accounts-portal.bstock-dev.com Open in urlscan Pro
34.102.138.135  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response accounts-portal.bstock-dev.com/	48 KB 11 KB	191ms 173ms	Document text/html	34.102.138.135 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.138.135 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 135.138.102.34.bc.googleusercontent.com Software / Resource Hash 29cb699105b98fa3a4ed13e3ea614411ce2c5721429903bde535d21882e299f5 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers x-dns-prefetch-control off expect-ct max-age=0 x-frame-options SAMEORIGIN strict-transport-security max-age=15552000; includeSubDomains x-download-options noopen x-content-type-options nosniff x-permitted-cross-domain-policies none referrer-policy no-referrer x-xss-protection 0 x-ratelimit-limit 75 x-ratelimit-remaining 74 date Tue, 07 Dec 2021 21:11:22 GMT x-ratelimit-reset 1638911493 content-type text/html; charset=utf-8 etag W/"be26-NGWur8NMzRd8Ws+lNldSkb7X3dQ" vary Accept-Encoding content-encoding gzip via 1.1 google alt-svc clear
GET H2	200	289.074d5654.css accounts-portal.bstock-dev.com/registration/css/	8 KB 2 KB	159ms 158ms	Stylesheet text/css	34.102.138.135 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts-portal.bstock-dev.com/registration/css/289.074d5654.css Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.138.135 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 135.138.102.34.bc.googleusercontent.com Software / Resource Hash 1593af556e5084588d5421855f7d8c95d2505e645eb9bbf27e291a4dec518627 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding br x-content-type-options nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off x-ratelimit-remaining 73 date Tue, 07 Dec 2021 21:11:23 GMT alt-svc clear content-length 1391 x-xss-protection 0 referrer-policy no-referrer last-modified Tue, 07 Dec 2021 20:54:58 GMT x-frame-options SAMEORIGIN etag W/"56f-17d96ad94d0" expect-ct max-age=0 vary Accept-Encoding x-download-options noopen content-type text/css; charset=UTF-8 via 1.1 google cache-control public, max-age=0 x-ratelimit-reset 1638911493 x-ratelimit-limit 75 accept-ranges bytes
GET H2	200	lato-v17-latin-regular.woff2 accounts-portal.bstock-dev.com/registration/fonts/	23 KB 23 KB	160ms 159ms	Font font/woff2	34.102.138.135 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts-portal.bstock-dev.com/registration/fonts/lato-v17-latin-regular.woff2 Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.138.135 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 135.138.102.34.bc.googleusercontent.com Software / Resource Hash c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer Origin https://accounts-portal.bstock-dev.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains via 1.1 google x-content-type-options nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off date Tue, 07 Dec 2021 21:11:23 GMT alt-svc clear content-length 23484 x-xss-protection 0 referrer-policy no-referrer last-modified Tue, 07 Dec 2021 20:54:58 GMT x-frame-options SAMEORIGIN etag W/"5bbc-17d96ad94d0" expect-ct max-age=0 x-ratelimit-remaining 74 x-download-options noopen content-type font/woff2 cache-control public, max-age=0 x-ratelimit-reset 1638911493 x-ratelimit-limit 75 accept-ranges bytes
GET H2	200	lato-v17-latin-700.woff2 accounts-portal.bstock-dev.com/registration/fonts/	22 KB 23 KB	160ms 160ms	Font font/woff2	34.102.138.135 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts-portal.bstock-dev.com/registration/fonts/lato-v17-latin-700.woff2 Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.138.135 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 135.138.102.34.bc.googleusercontent.com Software / Resource Hash 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer Origin https://accounts-portal.bstock-dev.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains via 1.1 google x-content-type-options nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off date Tue, 07 Dec 2021 21:11:23 GMT alt-svc clear content-length 22992 x-xss-protection 0 referrer-policy no-referrer last-modified Tue, 07 Dec 2021 20:54:58 GMT x-frame-options SAMEORIGIN etag W/"59d0-17d96ad94d0" expect-ct max-age=0 x-ratelimit-remaining 73 x-download-options noopen content-type font/woff2 cache-control public, max-age=0 x-ratelimit-reset 1638911493 x-ratelimit-limit 75 accept-ranges bytes
