urlscan.io logo urlscan.io
SecurityTrails logo

app.plural.sh Open in urlscan Pro
3.22.191.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://airbyte.claimax.onplural.sh/
Effective URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Submission: On November 12 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 13 domains to perform 33 HTTP transactions. The main IP is 3.22.191.137, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is app.plural.sh.
TLS certificate: Issued by R3 on October 23rd 2022. Valid for: 3 months.
This is the only time app.plural.sh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.107.10.229 396982 (GOOGLE-CL...)
1 1 3.134.125.70 16509 (AMAZON-02)
12 3.22.191.137 16509 (AMAZON-02)
1 2606:50c0:800... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 151.101.0.176 54113 (FASTLY)
1 108.138.7.38 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
3 54.187.119.242 16509 (AMAZON-02)
2 99.86.4.50 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 44.235.178.193 16509 (AMAZON-02)
1 34.200.137.180 14618 (AMAZON-AES)
1 1 108.138.17.67 16509 (AMAZON-02)
3 18.64.119.73 16509 (AMAZON-02)
33 14
1    34.107.10.229 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.10.107.34.bc.googleusercontent.com
airbyte.claimax.onplural.sh
1    3.134.125.70 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-125-70.us-east-2.compute.amazonaws.com
oidc.plural.sh
12    3.22.191.137 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-22-191-137.us-east-2.compute.amazonaws.com
app.plural.sh
growthbook-api.plural.sh
1    2606:50c0:8003::153 (United States)

ASN54113 (FASTLY, US)
necolas.github.io
1    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    108.138.7.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-38.fra56.r.cloudfront.net
cdn.heapanalytics.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    99.86.4.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-50.fra6.r.cloudfront.net
m.stripe.network
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    44.235.178.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-178-193.us-west-2.compute.amazonaws.com
m.stripe.com
1    34.200.137.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-137-180.compute-1.amazonaws.com
heapanalytics.com
1    108.138.17.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-67.fra56.r.cloudfront.net
widget.intercom.io
3    18.64.119.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-119-73.txl50.r.cloudfront.net
js.intercomcdn.com
Apex Domain
Subdomains		 Transfer
13 plural.sh
oidc.plural.sh
app.plural.sh
growthbook-api.plural.sh
7 MB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1156
q.stripe.com — Cisco Umbrella Rank: 6165
m.stripe.com — Cisco Umbrella Rank: 1133
98 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 1923
202 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1214
16 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2536
400 B
2 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 3038
heapanalytics.com — Cisco Umbrella Rank: 2635
44 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2382
298 B
1 gstatic.com
fonts.gstatic.com
38 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
75 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 790
363 KB
1 github.io
necolas.github.io — Cisco Umbrella Rank: 185205
2 KB
1 onplural.sh
airbyte.claimax.onplural.sh
613 B
33 13
Domain Requested by
11 app.plural.sh app.plural.sh
3 js.intercomcdn.com widget.intercom.io
3 q.stripe.com app.plural.sh
3 js.stripe.com app.plural.sh
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 region1.google-analytics.com www.googletagmanager.com
1 widget.intercom.io 1 redirects
1 heapanalytics.com
1 growthbook-api.plural.sh app.plural.sh
1 m.stripe.com m.stripe.network
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.heapanalytics.com app.plural.sh
1 www.googletagmanager.com app.plural.sh
1 fonts.googleapis.com app.plural.sh
1 unpkg.com app.plural.sh
1 necolas.github.io app.plural.sh
1 oidc.plural.sh 1 redirects
1 airbyte.claimax.onplural.sh 1 redirects
33 18

This site contains no links.

