URL: https://app1.unstackstg.com/
Submission Tags: @phishunt_io
Submission: On May 27 via api from DE — Scanned from DE

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 24 HTTP transactions. The main IP is 18.173.187.3, located in United States and belongs to AMAZON-02, US. The main domain is app1.unstackstg.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on May 27th 2024. Valid for: a year.
This is the only time app1.unstackstg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 18.173.187.3 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:26d... 16509 (AMAZON-02)
3 18.173.187.29 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.225.16.206 14618 (AMAZON-AES)
6 18.66.192.111 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
24 11
Apex Domain
Subdomains
Transfer
9 perfalytics.com
perfalytics.com — Cisco Umbrella Rank: 19639
api.perfalytics.com — Cisco Umbrella Rank: 20355
138 KB
5 unstackstg.com
app1.unstackstg.com
2 MB
2 posthog.com
us.i.posthog.com — Cisco Umbrella Rank: 8888
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
171 KB
1 hubspot.com
track.hubspot.com — Cisco Umbrella Rank: 2393
1 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2225
24 KB
1 gstatic.com
fonts.gstatic.com
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
1 wdfl.co
r.wdfl.co — Cisco Umbrella Rank: 24291
5 KB
0 hs-scripts.com Failed
js.hs-scripts.com Failed
24 10
Domain Requested by
6 api.perfalytics.com app1.unstackstg.com
5 app1.unstackstg.com app1.unstackstg.com
3 perfalytics.com app1.unstackstg.com
perfalytics.com
2 us.i.posthog.com app1.unstackstg.com
2 www.googletagmanager.com app1.unstackstg.com
1 track.hubspot.com
1 js.hs-analytics.net perfalytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com app1.unstackstg.com
1 r.wdfl.co app1.unstackstg.com
0 js.hs-scripts.com Failed app1.unstackstg.com
24 11

This site contains links to these domains. Also see Links.

Domain
www.unstack.com
Subject Issuer Validity Valid
app1.unstackstg.com
Amazon RSA 2048 M03
2024-05-27 -
2025-06-26
a year crt.sh
*.google-analytics.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
r.wdfl.co
Amazon RSA 2048 M03
2023-09-02 -
2024-09-30
a year crt.sh
perfalytics.com
Amazon RSA 2048 M01
2023-08-12 -
2024-09-09
a year crt.sh
upload.video.google.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.gstatic.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
*.i.posthog.com
Amazon RSA 2048 M03
2024-01-15 -
2025-02-12
a year crt.sh
*.perfalytics.com
Amazon RSA 2048 M01
2023-08-12 -
2024-09-09
a year crt.sh
hs-analytics.net
GTS CA 1P5
2024-04-13 -
2024-07-12
3 months crt.sh
hubspot.com
E1
2024-05-23 -
2024-08-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://app1.unstackstg.com/
Frame ID: B7DA3FE185CE8F8FCD2C51D784103FC8
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Log in to Unstack

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Page Statistics

24
Requests

96 %
HTTPS

60 %
IPv6

10
Domains

11
Subdomains

11
IPs

2
Countries

2330 kB
Transfer

11225 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
app1.unstackstg.com/
14 KB
5 KB
Document
General
Full URL
https://app1.unstackstg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-3.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
23b044c4b53c12a44d5d95cccbda8254c044d7178b567741ed138dee84ddefa9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
2973
cache-control
max-age=0, s-maxage=86400
content-encoding
br
content-security-policy
frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
content-type
text/html
date
Mon, 27 May 2024 05:44:23 GMT
etag
W/"80785c2f2490ab8e0aec384aee215ac8"
last-modified
Mon, 27 May 2024 05:40:31 GMT
permissions-policy
geolocation=(self)
referrer-policy
strict-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 e962a4214db0639b31056a5ae4bf22f4.cloudfront.net (CloudFront)
x-amz-cf-id
ECtCEWWRk2NVDN3DMKYPnwqbm6q6pmvx0OB3pwTs_ChFzziTz3jc2w==
x-amz-cf-pop
MUC50-P4
x-cache
Hit from cloudfront
js
www.googletagmanager.com/gtag/
221 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-767729861
Requested by
Host: app1.unstackstg.com
URL: https://app1.unstackstg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba3fc1c0800a07246c328178d02d39f4b24b8cb0ab1b840b0fdb793c35aa047a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 06:33:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81936
x-xss-protection
0
last-modified
Mon, 27 May 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 May 2024 06:33:55 GMT
4958261.js
js.hs-scripts.com/
0
0

