://*.hotjar.com; worker-src 'self' blob:; report-uri /csp_report
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-CSRF-Token
FJRR+1NWRnzGYXGYo1C4ooRYbbnoc8WhyVTSsaBA2v7K9cpdAHuD2lBttno3fvIjkPJaVPjL3EQYChmjNhKGSQ==
X-Uses-Timezone
true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://karwelmassage.janeapp.com/
X-Jane-Version
v6.3.476
baggage
sentry-environment=production,sentry-release=v6.3.476,sentry-public_key=0a2411dd501e4441a1f4a27ebdb0b309,sentry-trace_id=5c570abd363340f0862f370a290ef159,sentry-sampled=false
sentry-trace
5c570abd363340f0862f370a290ef159-a7caa010af8532a4-0
Browser-Session-ID

Response headers

date
Wed, 21 Aug 2024 18:48:26 GMT
strict-transport-security
max-age=31556952; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'none'; base-uri 'self'; child-src 'self'; connect-src 'self' properties https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net wss://*.janeapp.com wss://*.janeapp.co.uk wss://*.janeapp.com.au wss://*.janeapp.net https://jane.app https://jane.statuspage.io https://icanhazdadjoke.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.googleapis.com https://d3hb14vkzrxvla.cloudfront.net https://beaconapi.helpscout.net https://chatapi.helpscout.net wss://*.pusher.com https://sockjs-helpscout.pusher.com https://edge.fullstory.com/ https://rs.fullstory.com/ https://*.sentry.io https://rum.browser-intake-datadoghq.com/ https://logs.browser-intake-datadoghq.com/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com https://*.device.stripe-terminal-local-reader.net:4443/protojsonservice/JackRabbitService https://*.stripe.com https://qrcode-monkey.p.rapidapi.com/ https://*.launchdarkly.com/ https://*.commandbar.com/ https://*.google.com https://*.google.com.au https://*.google.ca https://*.google.co.uk https://s3-ca-central-1.amazonaws.com/jane-files-ca/ https://s3-eu-west-2.amazonaws.com/jane-files-gb/ https://s3-ap-southeast-2.amazonaws.com/jane-files-au/ https://s3-us-west-2.amazonaws.com/jane-files-us/ https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.sendbird.com; font-src 'self' data: https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.gstatic.com https://*.typekit.net/ https://*.gstatic.com/ https://*.hotjar.com; form-action 'self' auth.janeapp.com https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://connect.stripe.com https://*.physitrack.com https://*.mailchimp.com janeapp://*; frame-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://*.stripe.com https://player.vimeo.com https://*.appcues.com https://td.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net https://*.commandbar.com/; img-src * data: blob: 'unsafe-inline'; manifest-src 'self' https://assets-jane-cac1-1.janeapp.net; media-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net data: jane-files-ca.s3.ca-central-1.amazonaws.com jane-files-gb.s3.eu-west-2.amazonaws.com jane-files-au.s3.ap-southeast-2.amazonaws.com jane-files-us.s3.us-west-2.amazonaws.com ca-east-data-transfers-1.s3.ca-central-1.amazonaws.com ca-east-data-transfers-2.s3.ca-central-1.amazonaws.com ca-east-data-transfers-3.s3.ca-central-1.amazonaws.com jane-west1-backup.s3.ca-central-1.amazonaws.com https://beacon-v2.helpscout.net https://*.gstatic.com/ https://*.commandbar.com/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://maps.googleapis.com https://*.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://www.google.com/ https://www.gstatic.com/ https://*.stripe.com https://*.helpscout.net https://www.datadoghq-browser-agent.com/datadog-logs.js https://fullstory.com/ https://edge.fullstory.com/ https://*.googletagmanager.com https://*.appcues.com https://*.appcues.net https://cdn.rudderlabs.com/ https://*.commandbar.com/ https://*.hotjar.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.googleapis.com https://fonts.google.com https://*.appcues.com https://*.appcues.net https://beacon-v2.helpscout.net https://*.googletagmanager.com https://www.gstatic.com/ https://*.typekit.net https://*.commandbar.com/ https://*.hotjar.com; worker-src 'self' blob:; report-uri /csp_report
