URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/
Submission: On September 22 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 23 HTTP transactions. The main IP is 54.164.33.18, located in United States and belongs to AMAZON-AES, US. The main domain is admin.pc-cm-3-usbank-0.voiceflow.com.
TLS certificate: Issued by R3 on September 22nd 2021. Valid for: 3 months.
This is the only time admin.pc-cm-3-usbank-0.voiceflow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
7 admin.pc-cm-3-usbank-0.voiceflow.com admin.pc-cm-3-usbank-0.voiceflow.com
4 apis.google.com admin.pc-cm-3-usbank-0.voiceflow.com
apis.google.com
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 o518899.ingest.sentry.io admin.pc-cm-3-usbank-0.voiceflow.com
1 r.lr-ingest.io admin.pc-cm-3-usbank-0.voiceflow.com
1 ssl.gstatic.com accounts.google.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.lr-ingest.io admin.pc-cm-3-usbank-0.voiceflow.com
1 www.googletagmanager.com admin.pc-cm-3-usbank-0.voiceflow.com
1 fonts.googleapis.com admin.pc-cm-3-usbank-0.voiceflow.com
1 assets.calendly.com admin.pc-cm-3-usbank-0.voiceflow.com
23 11

This site contains no links.

Subject Issuer Validity Valid
admin.pc-cm-3-usbank-0.voiceflow.com
R3
2021-09-22 -
2021-12-21
3 months crt.sh
*.calendly.com
Go Daddy Secure Certificate Authority - G2
2021-02-06 -
2022-03-10
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh
*.ingest.sentry.io
R3
2021-08-25 -
2021-11-23
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
accounts.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
api.logrocket.com
R3
2021-07-30 -
2021-10-28
3 months crt.sh

This page contains 2 frames:

Primary Page: https://admin.pc-cm-3-usbank-0.voiceflow.com/
Frame ID: 83209A7393175EFF4A2A447064BF6971
Requests: 21 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 430FBB74891C3CEAF6AFE1F7C2C5212E
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Voiceflow Admin

Detected technologies

Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2
  • apis\.google\.com/js/platform\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • cdn\.lr-ingest\.io