main.49717ceb.js
app1.unstackstg.com/static/js/
5 MB
1 MB
Script
General
Full URL
https://app1.unstackstg.com/static/js/main.49717ceb.js
Requested by
Host: app1.unstackstg.com
URL: https://app1.unstackstg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-3.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec80bb94c12d7a751c6760e6ff75f1365177016ec8d41b8c92ca66ea078e22ba
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 05:44:24 GMT
content-encoding
br
via
1.1 e962a4214db0639b31056a5ae4bf22f4.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P4
age
2972
x-cache
Hit from cloudfront
referrer-policy
strict-origin
last-modified
Mon, 27 May 2024 05:40:32 GMT
server
AmazonS3
etag
W/"074d44962248ffb42e243b76f0b21b48"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
permissions-policy
geolocation=(self)
x-amz-cf-id
LiU5KKa9gNkfzX8p-NXPi6hlckOnMpLRBAY7JFESO1VPvGygVK54dA==
main.495de2c2.css
app1.unstackstg.com/static/css/
686 KB
92 KB
Stylesheet
General
Full URL
https://app1.unstackstg.com/static/css/main.495de2c2.css
Requested by
Host: app1.unstackstg.com
URL: https://app1.unstackstg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-3.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e2dbb37283bfb470c9fe67608e5c021a94d6759842a0cdb83c2414207fe0865
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 05:44:24 GMT
content-encoding
br
via
1.1 e962a4214db0639b31056a5ae4bf22f4.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P4
age
2972
x-cache
Hit from cloudfront
referrer-policy
strict-origin
last-modified
Mon, 27 May 2024 05:40:31 GMT
server
AmazonS3
etag
W/"6f83acd61f4aed30ffa4b0d30d96bd0e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=86400
permissions-policy
geolocation=(self)
x-amz-cf-id
eEk1IDlAnlttHfRYyvuCS7KUHs04QK9Uk6EMp6-EruC9XVVlcyQhWw==
rw.js
r.wdfl.co/
18 KB
5 KB
Script
General
Full URL
https://r.wdfl.co/rw.js
Requested by
Host: app1.unstackstg.com
URL: https://app1.unstackstg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:2a00:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65f215f2bcb1962431b2ebf451ded721434d5a4509582a5d8fc56adcf8e44220