x-xss-protection
1; mode=block
x-request-id
7295ea9b-d1c8-42b1-bc3c-c04a8998b21e
x-runtime
0.052600
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
etag
W/"3277a896fa34daeb3945183704e2c046"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
max-age=0, private, must-revalidate
x-jane-version
{"current":"6.3.476","unobtrusive":"6.3.299","immediate":"6.3.449","minimum":"4.18.252"}
x-jane-version-compatibility
"latest"
x-robots-tag
all
W1siZiIsImRyYWdvbmZseS85MDA1L3VzZXIvcGhvdG8vMjAxOS0wNS0yOS8xOTUwNDQvNTdkNjhkYTMtMGVjOC00NDkwLTgxMmUtNmU4M2E3NDJiYzlhL3NoYXJhaXNpZW1lbnNwaG90by00OS5qcGciXSxbInAiLCJ0aHVtYiIsIjIwMHgyNjAjIl1d
assets-jane-cac1-1.janeapp.net/pub/ 		68 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jane-cac1-1.janeapp.net/pub/W1siZiIsImRyYWdvbmZseS85MDA1L3VzZXIvcGhvdG8vMjAxOS0wNS0yOS8xOTUwNDQvNTdkNjhkYTMtMGVjOC00NDkwLTgxMmUtNmU4M2E3NDJiYzlhL3NoYXJhaXNpZW1lbnNwaG90by00OS5qcGciXSxbInAiLCJ0aHVtYiIsIjIwMHgyNjAjIl1d?sha=114b458445170017&amp;for=karwelmassage.janeapp.com
Requested by
Host: karwelmassage.janeapp.com
URL: https://karwelmassage.janeapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
/
Resource Hash
8f0b65a4b786d70591b85f67e51f7425420886f9dd8bd5508a6ad2e87f02ed41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 21 Aug 2024 18:48:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
content-security-policy-report-only
default-src 'none'; base-uri 'self'; child-src 'self'; connect-src 'self' properties https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net wss://*.janeapp.com wss://*.janeapp.co.uk wss://*.janeapp.com.au wss://*.janeapp.net https://jane.app https://jane.statuspage.io https://icanhazdadjoke.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.googleapis.com https://d3hb14vkzrxvla.cloudfront.net https://beaconapi.helpscout.net https://chatapi.helpscout.net wss://*.pusher.com https://sockjs-helpscout.pusher.com https://edge.fullstory.com/ https://rs.fullstory.com/ https://*.sentry.io https://rum.browser-intake-datadoghq.com/ https://logs.browser-intake-datadoghq.com/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com https://*.device.stripe-terminal-local-reader.net:4443/protojsonservice/JackRabbitService https://*.stripe.com https://qrcode-monkey.p.rapidapi.com/ https://*.launchdarkly.com/ https://*.commandbar.com/ https://*.google.com https://*.google.com.au https://*.google.ca https://*.google.co.uk https://s3-ca-central-1.amazonaws.com/jane-files-ca/ https://s3-eu-west-2.amazonaws.com/jane-files-gb/ https://s3-ap-southeast-2.amazonaws.com/jane-files-au/ https://s3-us-west-2.amazonaws.com/jane-files-us/ https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.sendbird.com; font-src 'self' data: https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.gstatic.com https://*.typekit.net/ https://*.gstatic.com/ https://*.hotjar.com; form-action 'self' auth.janeapp.com https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://connect.stripe.com https://*.physitrack.com https://*.mailchimp.com janeapp://*; frame-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://*.stripe.com https://player.vimeo.com https://*.appcues.com https://td.