Subject Issuer Validity Valid
app.plural.sh
R3		 2022-10-23 -
2023-01-21		 3 months crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-01 -
2023-06-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-19 -
2023-01-11		 3 months crt.sh
cdn.heapanalytics.com
Amazon		 2022-07-29 -
2023-08-27		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-12 -
2023-03-09		 4 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-15 -
2023-01-26		 4 months crt.sh
growthbook.plural.sh
R3		 2022-10-01 -
2022-12-30		 3 months crt.sh
heapanalytics.com
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.intercomcdn.com
Amazon		 2022-01-30 -
2023-02-28		 a year crt.sh

This page contains 4 frames:

Primary Page: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Frame ID: 340BEDD758E3282531F909A6A6DEDB6B
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 7DEE7B51C4AB18EA790E149528A2F0B9
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5ED5C79730028B5D41C4795DC71F8B48
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.68e520b5.js
Frame ID: 18A67E67D36C0F940B872220609CE179
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

App | Plural

Page URL History Show full URLs

  1. https://airbyte.claimax.onplural.sh/ HTTP 302
    https://oidc.plural.sh/oauth2/auth?approval_prompt=force&client_id=c227a6b6-b7ec-4ab9-ab9f-9b8f36fe... HTTP 302
    https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

33
Requests

97 %
HTTPS

35 %
IPv6

13
Domains

18
Subdomains

14
IPs

2
Countries

7794 kB
Transfer

8863 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://airbyte.claimax.onplural.sh/ HTTP 302
    https://oidc.plural.sh/oauth2/auth?approval_prompt=force&client_id=c227a6b6-b7ec-4ab9-ab9f-9b8f36fe9372&redirect_uri=https%3A%2F%2Fairbyte.claimax.onplural.sh%2Foauth2%2Fcallback&response_type=code&scope=openid+profile&state=xrPj3zxy_auB-c6LGGJdVpfiV6J4l9-wIb4Me0qLTDY%3A%2F HTTP 302
    https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://widget.intercom.io/widget/p127zb9y HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
app.plural.sh/
Redirect Chain
  • https://airbyte.claimax.onplural.sh/
  • https://oidc.plural.sh/oauth2/auth?approval_prompt=force&client_id=c227a6b6-b7ec-4ab9-ab9f-9b8f36fe9372&redirect_uri=https%3A%2F%2Fairbyte.claimax.onplural.sh%2Foauth2%2Fcallback&response_type=code...
  • https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.22.191.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-191-137.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
c1c36e2ff8a64bc89c6eaa3069918a13d0a90a3dbdde5b4d33a8105a36e8b8a4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
5597
content-type
text/html
date
Sat, 12 Nov 2022 17:08:13 GMT
etag
"636ddcfa-15dd"
last-modified
Fri, 11 Nov 2022 05:26:18 GMT
strict-transport-security
max-age=15724800; includeSubDomains