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 06:32:26 GMT
content-encoding
gzip
via
1.1 549ff9961325ec88cf02baa6f818172a.cloudfront.net (CloudFront)
last-modified
Tue, 21 May 2024 16:21:26 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
89
x-amz-server-side-encryption
AES256
etag
W/"76b813e48c6c868eb8cef33f508a7c8d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
WQ7HhTAhuHSFBxyU5RjZRD6WEow1o3k9ShCYeYQRsePJimiuwhjGAg==
gtm.js
www.googletagmanager.com/
255 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MF7L3R7
Requested by
Host: app1.unstackstg.com
URL: https://app1.unstackstg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29943e913a62b036dd1075d398cbf83a0c89c7e6715c89b997e95032be53fea4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 06:33:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92866
x-xss-protection
0
last-modified
Mon, 27 May 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 May 2024 06:33:55 GMT
freshpaint.js
perfalytics.com/static/js/
128 KB
41 KB
Script
General
Full URL
https://perfalytics.com/static/js/freshpaint.js
Requested by
Host: app1.unstackstg.com
URL: https://app1.unstackstg.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-29.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f3e487ff4bbaa58e4625b5a3f6ac0033e50d49ddb78ce7478784dce55551f0d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
993mj9ygi.AOxyTwbwPkX.Ow7AP.cAdT
content-encoding
gzip
via
1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
date
Mon, 27 May 2024 01:13:53 GMT
last-modified
Wed, 15 May 2024 15:02:15 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P4
age
19260
etag
W/"827703ca911d12e6fbfcf523d89af9b6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Zb_caGiwY2c5kz_MkN9tk1YjgbPArGLf50lXXPCKsVKPYE9Fhti5Bg==
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter
Requested by
Host: app1.unstackstg.com
URL: https://app1.unstackstg.com/static/css/main.495de2c2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bf8428f543a7cf2b19a30a9a5cddc6bc7b4434c13428110d0c8d20a5397b2d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 May 2024 06:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 May 2024 05:42:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 May 2024 06:33:55 GMT
774e5412-0ee7-47d7-98c6-14e15443239c
perfalytics.com/event-definitions/
6 KB
2 KB
XHR
General
Full URL
https://perfalytics.com/event-definitions/774e5412-0ee7-47d7-98c6-14e15443239c
Requested by
Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-29.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f621090769bfe50eb7ac9040537b2368f3ebab7a941ad71f7563c9c5be4a4e6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 06:33:56 GMT
x-amz-version-id
FvNoKGrx4ZmNNKgkk0ywPj4L5MD2gbhG
content-encoding
gzip
via
1.1 86df4d22c97ec96360d46cef55fb5f2a.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
last-modified
Fri, 09 Feb 2024 05:18:20 GMT
server
AmazonS3
etag
W/"377a1dfcbc9d242a7f758959cfd94518"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60,s-max-age=60
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
xlUdnjA17I76fRX4eeuaNE6V_Z4SOtb9SfR4NeS2imAAnWIn2AOmEA==
UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
fonts.gstatic.com/s/inter/v13/
21 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuLyfAZ9hiA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2301bb030a2bcaa9c763cc4771bd717aac16709c29eaba00673fcbe7cdf99a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://app1.unstackstg.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 21 May 2024 22:47:25 GMT
x-content-type-options
nosniff
age
459990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21564
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 May 2025 22:47:25 GMT
sass.worker.js
app1.unstackstg.com/
4 MB
678 KB
Other
General
Full URL
https://app1.unstackstg.com/sass.worker.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-3.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e92a2208abffa0790a907e4b464f360b72f149c294e88577a4c4ad4e2af7ec0b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 05:44:26 GMT
content-encoding
br
via
1.1 e962a4214db0639b31056a5ae4bf22f4.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P4
age
2970
x-cache
Hit from cloudfront
referrer-policy
strict-origin
last-modified
Mon, 27 May 2024 05:40:31 GMT
server
AmazonS3
etag
W/"eff1125d77aca505c4dfda3539a92808"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
permissions-policy
geolocation=(self)
x-amz-cf-id
C4318ejrjbubMuQccrmTTORBUgt05_nhtVrUIQZqZoQuQMUptfPlhQ==
/
us.i.posthog.com/decide/
533 B
693 B
XHR
General
Full URL
https://us.i.posthog.com/decide/?v=3&ip=1&_=1716791635606&ver=1.131.3&compression=base64
Requested by
Host: app1.unstackstg.com
URL: https://app1.unstackstg.com/static/js/main.49717ceb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.16.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-16-206.compute-1.amazonaws.com
Software
envoy /
Resource Hash
286429bae7b38977a402466a4e5648f08ca33b2957095612f5477b3dd922a194
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 May 2024 06:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
same-origin
server
envoy
cross-origin-opener-policy
same-origin
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app1.unstackstg.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
31
access-control-allow-headers
X-Requested-With,Content-Type
/
us.i.posthog.com/e/
13 B
406 B
XHR
General
Full URL
https://us.i.posthog.com/e/?ip=1&_=1716791635643&ver=1.131.3&compression=base64
Requested by
Host: app1.unstackstg.com
URL: https://app1.unstackstg.com/static/js/main.49717ceb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.16.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-16-206.compute-1.amazonaws.com
Software
envoy /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 May 2024 06:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
same-origin
server
envoy
cross-origin-opener-policy
same-origin
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app1.unstackstg.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
access-control-allow-headers
X-Requested-With,Content-Type
favicon.png
app1.unstackstg.com/
2 KB
2 KB
Other
General
Full URL
https://app1.unstackstg.com/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-3.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1117d195a5ec1e2dde654b3111bdb8fc633ad88348753ea47da66b28d954f6a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 05:44:26 GMT
via
1.1 e962a4214db0639b31056a5ae4bf22f4.cloudfront.net (CloudFront)
content-security-policy
frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P4
age
2970
x-cache
Hit from cloudfront
content-length
1990
referrer-policy
strict-origin
last-modified
Mon, 27 May 2024 05:40:30 GMT
server
AmazonS3
etag
"e564ce8f893c8fc7b61fdd533b6aa4d2"
content-type
image/png
cache-control
max-age=86400
permissions-policy
geolocation=(self)
x-amz-cf-id
d9xGxng7RE-ApVumOU0riPsg-W-2ozyDwf0YbJ8fnfm3OdT80g08Eg==
integrations.js
perfalytics.com/static/js/
388 KB
94 KB
Script
General
Full URL
https://perfalytics.com/static/js/integrations.js
Requested by
Host: perfalytics.com
URL: https://perfalytics.com/static/js/freshpaint.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-29.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18b6950257b6495aaa5ed01184ca60fa0ac0517c57fab17a395e2f2a657d1f0a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 18:31:01 GMT
x-amz-version-id
D3T66N57CN6GRwI0be1iEvorL7tjzSjq
content-encoding
gzip
last-modified
Thu, 21 Mar 2024 17:42:41 GMT
server
AmazonS3
via
1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
etag
W/"8ed8eaba125f015032b22bded04b5d78"
age
43375
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
GSF0bOasvuYqVbGZHIdxBHEi9SHXOA-L2kFUw34T3gOC9RLPWVMylw==
track
api.perfalytics.com/
0
0
Preflight
General
Full URL
https://api.perfalytics.com/track
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-111.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app1.unstackstg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Mon, 27 May 2024 06:33:56 GMT
via
1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
x-amz-apigw-id
YatlNEe3PHcEQPA=
x-amz-cf-id
fWIRwJbh-40WBYeFYReehXX1A1iQi--yhcGgTk_hTjT2yJd4Dogg9g==
x-amz-cf-pop
MUC50-P1
x-amzn-requestid
13e78bf9-7cf3-4ab8-ad78-b10e668c4134
x-cache
Miss from cloudfront
track
api.perfalytics.com/
0
0
Preflight
General
Full URL
https://api.perfalytics.com/track
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-111.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app1.unstackstg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Mon, 27 May 2024 06:33:56 GMT
via
1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
x-amz-apigw-id
YatlMFj4PHcEAIA=
x-amz-cf-id
kaDp3i0olRZpzxTj1FZoQyzOuvBFKQNize40-LXVWpfOOOqUVly1yQ==
x-amz-cf-pop
MUC50-P1
x-amzn-requestid
d0565418-021a-4710-99c6-1bc05ad34adc
x-cache
Miss from cloudfront
track
api.perfalytics.com/
133 B
655 B
XHR
General
Full URL
https://api.perfalytics.com/track
Requested by
Host: app1.unstackstg.com
URL: https://app1.unstackstg.com/static/js/main.49717ceb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-111.muc50.r.cloudfront.net
Software
/
Resource Hash
156665735a809a63b95538255799dd9aecbf22950f3d02cf798f13f3326b7827