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net https://*.commandbar.com/; img-src * data: blob: 'unsafe-inline'; manifest-src 'self' https://assets-jane-cac1-1.janeapp.net; media-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net data: jane-files-ca.s3.ca-central-1.amazonaws.com jane-files-gb.s3.eu-west-2.amazonaws.com jane-files-au.s3.ap-southeast-2.amazonaws.com jane-files-us.s3.us-west-2.amazonaws.com ca-east-data-transfers-1.s3.ca-central-1.amazonaws.com ca-east-data-transfers-2.s3.ca-central-1.amazonaws.com ca-east-data-transfers-3.s3.ca-central-1.amazonaws.com jane-west1-backup.s3.ca-central-1.amazonaws.com https://beacon-v2.helpscout.net https://*.gstatic.com/ https://*.commandbar.com/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://maps.googleapis.com https://*.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://www.google.com/ https://www.gstatic.com/ https://*.stripe.com https://*.helpscout.net https://www.datadoghq-browser-agent.com/datadog-logs.js https://fullstory.com/ https://edge.fullstory.com/ https://*.googletagmanager.com https://*.appcues.com https://*.appcues.net https://cdn.rudderlabs.com/ https://*.commandbar.com/ https://*.hotjar.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.googleapis.com https://fonts.google.com https://*.appcues.com https://*.appcues.net https://beacon-v2.helpscout.net https://*.googletagmanager.com https://www.gstatic.com/ https://*.typekit.net https://*.commandbar.com/ https://*.hotjar.com; worker-src 'self' blob:; report-uri /csp_report
x-cache
Miss from cloudfront
content-disposition
filename="sharaisiemensphoto-49.jpg"
content-length
69216
x-xss-protection
1; mode=block
x-request-id
cdcf09ea-792f-4872-81cb-41a2d0b1d381
x-runtime
0.836615
referrer-policy
strict-origin-when-cross-origin
etag
"ed01fe3c10fb40aa258e23132f2b63dcd92f0c44"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=31536000
x-amz-cf-id
CmjJAR8X4memNESv0jhFd95vkVmCv5VexNuMzENdWVB5exYWVOXJJg==
favicon.ico
assets-jane-cac1-1.janeapp.net/favicons/ 		15 KB
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://assets-jane-cac1-1.janeapp.net/favicons/favicon.ico?v=20170325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-66.ewr53.r.cloudfront.net
Software
/
Resource Hash
e98809faa88be33133590cbf33352ae61242ae5d6e58dcf362be13b97fbbe52b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://karwelmassage.janeapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 15 Aug 2024 08:04:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
age
557059
content-security-policy-report-only
default-src 'none'; base-uri 'self'; child-src 'self'; connect-src 'self' properties https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net wss://*.janeapp.com wss://*.janeapp.co.uk wss://*.janeapp.com.au wss://*.janeapp.net https://jane.app https://jane.statuspage.io https://icanhazdadjoke.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.googleapis.com https://d3hb14vkzrxvla.cloudfront.net https://beaconapi.helpscout.net https://chatapi.helpscout.net wss://*.pusher.com https://sockjs-helpscout.pusher.com https://edge.fullstory.com/ https://rs.fullstory.com/ https://*.sentry.io https://rum.browser-intake-datadoghq.com/ https://logs.browser-intake-datadoghq.com/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com https://*.device.stripe-terminal-local-reader.net:4443/protojsonservice/JackRabbitService https://*.stripe.com https://qrcode-monkey.p.rapidapi.com/ https://*.launchdarkly.com/ https://*.commandbar.com/ https://*.google.com https://*.google.com.au https://*.google.ca https://*.google.co.uk https://s3-ca-central-1.amazonaws.com/jane-files-ca/ https://s3-eu-west-2.amazonaws.com/jane-files-gb/ https://s3-ap-southeast-2.amazonaws.com/jane-files-au/ https://s3-us-west-2.amazonaws.com/jane-files-us/ https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.sendbird.com; font-src 'self' data: https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.gstatic.com https://*.typekit.net/ https://*.gstatic.com/ https://*.hotjar.com; form-action 'self' auth.janeapp.com https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://connect.stripe.com https://*.physitrack.com https://*.mailchimp.com janeapp://*; frame-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://*.stripe.com https://player.vimeo.com https://*.appcues.com https://td.