GET H2	200	prismic.min.js Show response static.cdn.prismic.io/	29 KB 10 KB	53ms 9ms	Script application/javascript	2600:9000:214f:5800:6:ea06:d140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.cdn.prismic.io/prismic.min.js Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:5800:6:ea06:d140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9b2938086569ff46ce7b05a5f7a401e4d505ebc0ee2ffd0cba75afa8ae3afc52 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 07 Dec 2021 01:17:12 GMT content-encoding gzip etag W/"bbab9dc3132293ba40e3539ec2389de3" last-modified Mon, 25 Oct 2021 12:52:48 GMT server AmazonS3 age 94624 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-cf-id jkHwhpTpZbb-TxgfWdzL_zWH-DoBYjvvCezdIyWdOlRKWu0D2otnsw==
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	56ms 31ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-143183201-2 Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d16108e6ed4612e253872b3f8b31e85fa45d681175b6eb85e7c05dde8655e6ad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 07 Dec 2021 21:11:23 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36191 x-xss-protection 0 expires Tue, 07 Dec 2021 21:11:23 GMT
GET H2	200	restrictions.svg accounts-portal.bstock-dev.com/images/	25 KB 25 KB	190ms 188ms	Image text/html	34.102.138.135 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts-portal.bstock-dev.com/images/restrictions.svg Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.138.135 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 135.138.102.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip etag W/"6526-zVagWUkW5bKeipcjUifq67PLWjk" x-permitted-cross-domain-policies none x-dns-prefetch-control off x-ratelimit-remaining 71 alt-svc clear x-xss-protection 0 referrer-policy no-referrer x-frame-options SAMEORIGIN date Tue, 07 Dec 2021 21:11:23 GMT expect-ct max-age=0 vary Accept-Encoding x-download-options noopen content-type text/html; charset=utf-8 via 1.1 google x-ratelimit-reset 1638911493 x-ratelimit-limit 75 x-content-type-options nosniff
GET H2	200	close.svg accounts-portal.bstock-dev.com/images/	6 KB 6 KB	190ms 189ms	Image text/html	34.102.138.135 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts-portal.bstock-dev.com/images/close.svg Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.138.135 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 135.138.102.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip etag W/"651f-FvJG0INpzYNXWXRBM45ej8J6mYA" x-permitted-cross-domain-policies none x-dns-prefetch-control off x-ratelimit-remaining 72 alt-svc clear x-xss-protection 0 referrer-policy no-referrer x-frame-options SAMEORIGIN date Tue, 07 Dec 2021 21:11:23 GMT expect-ct max-age=0 vary Accept-Encoding x-download-options noopen content-type text/html; charset=utf-8 via 1.1 google x-ratelimit-reset 1638911493 x-ratelimit-limit 75 x-content-type-options nosniff
GET H2	200	bundle.9f60ffd2584e353ee643.min.js Show response accounts-portal.bstock-dev.com/registration/	1 MB 278 KB	166ms 165ms	Script application/javascript	34.102.138.135 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts-portal.bstock-dev.com/registration/bundle.9f60ffd2584e353ee643.min.js Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.138.135 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 135.138.102.34.bc.googleusercontent.com Software / Resource Hash 5c5a4277f97d945c977d982825f6f12812aae25249f091373305f6ed2079025d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding br x-content-type-options nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off x-ratelimit-remaining 72 date Tue, 07 Dec 2021 21:11:23 GMT alt-svc clear content-length 283505 x-xss-protection 0 referrer-policy no-referrer last-modified Tue, 07 Dec 2021 20:54:58 GMT x-frame-options SAMEORIGIN etag W/"45371-17d96ad94d0" expect-ct max-age=0 vary Accept-Encoding x-download-options noopen content-type application/javascript; charset=UTF-8 via 1.1 google cache-control public, max-age=0 x-ratelimit-reset 1638911493 x-ratelimit-limit 75 accept-ranges bytes
GET H2	200	bundle.cc1c9b1d6e356b0d197b.min.js Show response accounts-portal.bstock-dev.com/registration/	397 KB 70 KB	168ms 166ms	Script application/javascript	34.102.138.135 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts-portal.bstock-dev.com/registration/bundle.cc1c9b1d6e356b0d197b.min.js Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.138.135 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 135.138.102.34.bc.googleusercontent.com Software / Resource Hash 54b975f308966f6906a9f6233800b6d8e08350c6373c2e76f6f01fe41187cbc8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding br x-content-type-options nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off x-ratelimit-remaining 70 date Tue, 07 Dec 2021 21:11:23 GMT alt-svc clear content-length 71597 x-xss-protection 0 referrer-policy no-referrer last-modified Tue, 07 Dec 2021 20:54:58 GMT x-frame-options SAMEORIGIN etag W/"117ad-17d96ad94d0" expect-ct max-age=0 vary Accept-Encoding x-download-options noopen content-type application/javascript; charset=UTF-8 via 1.1 google cache-control public, max-age=0 x-ratelimit-reset 1638911493 x-ratelimit-limit 75 accept-ranges bytes