Redirect headers

content-length
99
content-type
text/html; charset=utf-8
date
Sat, 12 Nov 2022 17:08:12 GMT
location
https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
strict-transport-security
max-age=15724800; includeSubDomains
normalize.css
necolas.github.io/normalize.css/latest/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://necolas.github.io/normalize.css/latest/normalize.css
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8003::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-fastly-request-id
7dc5bc4dc52268cf0b3a182ad5bc855233e3ccf4
date
Sat, 12 Nov 2022 17:08:13 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
422
x-cache
HIT
x-proxy-cache
HIT
content-length
1738
x-served-by
cache-hhn4050-HHN
last-modified
Mon, 05 Nov 2018 02:35:30 GMT
server
GitHub.com
x-github-request-id
0ADE:AF90:1EFA63F:1FF14D9:636FBC63
x-timer
S1668272894.777239,VS0,VE1
etag
W/"5bdfac72-17fa"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Sat, 12 Nov 2022 15:41:04 GMT
page-load-spinner.css
app.plural.sh/page-load-spinner/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.plural.sh/page-load-spinner/page-load-spinner.css
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.22.191.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-191-137.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4377e9decd3e7a6e27d9701c85f4f6b926983c6a6ddbb66ad44676e336ed9c67
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:08:13 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 11 Nov 2022 05:23:41 GMT
accept-ranges
bytes
etag
"636ddc5d-b7f"
content-length
2943
content-type
text/css
16.png
unpkg.com/emoji-datasource-google@5.0.1/img/google/sheets-256/ 		362 KB
363 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unpkg.com/emoji-datasource-google@5.0.1/img/google/sheets-256/16.png
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1002ea8465a53b807981192d5592250b14d0b47fef9992d0f58b2f0f2a092ba2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:08:13 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
77
content-length
371087
last-modified
Wed, 15 Jan 2020 00:54:11 GMT
fly-request-id
01GHPCXRJ91MCKQ1TTHM8EEXJE-fra
server
cloudflare
etag
"5a98f-ryH4Q3nq563pYkIiy5nuKPMECjw"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7690de52de6f90c1-FRA
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc4772532e5066f9e49faf08fde464ad5f7947463c4c2b48a4c339efe7cd5f28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 12 Nov 2022 17:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 12 Nov 2022 15:20:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 12 Nov 2022 17:08:13 GMT
js
www.googletagmanager.com/gtag/ 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GP9XH1EENY
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03c64ad8d970d2761ad706be4faa03171980df405da55f8b34110bee33b6d34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:08:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76600
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 12 Nov 2022 17:08:13 GMT
main.136bfcf4.js
app.plural.sh/static/js/ 		7 MB
7 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.plural.sh/static/js/main.136bfcf4.js
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.22.191.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-191-137.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
1f802c240fed0054c5972560369dbd12a34079c61e2d25c30bfd1b26b0fa6bac
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:08:13 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 11 Nov 2022 05:26:18 GMT
accept-ranges
bytes
etag
"636ddcfa-68a196"
content-length
6857110
content-type
application/javascript
main.f6f88ad1.css
app.plural.sh/static/css/ 		99 KB
100 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.plural.sh/static/css/main.f6f88ad1.css
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.22.191.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-191-137.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
23e68ce99a20a561787afbcd938905a5abb49ea5a46cb0aa9f2908bced68f70e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:08:13 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 11 Nov 2022 05:26:18 GMT
accept-ranges
bytes
etag
"636ddcfa-18d0b"
content-length
101643
content-type
text/css
page-load-spinner.js
app.plural.sh/page-load-spinner/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.plural.sh/page-load-spinner/page-load-spinner.js
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.22.191.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-191-137.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
d5a0e9941eb14713f5427c0b886798953657ea2aa2e07ae1a978286b86e7c1c6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:08:13 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 11 Nov 2022 05:23:41 GMT