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net https://*.commandbar.com/; img-src * data: blob: 'unsafe-inline'; manifest-src 'self' https://assets-jane-cac1-1.janeapp.net; media-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net data: jane-files-ca.s3.ca-central-1.amazonaws.com jane-files-gb.s3.eu-west-2.amazonaws.com jane-files-au.s3.ap-southeast-2.amazonaws.com jane-files-us.s3.us-west-2.amazonaws.com ca-east-data-transfers-1.s3.ca-central-1.amazonaws.com ca-east-data-transfers-2.s3.ca-central-1.amazonaws.com ca-east-data-transfers-3.s3.ca-central-1.amazonaws.com jane-west1-backup.s3.ca-central-1.amazonaws.com https://beacon-v2.helpscout.net https://*.gstatic.com/ https://*.commandbar.com/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://maps.googleapis.com https://*.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://www.google.com/ https://www.gstatic.com/ https://*.stripe.com https://*.helpscout.net https://www.datadoghq-browser-agent.com/datadog-logs.js https://fullstory.com/ https://edge.fullstory.com/ https://*.googletagmanager.com https://*.appcues.com https://*.appcues.net https://cdn.rudderlabs.com/ https://*.commandbar.com/ https://*.hotjar.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.googleapis.com https://fonts.google.com https://*.appcues.com https://*.appcues.net https://beacon-v2.helpscout.net https://*.googletagmanager.com https://www.gstatic.com/ https://*.typekit.net https://*.commandbar.com/ https://*.hotjar.com; worker-src 'self' blob:; report-uri /csp_report
x-cache
Hit from cloudfront
content-length
15086
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 14 Aug 2024 22:25:55 GMT
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=315569520
x-amz-cf-id
GqHcGOUiCW40wpsoSPk8DMaVhJT9wXWkLdf1wJSKXDo9AkdYRx5eRA==
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame BC62 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 -, , ASN (),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://karwelmassage.janeapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1330020
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 21 Aug 2024 18:48:33 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Mon, 05 Aug 2024 20:35:49 GMT
origin-agent-cluster
?1
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
55116
x-content-type-options
nosniff
x-request-id
8cb75351-c479-468a-8f68-8663984889c4
x-served-by
cache-yul1970040-YUL

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| JANE_CLIENT_VERSION string| POD_NAME function| clearImmediate function| setImmediate object| DD_RUM object| DD_LOGS object| sentryClient function| reportJaneError function| initializeSentry function| initializeRum function| initializeRudderStack function| checkBundleLoaded object| sentryData object| __SENTRY__ object| rumConfig object| __sentry_instrumentation_handlers__ object| webpackChunkjane_ui object| regeneratorRuntime object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _ function| merge object| Backbone object| Marionette function| jQuery function| $ object| I18n function| moment function| Cookies function| getAntiCSRFToken function| setAntiCSRFToken object| Modernizr object| JST object| App function| CreditCard function| LinkState function| now function| remove_fields function| add_fields object| notifications function| Notify function| notify function| mountInsuranceForm function| initializeRichText function| mountSignatureWidgets