GET H2	200	913.bundle.267743471c1f3ed50c97.js Show response accounts-portal.bstock-dev.com/registration/	299 B 307 B	169ms 168ms	Script application/javascript	34.102.138.135 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts-portal.bstock-dev.com/registration/913.bundle.267743471c1f3ed50c97.js Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.138.135 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 135.138.102.34.bc.googleusercontent.com Software / Resource Hash 077706a8cf8605d5090f1644870d87ed9f52103eca1e3b4a948fa1b43afd51ab Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding br x-content-type-options nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off x-ratelimit-remaining 69 date Tue, 07 Dec 2021 21:11:23 GMT alt-svc clear content-length 209 x-xss-protection 0 referrer-policy no-referrer last-modified Tue, 07 Dec 2021 20:54:58 GMT x-frame-options SAMEORIGIN etag W/"d1-17d96ad94d0" expect-ct max-age=0 vary Accept-Encoding x-download-options noopen content-type application/javascript; charset=UTF-8 via 1.1 google cache-control public, max-age=0 x-ratelimit-reset 1638911493 x-ratelimit-limit 75 accept-ranges bytes
GET H2	200	54.bundle.75f1f42a7cc416b3fb7c.js Show response accounts-portal.bstock-dev.com/registration/	3 KB 760 B	207ms 206ms	Script application/javascript	34.102.138.135 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts-portal.bstock-dev.com/registration/54.bundle.75f1f42a7cc416b3fb7c.js Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.138.135 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 135.138.102.34.bc.googleusercontent.com Software / Resource Hash 124a97ffacc267b3b2190055b196578310e5aa74d9f51a028fe9bf78cfaac9c7 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding br x-content-type-options nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off x-ratelimit-remaining 70 date Tue, 07 Dec 2021 21:11:23 GMT alt-svc clear content-length 665 x-xss-protection 0 referrer-policy no-referrer last-modified Tue, 07 Dec 2021 20:54:58 GMT x-frame-options SAMEORIGIN etag W/"299-17d96ad94d0" expect-ct max-age=0 vary Accept-Encoding x-download-options noopen content-type application/javascript; charset=UTF-8 via 1.1 google cache-control public, max-age=0 x-ratelimit-reset 1638911493 x-ratelimit-limit 75 accept-ranges bytes
GET H2	200	HomePage.bundle.946268b2488434a5482b.js Show response accounts-portal.bstock-dev.com/registration/	15 KB 3 KB	166ms 165ms	Script application/javascript	34.102.138.135 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts-portal.bstock-dev.com/registration/HomePage.bundle.946268b2488434a5482b.js Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.102.138.135 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 135.138.102.34.bc.googleusercontent.com Software / Resource Hash beb8a8e5732927bf377b24be8a1622c66180fe4ac330f8ff86fae178ce449092 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding br x-content-type-options nosniff x-permitted-cross-domain-policies none x-dns-prefetch-control off x-ratelimit-remaining 71 date Tue, 07 Dec 2021 21:11:23 GMT alt-svc clear content-length 3463 x-xss-protection 0 referrer-policy no-referrer last-modified Tue, 07 Dec 2021 20:54:58 GMT x-frame-options SAMEORIGIN etag W/"d87-17d96ad94d0" expect-ct max-age=0 vary Accept-Encoding x-download-options noopen content-type application/javascript; charset=UTF-8 via 1.1 google cache-control public, max-age=0 x-ratelimit-reset 1638911493 x-ratelimit-limit 75 accept-ranges bytes
GET H2	200	gtm.js Show response www.googletagmanager.com/	96 KB 37 KB	59ms 35ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TBWFRXW Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0999cf5f4d81a85d37e1bdbf2f96aba153a87a31bc0dc6c774928e966dc8fc3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Tue, 07 Dec 2021 21:11:23 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37961 x-xss-protection 0 expires Tue, 07 Dec 2021 21:11:23 GMT