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 May 2024 06:33:56 GMT
via
1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
x-amzn-requestid
8b256ad8-3fd2-46cb-8ae3-dfe3bc2c40d6
x-amzn-trace-id
Root=1-66542954-386050dd2c44a880391edabd
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-amz-apigw-id
YatlRHm0vHcEjig=
content-length
133
x-amz-cf-id
wVSmjyqLZeQZzeHuDnotOlPD_SO-0yrDWQpBykRY05Z7e8DGA7R8hg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
track
api.perfalytics.com/
133 B
654 B
XHR
General
Full URL
https://api.perfalytics.com/track
Requested by
Host: app1.unstackstg.com
URL: https://app1.unstackstg.com/static/js/main.49717ceb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-111.muc50.r.cloudfront.net
Software
/
Resource Hash
00c5d27504543f7338075402c8e770022fa3f107d3e56774f4bba87cae9ce0ce

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 May 2024 06:33:56 GMT
via
1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
x-amzn-requestid
549b3b0b-88b4-43bf-b44a-f91ea6bdbb5b
x-amzn-trace-id
Root=1-66542954-437cccb31d52db9d4353a86a
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-amz-apigw-id
YatlRGGfPHcEbSw=
content-length
133
x-amz-cf-id
zwg_m3IKyK8978dj5sNH3fPycLKDi6XC5re3idn_UeH8J8c15GGPgA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
track
api.perfalytics.com/
133 B
655 B
XHR
General
Full URL
https://api.perfalytics.com/track
Requested by
Host: app1.unstackstg.com
URL: https://app1.unstackstg.com/static/js/main.49717ceb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-111.muc50.r.cloudfront.net
Software
/
Resource Hash
7ce87abe728e44dd505f804323ad8045ebc6f1abba37445d5cc52bd1d0014b5f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 May 2024 06:33:56 GMT
via
1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P1
x-amzn-requestid
15f8895e-e3a2-4eec-895f-9b59b86d08e1
x-amzn-trace-id
Root=1-66542954-24ae17263c4339d24446d3e5
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-amz-apigw-id
YatlREBYPHcEOVw=
content-length
133
x-amz-cf-id
43OEnl8NiQN4Qx6ApjLkMuXhrQyXzYOByZ_iOItRc2USRH34gM71mw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
track
api.perfalytics.com/
0
0
Preflight
General
Full URL
https://api.perfalytics.com/track
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-111.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app1.unstackstg.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Mon, 27 May 2024 06:33:56 GMT
via
1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
x-amz-apigw-id
YatlNEkKvHcESgw=
x-amz-cf-id
_aNJUCOAA8CL7r3FC5IVuLjeWZkzoMAPJw67udlOWudWT5pKSF7_Wg==
x-amz-cf-pop
MUC50-P1
x-amzn-requestid
5c62fcb6-993d-42b8-abd7-7e41f323fed9
x-cache
Miss from cloudfront
4958261.js
js.hs-analytics.net/analytics/1716791700000/
66 KB
24 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1716791700000/4958261.js
Requested by
Host: perfalytics.com
URL: https://perfalytics.com/static/js/integrations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c55ded6186af6c2db2d84617f13494a391ee04ced0041f5a5709715b5a14c780