accept-ranges
bytes
etag
"636ddc5d-5fc"
content-length
1532
content-type
application/javascript
/
js.stripe.com/v3/ 		396 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
2be855f0b5d660d9b4da6463e8b6db4e77eb42c93b5cbcdfac850388687e8d0b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 12 Nov 2022 17:08:13 GMT
via
1.1 varnish
age
50
x-cache
HIT
content-length
97098
x-request-id
6101a7d3-3c66-4d66-a26e-e8138ffcc17b
x-served-by
cache-hhn4067-HHN
last-modified
Fri, 11 Nov 2022 21:00:40 GMT
server
Fastly
etag
"babf236eef0242740e1030811bd52995"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
14
heap-3306441968.js
cdn.heapanalytics.com/js/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-3306441968.js
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-38.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ff7e51b8370c38ae8c64d9d0c6ca7c49fc41b88dd5379adac1aee11d03cd82f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:07:15 GMT
content-encoding
gzip
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
FRA56-P6
age
58
etag
W/"1b888-H61N7zaMLbbK6abWfQ/DvA"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Th9uahxktZTlNBM02eapBYgKVnMirrUM310OyOrqfvW3h6NFbP7zYQ==
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GP9XH1EENY&gtm=2oeb90&_p=1453064267&cid=201119704.1668272894&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668272893&sct=1&seg=0&dl=https%3A%2F%2Fapp.plural.sh%2Flogin%3Flogin_challenge%3D339381a28f5c43a3a10865c028330bef&dt=App%20%7C%20Plural&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GP9XH1EENY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Nov 2022 17:08:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.plural.sh
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
plural-logomark-only-white.svg
app.plural.sh/logos/ 		569 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.plural.sh/logos/plural-logomark-only-white.svg
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.22.191.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-191-137.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
c6a382088e36768c8ef485e15e04ed17b74d543a50245efa333585322ef8bdf9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:08:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 11 Nov 2022 05:23:41 GMT
accept-ranges
bytes
etag
"636ddc5d-239"
content-length
569
content-type
image/svg+xml
page-load-spinner-bg.png
app.plural.sh/page-load-spinner/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.plural.sh/page-load-spinner/page-load-spinner-bg.png
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.22.191.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-191-137.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
10dc8c195ac66787c1f079bb2f55b95a3de0bb7d3b0625c850218dffca5b51ec
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:08:14 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 11 Nov 2022 05:23:41 GMT
accept-ranges
bytes
etag
"636ddc5d-12ef"
content-length
4847
content-type
image/png
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GP9XH1EENY&gtm=2oeb90&_p=1453064267&cid=201119704.1668272894&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1668272893&sct=1&seg=0&dl=https%3A%2F%2Fapp.plural.sh%2Flogin%3Flogin_challenge%3D339381a28f5c43a3a10865c028330bef&dt=App%20%7C%20Plural&en=scroll&epn.percent_scrolled=90&_et=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GP9XH1EENY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Nov 2022 17:08:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.plural.sh
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 7DEE 		200 B
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.plural.sh/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2667179
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 12 Nov 2022 17:08:19 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Wed, 12 Oct 2022 20:13:44 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1097295
x-content-type-options
nosniff
x-request-id
d5b9a927-d9be-41f6-bbd5-b98480f7b345
x-served-by
cache-hhn4067-HHN
csp-report
q.stripe.com/ Frame 7DEE 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 12 Nov 2022 17:08:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 7DEE 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 12 Nov 2022 17:08:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 7DEE 		526 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 12 Nov 2022 17:08:19 GMT
via
1.1 varnish
age
1881661
x-cache
HIT
content-length
256
x-request-id
70dc346c-c7da-4265-9678-7c2ac5415fa3
x-served-by
cache-hhn4067-HHN
last-modified
Thu, 20 Oct 2022 16:38:36 GMT
server
Fastly
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
958545
inner.html
m.stripe.network/ Frame 5ED5 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
257