GET H2	200	iframe.html Show response rudder-roy.prismic.io/prismic-toolbar/4.0.7/ Frame 39AC	20 KB 8 KB	365ms 129ms	Document text/html	52.72.250.80 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://rudder-roy.prismic.io/prismic-toolbar/4.0.7/iframe.html Requested by Host: static.cdn.prismic.io URL: https://static.cdn.prismic.io/prismic.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.72.250.80 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-72-250-80.compute-1.amazonaws.com Software / Resource Hash 3b906487a9d11fd14fef05648ce1dfe9c718926da0cd9cda2a24564aeb2bb619 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 07 Dec 2021 21:11:23 GMT content-type text/html last-modified Thu, 30 Sep 2021 09:06:20 GMT etag W/"80f4676797f50202e324a04e40bb6d1f" content-encoding gzip
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	32ms 8ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-143183201-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 616 date Tue, 07 Dec 2021 21:01:07 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 07 Dec 2021 23:01:07 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 216 B	14ms 14ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1725354442&t=pageview&_s=1&dl=https%3A%2F%2Faccounts-portal.bstock-dev.com%2F&ul=en-us&de=UTF-8&dt=B-Stock%20Registration%20(dev)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1552987866&gjid=1276043500&cid=1555471315.1638911483&tid=UA-143183201-2&_gid=1594185759.1638911483&_r=1&gtm=2ouc10&z=1751616470 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 07 Dec 2021 21:11:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://accounts-portal.bstock-dev.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 66 B	14ms 14ms	XHR text/plain	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1725354442&t=pageview&_s=1&dl=https%3A%2F%2Faccounts-portal.bstock-dev.com%2F&ul=en-us&de=UTF-8&dt=B-Stock%20Registration%20(dev)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1938618108&gjid=2044858347&cid=1555471315.1638911483&tid=UA-143183201-2&_gid=1594185759.1638911483&_r=1&gtm=2wgc10TBWFRXW&z=164729181 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 07 Dec 2021 21:11:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://accounts-portal.bstock-dev.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/ Frame 39AC	2 KB 1 KB	38ms 16ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Code+Pro Requested by Host: rudder-roy.prismic.io URL: https://rudder-roy.prismic.io/prismic-toolbar/4.0.7/iframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fb70d3fecd752a7b86223ac1fd8cc6eb8f5ccd43a1884af0e8a6ca714b3ef642 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://rudder-roy.prismic.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 07 Dec 2021 19:43:26 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 07 Dec 2021 21:11:23 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 Dec 2021 21:11:23 GMT
OPTIONS		check localhost/v1/people/login/ Frame	0 0
GET H2	200	AvNpyVSiJb4ZsB5R2Pv9Xc.json Show response cdn.optimizely.com/datafiles/	992 B 1 KB	157ms 118ms	XHR text/javascript	2a02:26f0:6c00:2a0::13b8 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn.optimizely.com/datafiles/AvNpyVSiJb4ZsB5R2Pv9Xc.json Requested by Host: accounts-portal.bstock-dev.com URL: https://accounts-portal.bstock-dev.com/registration/bundle.9f60ffd2584e353ee643.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:2a0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AmazonS3 / Resource Hash 711a16fd7576385db97e4ab00f458a07d6389b19367b2be3b2faa787d8a6783b Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-amz-meta-pci_enabled False x-amz-version-id ofcpDpLCcOoWVagZjXKzadWdmiP5yVrV content-encoding gzip etag "f0653eb83c1c45e3347bd179b9f7fa30" x-amz-request-id Z8P7TWN3HVQJGXG0 x-amz-meta-revision 169 x-amz-replication-status COMPLETED access-control-allow-methods GET, HEAD, OPTIONS server-timing cdn;desc="AkamaiION";dur=0,rtt;desc="3";dur=0,cdnip;desc="2a02:26f0:6c00:2a0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0 vary Accept-Encoding content-length 493 x-amz-id-2 xZ3QFyBqt7zbQ1sHqUb5g2c7I7+E/2Myeu1uvuUbZvo4b2y8GDWUxnaZZ4zarRPPEe0lRlpPiTQ= last-modified Tue, 22 Oct 2019 12:17:33 GMT server AmazonS3 date Tue, 07 Dec 2021 21:11:23 GMT access-control-max-age 604800 strict-transport-security max-age=15768000 content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=118 access-control-allow-credentials false accept-ranges bytes access-control-allow-headers *
GET		check localhost/v1/people/login/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