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 06:33:55 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
WGXKAWBP4TGEFPEF
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
2f718112-9ea3-4371-a8ee-67b0d362c298
x-envoy-upstream-service-time
44
x-amz-id-2
27xYnkqkloWgcas1FCCHOg20YmvZ3ukRboYKyV67P+E86tnZKUbp3IYgrm6I98TzGPsxCCTGNQ4=
x-evy-trace-listener
listener_https
x-request-id
2f718112-9ea3-4371-a8ee-67b0d362c298
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 27 Feb 2024 15:30:38 GMT
server
cloudflare
etag
W/"972a41fe32e92f3f813b6f81499de63a"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
88a3f9ebde6192ad-FRA
expires
Mon, 27 May 2024 06:38:55 GMT
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1608735010&v=1.1&a=4958261&pu=https%3A%2F%2Fapp1.unstackstg.com%2F&t=Log+in+to+Unstack&cts=1716791636029&vi=66219ad85bb41025b8058c3effbe9a5f&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app1.unstackstg.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 06:33:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
bf6fd68b-05da-4e75-af18-2cad11e7acec
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
12
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
bf6fd68b-05da-4e75-af18-2cad11e7acec
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHOp9pSlnqSUHbS8QKjgwpQpJ32xn5g7Yv5%2F87UD8q3sMjjvTuxWtnV7Eo2oHPagixjT4%2F%2BgUv%2Bpm0CaSQkjYgw0s8PT8Fz2bJVmytT%2FhGlINRViwe%2BLxQEQjBwEk97ynDoHMQ%2FhyMoEno2jypFF"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-hch7x
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
88a3f9edbc9f9241-FRA
x-robots-tag
none

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.hs-scripts.com
URL
https://js.hs-scripts.com/4958261.js

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer function| gtag object| freshpaint boolean| _rewardful_loaded function| Rewardful function| rewardful object| google_tag_manager object| google_tag_data object| webpackChunkunstack_frontend function| normalizePage function| denormalizePage function| _ object| _learnq object| integrationActions object| YOUTUBE_URL_REGEXP object| YOUTUBE_SHORT_URL_REGEXP object| sprkfe function| ga object| gaDevIds object| gaplugins object| __SENTRY__ string| __reactRouterVersion object| _hsq function| g object| hljs function| Quill function| LUID object| sprk string| static_path string| cache_buster object| System object| importMap object| articleSelectors object| freshpaintIntegrations object| perfalytics function| normalize object| _paq function| sanitizeKey boolean| _hstc_ran object| _hsp string| __hsUserToken number| expireDateTime boolean| _hstc_loaded object| __sentry_instrumentation_handlers__