function| mountPronounsAutocomplete function| mountEditEmailModal function| mountEditMobilePhoneModal function| mountMfaModal function| mountIntakeFormSubmission function| mountPatientBookingCalendarApp function| mountTimeZoneSelection function| mountMessages object| mountTransferConsents function| ask function| storageSupported function| localStorageSupported function| sessionStorageSupported object| notices function| handleFlash string| browser_tab_id object| antiCSRFTokenMetaElement object| router object| webpackChunkStripeJSouter function| noop function| Stripe

4 Cookies

Domain/Path Name / Value
.janeapp.com/ Name: jane_device
Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaVUyT1RjM04ySTFPVGRrTW1NM05XTTBabUl3TmpZME16QTNORFk0TkRjelpnWTZCa1ZHIiwiZXhwIjoiMjAzNC0wOC0yMVQxODo0ODoyMVoiLCJwdXIiOiJjb29raWUuamFuZV9kZXZpY2UifX0%3D--e91a3173c737b88eaf2d8fe0bb5ab441a352c90d
karwelmassage.janeapp.com/ Name: cookies_enabled
Value: true
karwelmassage.janeapp.com/ Name: _front_desk_session
Value: YXhqamlsNTMvcWVEcUJGaE0xN0xETi93TUlsTEhjdFNiL3pvcS9EcmhrK2ZURDlLWVc3TExTcUdlNVlGNXhESWoyV2h1ZTVtbE5GTmhVTnhhdVJQZEJMWWg0aFVTK1NPMnRVRnRWYVhlRW5pSXUzdy9hRTJ2VFJKektEenROVGdGdkpYVnJSaGN0YjNBb1lQdzlYOVZkZzd5YURjOXdxSm4rS2hLMTloWjZkR0dmS2FER1QyVC9zRktjNUxrOURWS3dUeC9XZkFSaXJkSm9KZUZPdks3SmpLaUFtS2d4Z1hHM0FLRjJEaTRGcmk3UmhDL2t3cS9LSys1TVN6RFlnMFlldnV6Z0dDLyt6QzBPaGgvKzVBQzdiM3JxV01aTWorSWlpWTJJOUFmdS9ncisvUGZCb2JRWHZ4K1huMm9WbzR3SXlhd3BMUHMvaXVNcWZnQ1hCNkZYY3V3dHFWSjViNElsNGFNdDB4a3NsdXVFdllvRmtTcXBrZXo0cGxzYjFvQ0lSWFZCdjlrN1JMRkhJU1FkU0dvN2N3L3dWNlpZbHVuaUthUnNYL1d6bkVNUEQ4VWJVWXR2Ymo4UWpiNUVJTi0tYVN4ak42WGNqbVZoSkNuYTkzSitoUT09--c3210b91e5f52967e453d3fa9fdb280ea4dcf8e5
karwelmassage.janeapp.com/ Name: _dd_s
Value: rum=0&expire=1724267003362

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; base-uri 'self'; child-src 'self'; connect-src 'self' properties https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net wss://*.janeapp.com wss://*.janeapp.co.uk wss://*.janeapp.com.au wss://*.janeapp.net https://jane.app https://jane.statuspage.io https://icanhazdadjoke.com https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com https://*.g.doubleclick.net https://*.googleapis.com https://d3hb14vkzrxvla.cloudfront.net https://beaconapi.helpscout.net https://chatapi.helpscout.net wss://*.pusher.com https://sockjs-helpscout.pusher.com https://edge.fullstory.com/ https://rs.fullstory.com/ https://*.sentry.io https://rum.browser-intake-datadoghq.com/ https://logs.browser-intake-datadoghq.com/ https://*.appcues.com https://*.appcues.net wss://*.appcues.net wss://*.appcues.com https://*.device.stripe-terminal-local-reader.net:4443/protojsonservice/JackRabbitService https://*.stripe.com https://qrcode-monkey.p.rapidapi.com/ https://*.launchdarkly.com/ https://*.commandbar.com/ https://*.google.com https://*.google.com.au https://*.google.ca https://*.google.co.uk https://s3-ca-central-1.amazonaws.com/jane-files-ca/ https://s3-eu-west-2.amazonaws.com/jane-files-gb/ https://s3-ap-southeast-2.amazonaws.com/jane-files-au/ https://s3-us-west-2.amazonaws.com/jane-files-us/ https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com https://*.sendbird.com; font-src 'self' data: https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.gstatic.com https://*.typekit.net/ https://*.gstatic.com/ https://*.hotjar.com; form-action 'self' auth.janeapp.com https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://connect.stripe.com https://*.physitrack.com https://*.mailchimp.com janeapp://*; frame-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://*.stripe.com https://player.vimeo.com https://*.appcues.com https://td.doubleclick.net https://www.google.com https://tpc.googlesyndication.com https://googleads.g.doubleclick.net