localhost

URL

http://localhost:3302/v1/people/login/check

Domain

localhost

URL

http://localhost:3302/v1/people/login/check

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| zESettings object| prismic function| gtag object| dataLayer string| baseUrl object| PrismicToolbar object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| __LOADABLE_LOADED_CHUNKS__ object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ object| FontAwesomeConfig object| ___FONT_AWESOME___

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bstock-dev.com/	1970-01-20 16:46:23	Name: _ga Value: GA1.2.1555471315.1638911483
			.bstock-dev.com/	1970-01-19 23:16:37	Name: _gid Value: GA1.2.1594185759.1638911483
			.bstock-dev.com/	1970-01-19 23:15:11	Name: _gat_gtag_UA_143183201_2 Value: 1
			.bstock-dev.com/	1970-01-19 23:15:11	Name: _gat_UA-143183201-2 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: The script has an unsupported MIME type ('text/html').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts-portal.bstock-dev.com
cdn.optimizely.com
fonts.googleapis.com
localhost
rudder-roy.prismic.io
static.cdn.prismic.io
www.google-analytics.com
www.googletagmanager.com
localhost
2600:9000:214f:5800:6:ea06:d140:93a1
2a00:1450:4001:80e::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
2a02:26f0:6c00:2a0::13b8
34.102.138.135
52.72.250.80
077706a8cf8605d5090f1644870d87ed9f52103eca1e3b4a948fa1b43afd51ab
0999cf5f4d81a85d37e1bdbf2f96aba153a87a31bc0dc6c774928e966dc8fc3a
124a97ffacc267b3b2190055b196578310e5aa74d9f51a028fe9bf78cfaac9c7
1593af556e5084588d5421855f7d8c95d2505e645eb9bbf27e291a4dec518627
29cb699105b98fa3a4ed13e3ea614411ce2c5721429903bde535d21882e299f5
3b906487a9d11fd14fef05648ce1dfe9c718926da0cd9cda2a24564aeb2bb619
54b975f308966f6906a9f6233800b6d8e08350c6373c2e76f6f01fe41187cbc8
5c5a4277f97d945c977d982825f6f12812aae25249f091373305f6ed2079025d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
711a16fd7576385db97e4ab00f458a07d6389b19367b2be3b2faa787d8a6783b
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
9b2938086569ff46ce7b05a5f7a401e4d505ebc0ee2ffd0cba75afa8ae3afc52
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
beb8a8e5732927bf377b24be8a1622c66180fe4ac330f8ff86fae178ce449092
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
d16108e6ed4612e253872b3f8b31e85fa45d681175b6eb85e7c05dde8655e6ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb70d3fecd752a7b86223ac1fd8cc6eb8f5ccd43a1884af0e8a6ca714b3ef642