6 Cookies

Domain/Path Name / Value
.unstackstg.com/ Name: _gcl_au
Value: 1.1.1695576148.1716791635
.unstackstg.com/ Name: ph_phc_OsUqla5w6Nk0hwjA8JNAqZhaBy96Vymi4xlPo989PcS_posthog
Value: %7B%22distinct_id%22%3A%22018fb8c1-6e96-7dd2-8ddc-814353180df8%22%2C%22%24sesid%22%3A%5B1716791635642%2C%22018fb8c1-6eba-74a6-a56a-c6e5c31b7560%22%2C1716791635642%5D%7D
.unstackstg.com/ Name: ajs_anonymous_id
Value: %2218fb8c16f228d5-0a5a1f6840fa91-26001c51-1d4c00-18fb8c16f231d73%22
.unstackstg.com/ Name: mp_774e5412-0ee7-47d7-98c6-14e15443239c_perfalytics
Value: %7B%22distinct_id%22%3A%20%2218fb8c16f228d5-0a5a1f6840fa91-26001c51-1d4c00-18fb8c16f231d73%22%2C%22%24device_id%22%3A%20%2218fb8c16f228d5-0a5a1f6840fa91-26001c51-1d4c00-18fb8c16f231d73%22%2C%22%24auiddc%22%3A%20%221824394700.1716791636%22%2C%22__last_event_time%22%3A%201716791635760%2C%22%24session_id%22%3A%20%2218fb8c16f241c1-0134f30df25c73-26001c51-1d4c00-18fb8c16f25229e%22%2C%22__first_pageview_in_session_has_occurred%22%3A%20true%2C%22__session_count%22%3A%201%2C%22__initial_utm_props_set%22%3A%20true%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22%24pageview_id%22%3A%20%2218fb8c16f2e114d-0206d85fa4a20b-26001c51-1d4c00-18fb8c16f2f2191%22%2C%22__first_pageview_occurred%22%3A%20true%2C%22__last_pageview_time%22%3A%201716791635760%7D
.hubspot.com/ Name: __cf_bm
Value: wfY2UP5j.g6AEdBAjtZqwLvpXbcT5rJAsftsyt3oFTY-1716791636-1.0.1.1-MF1Wg82H01LXyBBq.GQIrntjQswb2_Li6QfY2JGTIyIN2A938GVquQoHuMWom5VXklbxr3BAU1nhi_Djo5jtKQ
.hubspot.com/ Name: _cfuvid
Value: B9kO8yM75Wm3.KyhM5W31LgSD8_SxwvPq959uneBGFs-1716791636242-0.0.1.1-604800000

2 Console Messages

Source Level URL
Text
other warning URL: https://app1.unstackstg.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://app1.unstackstg.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://*.myshopify.com https://admin.shopify.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.perfalytics.com
app1.unstackstg.com
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-scripts.com
perfalytics.com
r.wdfl.co
track.hubspot.com
us.i.posthog.com
www.googletagmanager.com
js.hs-scripts.com
18.173.187.29
18.173.187.3
18.66.192.111
2600:9000:26db:2a00:1b:348c:b140:93a1
2606:4700::6810:7574
2606:4700::6810:a0a8
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:82f::2008
34.225.16.206
00c5d27504543f7338075402c8e770022fa3f107d3e56774f4bba87cae9ce0ce
156665735a809a63b95538255799dd9aecbf22950f3d02cf798f13f3326b7827
18b6950257b6495aaa5ed01184ca60fa0ac0517c57fab17a395e2f2a657d1f0a
1f621090769bfe50eb7ac9040537b2368f3ebab7a941ad71f7563c9c5be4a4e6
2301bb030a2bcaa9c763cc4771bd717aac16709c29eaba00673fcbe7cdf99a59
23b044c4b53c12a44d5d95cccbda8254c044d7178b567741ed138dee84ddefa9
286429bae7b38977a402466a4e5648f08ca33b2957095612f5477b3dd922a194
29943e913a62b036dd1075d398cbf83a0c89c7e6715c89b997e95032be53fea4
5bf8428f543a7cf2b19a30a9a5cddc6bc7b4434c13428110d0c8d20a5397b2d1
5f3e487ff4bbaa58e4625b5a3f6ac0033e50d49ddb78ce7478784dce55551f0d
65f215f2bcb1962431b2ebf451ded721434d5a4509582a5d8fc56adcf8e44220
6e2dbb37283bfb470c9fe67608e5c021a94d6759842a0cdb83c2414207fe0865
7ce87abe728e44dd505f804323ad8045ebc6f1abba37445d5cc52bd1d0014b5f
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
ba3fc1c0800a07246c328178d02d39f4b24b8cb0ab1b840b0fdb793c35aa047a
c55ded6186af6c2db2d84617f13494a391ee04ced0041f5a5709715b5a14c780
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e92a2208abffa0790a907e4b464f360b72f149c294e88577a4c4ad4e2af7ec0b
ec80bb94c12d7a751c6760e6ff75f1365177016ec8d41b8c92ca66ea078e22ba
f1117d195a5ec1e2dde654b3111bdb8fc633ad88348753ea47da66b28d954f6a