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 12 Nov 2022 17:04:12 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-id
eCLm4nKb1sjwQcb5MZuq9zl4udds7isy1QUgtzRy5rBwuefqWMZ0jg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.plural.sh
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 07 Nov 2022 16:54:37 GMT
x-content-type-options
nosniff
age
432822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Nov 2023 16:54:37 GMT
csp-report
q.stripe.com/ Frame 5ED5 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sat, 12 Nov 2022 17:08:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame 5ED5 		86 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-50.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 12 Nov 2022 17:05:35 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
173
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
sekqNapq6eHYU4dsVhUC_4gi6K18wQJoZVwzMW0WK_tzwKu4Ekmuqg==
6
m.stripe.com/ Frame 5ED5 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.178.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-178-193.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9224072af6d5592eb58b5bbab60598164392a7b5da9ecafa17becaa626b555c9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 12 Nov 2022 17:08:20 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
key_prod_0a0bb850b46792cc
growthbook-api.plural.sh/api/features/ 		251 B
535 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://growthbook-api.plural.sh/api/features/key_prod_0a0bb850b46792cc
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/static/js/main.136bfcf4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.22.191.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-191-137.us-east-2.compute.amazonaws.com
Software
/ Express
Resource Hash
89fda023230d4b1115e0d444aeb0c7aecbb594f927ff42fdfc4d7a518916bdb8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:08:23 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-powered-by
Express
etag
W/"fb-zo4xk+sG4Z5gpAitw1qhGU6BgDM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
content-length
251
plural-full-logo-white.svg
app.plural.sh/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.plural.sh/plural-full-logo-white.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.22.191.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-191-137.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e0adadfd47ef3fdb649ece18cc821d4ca28c31e15fe539975dfae8311741e825
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:08:23 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 11 Nov 2022 05:23:41 GMT
accept-ranges
bytes
etag
"636ddc5d-bb2"
content-length
2994
content-type
image/svg+xml
ABCMonumentGroteskSemi-Mono-Medium.woff
app.plural.sh/ 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.plural.sh/ABCMonumentGroteskSemi-Mono-Medium.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.22.191.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-191-137.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
17be69036236ceeba8f869c1f2f6cc3b52afd81d2ba6bb094672cef653fc26bb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Origin
https://app.plural.sh
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:08:23 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 11 Nov 2022 05:23:41 GMT
accept-ranges
bytes
etag
"636ddc5d-ff98"
content-length
65432
content-type
font/woff
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=3306441968&u=7763294083145382&v=5259056808830271&s=2925231451447495&b=web&tv=4.0&z=0&h=%2Flogin&q=%3Flogin_challenge%3D339381a28f5c43a3a10865c028330bef&d=app.plural.sh&t=App%20%7C%20Plural&ts=1668272903274&st=1668272903276
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.137.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-137-180.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 12 Nov 2022 17:08:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/p127zb9y
  • https://js.intercomcdn.com/shim.latest.js
18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
18.64.119.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-73.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
62f7d7412ac07f73aaa7c4fb84578a23c7fe8c3dcbd7dca7a89be643ae6ba040
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.plural.sh/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
2dxRDEH0p_7ua9oipf61wzyYk2RQNAU7
content-encoding
gzip
via
1.1 1b9454b38723d47cf9a28d1fb8f9546c.cloudfront.net (CloudFront)
date
Sat, 12 Nov 2022 17:06:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
TXL50-P4
age
132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
6172
last-modified
Fri, 11 Nov 2022 11:15:58 GMT
server
AmazonS3
etag
"02f377dec3280fccf734be5a2f1fa8d1"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
meiHo2aawQqmadWiRUxXuK6ml-iPLKrRunUYWlB9GEtuirJRaeFWtQ==