https://*.commandbar.com/; img-src * data: blob: 'unsafe-inline'; manifest-src 'self' https://assets-jane-cac1-1.janeapp.net; media-src 'self' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net data: jane-files-ca.s3.ca-central-1.amazonaws.com jane-files-gb.s3.eu-west-2.amazonaws.com jane-files-au.s3.ap-southeast-2.amazonaws.com jane-files-us.s3.us-west-2.amazonaws.com ca-east-data-transfers-1.s3.ca-central-1.amazonaws.com ca-east-data-transfers-2.s3.ca-central-1.amazonaws.com ca-east-data-transfers-3.s3.ca-central-1.amazonaws.com jane-west1-backup.s3.ca-central-1.amazonaws.com https://beacon-v2.helpscout.net https://*.gstatic.com/ https://*.commandbar.com/; object-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://maps.googleapis.com https://*.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google.com https://www.google.com/ https://www.gstatic.com/ https://*.stripe.com https://*.helpscout.net https://www.datadoghq-browser-agent.com/datadog-logs.js https://fullstory.com/ https://edge.fullstory.com/ https://*.googletagmanager.com https://*.appcues.com https://*.appcues.net https://cdn.rudderlabs.com/ https://*.commandbar.com/ https://*.hotjar.com; style-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.janeapp.com https://*.janeapp.co.uk https://*.janeapp.com.au https://*.janeapp.net https://fonts.googleapis.com https://fonts.google.com https://*.appcues.com https://*.appcues.net https://beacon-v2.helpscout.net https://*.googletagmanager.com https://www.gstatic.com/ https://*.typekit.net https://*.commandbar.com/ https://*.hotjar.com; worker-src 'self' blob:; report-uri /csp_report
Strict-Transport-Security max-age=31556952; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-jane-cac1-1.janeapp.net
fonts.googleapis.com
js.stripe.com
karwelmassage.janeapp.com
o4505290921410560.ingest.sentry.io
15.157.219.149
151.101.128.176
151.101.64.176
2607:f8b0:4006:806::200a
34.120.195.249
52.85.61.66
01e8d534c487d2911244e6cec20c5aeef6c108c3dbf0669dd2c448a6be79a69e
07a40ad412a5d99f955c5b8d1690be15fe3e0d5deba550ac5ba5ecba4c69a466
0f54e3b4acc470bae4dd8f70c07701580ac1feed0c2d42e53ddcdb8c575c68af
14f28a18838e1aceeda071b377b4ae2e845b9fb8e0ae409a7977522c17f56ea4
1f0f40fad366e53ba3ac58cc4cae562524c2f5e7f952fc85a1d7ed5837a47b3d
3277a896fa34daeb3945183704e2c0468a683c8e56575d6931490a4d16acd151
3f11c034ac86d1e7495efdb71d2141c5460999f0bfd18533fb9d2b6c51e00552
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
53c808e65df6fe4088e2a50ba5639d5300ac469243f2312351216211cb2da678
5c2050e6366913994866e5471104a2b46054dd06012577968553a13be5a12904
5fa644a716cd85b46d1ed48ae749af7af0fa8f88241afc83640cd6a58d9e4c49
6427803a61fbf0900a35f17b039f9241427a2aa00277c74cbb19db958acb3d04
65d3f15a19d21935405d9b65392ed1cf8d434c18561e2d5eb1bd19bf47a8d241
798d4394b9c5e12af56c53a2d8d633be95c17f60dde83ad14e0739f6dbd5ae09
7c69f25c3fb45191988ba01423acc6796f7adf26b77db35302f0d6c129e379d6
84f66802127df1e175ba95fe6247800e01367efbe122a484b975718fe495c7b7
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7
8f0b65a4b786d70591b85f67e51f7425420886f9dd8bd5508a6ad2e87f02ed41
94d20fee76c5e85925714b500fa29c86d48cab6d631de813eed365f8ea5ac5e8
997c2e298a8d14c9d64bda1cc72fe351e894160a631148129f8c8beea25e62ce
9f35372f49909c99828532d34ece3fc1f5b14f7eb22375b3d241445d572aba9a
a21e77b802d77c4af86284c3161a9824a02ad71857d1b315ab030748454e6d49
af03cd9a8955b0eaffd6635d492dec57fe3b13f63c7e54ba15a1557ed3f5e2c5
b6334e60c6496c484adfca40ea5c36076d2983994f0bd80b7a2fb82f89182cd4
be59b3cc13324a40159bd025dce60cd739501101397af59c005ce8bc84b8271a
dd4346a722f73229419ca5e2a2902f05f182a432adb7eea2fad34ce01b8e4ba7
e3809eac1e4f60764ae8950b6a6b8223587bcdce0c961f02e7d775abb5cc8a4d
e98809faa88be33133590cbf33352ae61242ae5d6e58dcf362be13b97fbbe52b