Redirect headers

date
Wed, 29 Jun 2022 14:23:47 GMT
via
1.1 93efd892a8e99dc59164afbee331cd56.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
11760277
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
cache-control
max-age=86400
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
ycbj9HAeptuf0MQZu1O1FiZJOmZxSo1-EtGsptHrM2hmAy7MZ24Luw==
gql
app.plural.sh/ 		877 B
816 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.plural.sh/gql
Requested by
Host: app.plural.sh
URL: https://app.plural.sh/static/js/main.136bfcf4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.22.191.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-191-137.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
0baa92960ff52bcc93c2ac1d8fe8323e2369c951a3b3af8ee59283b8d885687c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept
*/*
Referer
https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
application/json

Response headers

date
Sat, 12 Nov 2022 17:08:23 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
vary
accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
418
x-request-id
cfa2d7e076656aa0aa48d3ba72ef516e
ABCMonumentGroteskSemi-Mono-Regular.woff
app.plural.sh/ 		57 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.plural.sh/ABCMonumentGroteskSemi-Mono-Regular.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.22.191.137 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-191-137.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
20367ec755e9443bf48523dd516ea6041f4ccb716c3ba9c3eb5c20a8ececa2a6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Origin
https://app.plural.sh
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 17:08:23 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 11 Nov 2022 05:23:41 GMT
accept-ranges
bytes
etag
"636ddc5d-e4b4"
content-length
58548
content-type
font/woff
frame-modern.68e520b5.js
js.intercomcdn.com/ Frame 18A6 		450 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.68e520b5.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/p127zb9y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.64.119.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-73.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28d4d796657cef3270352cd33775f801b99410b1867185e9deb2f20a286f9bfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
via
1.1 559ee8cd119d47737b610c6ae5010932.cloudfront.net (CloudFront)
x-amz-version-id
KwGZD_y4HFcU1rOOIdP7Suzbkz8UYH1r
date
Sat, 12 Nov 2022 15:16:06 GMT
x-amz-cf-pop
TXL50-P4
age
6738
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
125250
last-modified
Fri, 11 Nov 2022 11:14:19 GMT
server
AmazonS3
etag
"a1f68cbbba78cf380b67de1eee67efee"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
pUze3Y6F5msD8d86Syaa_Q_KdHuW2LJ5pVkzus1Lc2hLnPj4Xp5vyg==
vendor-modern.d88fd53a.js
js.intercomcdn.com/ Frame 18A6 		236 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.d88fd53a.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/p127zb9y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.64.119.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-119-73.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
82a1dccc6552b1d9e80311f33999b5ef46839f2dc78621ec3bb8c2c6bc16f389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
via
1.1 559ee8cd119d47737b610c6ae5010932.cloudfront.net (CloudFront)
x-amz-version-id
3eX9sRg4SA1I1v65CRrQl1_KQ94mcndB
date
Sat, 12 Nov 2022 15:16:06 GMT
x-amz-cf-pop
TXL50-P4
age
6738
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
74303
last-modified
Fri, 11 Nov 2022 11:14:19 GMT
server
AmazonS3
etag
"f20ebd32d8c68edc67b9966828d7ecff"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
pAMP9Vp5tBN2NkjdwYu3OcB223SdcNvhSb3au1psOjS3eVd3rR4-KQ==

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| heap function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkStripeJSouter function| Stripe function| _ object| core object| __core-js_shared__ object| regeneratorRuntime function| Intercom function| __intercomAssignLocation

10 Cookies

Domain/Path Name / Value
app.plural.sh/socket Name: INGRESSCOOKIE
Value: 1668272904.523.4172.811452|cd6c06fe73eba668650beb3b4edbcea2
airbyte.claimax.onplural.sh/ Name: _oauth2_proxy_csrf
Value: DQ4NgHJFNQGtx_g86WhK7qTAsh2weNhRAgkC2Xm_SfVoiBX8xtc8OcTyzGtjAL8-3yCZK_ZVHqBsBefrjy3823TgPFljO29td29A4JbRswKvLbq3vJ7tctY=|1668272892|TcbfdKrxJWSuBXQgvt88e8pN83BTqnnxzsTkzHHs7nY=
oidc.plural.sh/ Name: oauth2_authentication_csrf_insecure
Value: MTY2ODI3Mjg5MnxEdi1CQkFFQ180SUFBUkFCRUFBQVB2LUNBQUVHYzNSeWFXNW5EQVlBQkdOemNtWUdjM1J5YVc1bkRDSUFJR0UwTURFeU5XSXhOakZsWkRRNE1HSmhObVJpTVdKak1qQTBNekk0T0RVenyFavSeOz7GiROIgwUjjvrLUDhwFHUBYxR44rQs4mmKYA==
.plural.sh/ Name: _ga_GP9XH1EENY
Value: GS1.1.1668272893.1.0.1668272893.0.0.0
.plural.sh/ Name: _ga
Value: GA1.1.201119704.1668272894
m.stripe.com/ Name: m
Value: 59124b27-39f7-4b91-b96e-88e9ce5eb8a327d687
.app.plural.sh/ Name: __stripe_mid
Value: e29c330b-2ff3-4290-9a4b-3278b7009d6c75ed95
.app.plural.sh/ Name: __stripe_sid
Value: 895d3b74-79b9-442a-891c-ee872dfbf99f1484cc
.plural.sh/ Name: _hp2_id.3306441968
Value: %7B%22userId%22%3A%227763294083145382%22%2C%22pageviewId%22%3A%225259056808830271%22%2C%22sessionId%22%3A%222925231451447495%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.plural.sh/ Name: _hp2_ses_props.3306441968
Value: %7B%22ts%22%3A1668272903274%2C%22d%22%3A%22app.plural.sh%22%2C%22h%22%3A%22%2Flogin%22%2C%22q%22%3A%22%3Flogin_challenge%3D339381a28f5c43a3a10865c028330bef%22%7D

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript warning URL: https://app.plural.sh/login?login_challenge=339381a28f5c43a3a10865c028330bef
Message:
The resource https://unpkg.com/emoji-datasource-google@5.0.1/img/google/sheets-256/16.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airbyte.claimax.onplural.sh
app.plural.sh
cdn.heapanalytics.com
fonts.googleapis.com
fonts.gstatic.com
growthbook-api.plural.sh
heapanalytics.com
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
necolas.github.io
oidc.plural.sh
q.stripe.com
region1.google-analytics.com
unpkg.com
widget.intercom.io
www.googletagmanager.com
108.138.17.67
108.138.7.38
151.101.0.176
18.64.119.73
2001:4860:4802:34::36
2606:4700::6810:7daf
2606:50c0:8003::153
2a00:1450:4001:801::2008
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
3.134.125.70
3.22.191.137
34.107.10.229
34.200.137.180
44.235.178.193
54.187.119.242
99.86.4.50
03c64ad8d970d2761ad706be4faa03171980df405da55f8b34110bee33b6d34f
0baa92960ff52bcc93c2ac1d8fe8323e2369c951a3b3af8ee59283b8d885687c
1002ea8465a53b807981192d5592250b14d0b47fef9992d0f58b2f0f2a092ba2
10dc8c195ac66787c1f079bb2f55b95a3de0bb7d3b0625c850218dffca5b51ec
17be69036236ceeba8f869c1f2f6cc3b52afd81d2ba6bb094672cef653fc26bb
1f802c240fed0054c5972560369dbd12a34079c61e2d25c30bfd1b26b0fa6bac
20367ec755e9443bf48523dd516ea6041f4ccb716c3ba9c3eb5c20a8ececa2a6
23e68ce99a20a561787afbcd938905a5abb49ea5a46cb0aa9f2908bced68f70e
28d4d796657cef3270352cd33775f801b99410b1867185e9deb2f20a286f9bfe
2be855f0b5d660d9b4da6463e8b6db4e77eb42c93b5cbcdfac850388687e8d0b
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
4377e9decd3e7a6e27d9701c85f4f6b926983c6a6ddbb66ad44676e336ed9c67
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
62f7d7412ac07f73aaa7c4fb84578a23c7fe8c3dcbd7dca7a89be643ae6ba040
82a1dccc6552b1d9e80311f33999b5ef46839f2dc78621ec3bb8c2c6bc16f389
89fda023230d4b1115e0d444aeb0c7aecbb594f927ff42fdfc4d7a518916bdb8
9224072af6d5592eb58b5bbab60598164392a7b5da9ecafa17becaa626b555c9
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1c36e2ff8a64bc89c6eaa3069918a13d0a90a3dbdde5b4d33a8105a36e8b8a4
c6a382088e36768c8ef485e15e04ed17b74d543a50245efa333585322ef8bdf9
cc4772532e5066f9e49faf08fde464ad5f7947463c4c2b48a4c339efe7cd5f28
d5a0e9941eb14713f5427c0b886798953657ea2aa2e07ae1a978286b86e7c1c6
e0adadfd47ef3fdb649ece18cc821d4ca28c31e15fe539975dfae8311741e825
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
ff7e51b8370c38ae8c64d9d0c6ca7c49fc41b88dd5379adac1aee11d03cd82f1