Page Statistics

23
Requests

96 %
HTTPS

70 %
IPv6

8
Domains

11
Subdomains

11
IPs

2
Countries

880 kB
Transfer

3569 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
admin.pc-cm-3-usbank-0.voiceflow.com/
4 KB
2 KB
Document
General
Full URL
https://admin.pc-cm-3-usbank-0.voiceflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.164.33.18 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-33-18.compute-1.amazonaws.com
Software
/
Resource Hash
9133b0ad7311fe4a1997d99b75deeda75132cc56796fdc952fc06c8c3c41be31
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
admin.pc-cm-3-usbank-0.voiceflow.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 22 Sep 2021 14:56:20 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Fri, 17 Sep 2021 22:55:28 GMT
etag
W/"61451ce0-1188"
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
715.9f73dc26e8fd87684cbe.css
admin.pc-cm-3-usbank-0.voiceflow.com/static/css/
183 KB
31 KB
Stylesheet
General
Full URL
https://admin.pc-cm-3-usbank-0.voiceflow.com/static/css/715.9f73dc26e8fd87684cbe.css
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.164.33.18 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-33-18.compute-1.amazonaws.com
Software
/
Resource Hash
02e1fe78d188ac663b1f05b0020c0f66a735f4369da6595b4201953dbaccbe45
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/static/css/715.9f73dc26e8fd87684cbe.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
admin.pc-cm-3-usbank-0.voiceflow.com
referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 14:56:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Sep 2021 22:55:28 GMT
etag
W/"61451ce0-2dc3f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800 public, no-transform
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 22 Sep 2021 15:26:20 GMT
app.94d2bc43deb5cb9ee85f.css
admin.pc-cm-3-usbank-0.voiceflow.com/static/css/
14 KB
4 KB
Stylesheet
General
Full URL
https://admin.pc-cm-3-usbank-0.voiceflow.com/static/css/app.94d2bc43deb5cb9ee85f.css
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.164.33.18 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-33-18.compute-1.amazonaws.com
Software
/
Resource Hash
e896d77c9cbf23bc499a5fce823dbd13deacebf5d5f6936dc94090adebd98174
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/static/css/app.94d2bc43deb5cb9ee85f.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
admin.pc-cm-3-usbank-0.voiceflow.com
referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 14:56:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Sep 2021 22:55:28 GMT
etag
W/"61451ce0-381c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800 public, no-transform
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 22 Sep 2021 15:26:20 GMT
715.d9ae0cc257b06946e4c0.js
admin.pc-cm-3-usbank-0.voiceflow.com/static/js/
1 MB
413 KB
Script
General
Full URL
https://admin.pc-cm-3-usbank-0.voiceflow.com/static/js/715.d9ae0cc257b06946e4c0.js
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.164.33.18 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-33-18.compute-1.amazonaws.com
Software
/
Resource Hash
8dbfadd60cd0edf66e1614879355872d622f45c00bcf7c5b4707baee1897bb6f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/static/js/715.d9ae0cc257b06946e4c0.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
admin.pc-cm-3-usbank-0.voiceflow.com
referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 14:56:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Sep 2021 22:55:28 GMT
etag
W/"61451ce0-16fd71"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800 public, no-transform
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 22 Sep 2021 15:26:20 GMT
app.5ca359d6633463436a09.js
admin.pc-cm-3-usbank-0.voiceflow.com/static/js/
129 KB
36 KB
Script
General
Full URL
https://admin.pc-cm-3-usbank-0.voiceflow.com/static/js/app.5ca359d6633463436a09.js
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.164.33.18 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-33-18.compute-1.amazonaws.com
Software
/
Resource Hash
630a49cfaf368dccb0226b8f79265c613b70428b7813afde42d8b4b3ddf4c7c3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/static/js/app.5ca359d6633463436a09.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
admin.pc-cm-3-usbank-0.voiceflow.com
referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 14:56:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Sep 2021 22:55:28 GMT
etag
W/"61451ce0-204a1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800 public, no-transform
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 22 Sep 2021 15:26:20 GMT
widget.css
assets.calendly.com/assets/external/
3 KB
1 KB
Stylesheet
General
Full URL
https://assets.calendly.com/assets/external/widget.css
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:d400:d:1c5c:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c234008dd16f9be0fd67752fab36832e286887f07ba5fd1dcda9f4b42ec4fe08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA56-P3
x-cache
Hit from cloudfront
content-length
887
access-control-allow-origin
*
last-modified
Wed, 22 Sep 2021 14:15:41 GMT
server
cloudflare
date
Wed, 22 Sep 2021 14:56:21 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
text/css
via
1.1 82514a5a8cf35fb3132b0b5ab9cb724d.cloudfront.net (CloudFront)
cf-ray
692c50ed18296958-FRA
x-amz-cf-id
__-RVPjvHgLRVTUSRuMwL0QpkHSyKj6o-kIcxxU0FVjspK_Cl1iYdQ==
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a6ce8ee6ce904a9b590e3e458d3332b7ef3a17f53153d31cc2aa30821ebb46f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 14:39:39 GMT
server
ESF
date
Wed, 22 Sep 2021 14:56:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Sep 2021 14:56:20 GMT
platform.js
apis.google.com/js/
54 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/platform.js?onload=init
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f45de1a83aa74cff4543db561c1083a9a378cf675b160c3308844ebd894d28ce
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q86Tkj0qsGVGBCAiHRRdfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
Origin
https://admin.pc-cm-3-usbank-0.voiceflow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 14:56:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"13a0a2b63ca15801ef3682c4ba4161a5"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-Q86Tkj0qsGVGBCAiHRRdfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Wed, 22 Sep 2021 14:56:20 GMT
static.js
admin.pc-cm-3-usbank-0.voiceflow.com/
116 B
406 B
Script
General
Full URL
https://admin.pc-cm-3-usbank-0.voiceflow.com/static.js
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.164.33.18 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-33-18.compute-1.amazonaws.com
Software
/
Resource Hash
649a96c6a5c6cd80f7a1c9ad083557316dadb14ecaad8e013f0969358c7b3a02
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/static.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
admin.pc-cm-3-usbank-0.voiceflow.com
referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 14:56:20 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Sep 2021 11:00:05 GMT
etag
"6145c6b5-74"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
max-age=1800 public, no-transform
accept-ranges
bytes
content-length
116
expires
Wed, 22 Sep 2021 15:26:20 GMT
gtm.js
www.googletagmanager.com/
0
0
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

logger-1.min.js
cdn.lr-ingest.io/
753 KB
154 KB
Script
General
Full URL
https://cdn.lr-ingest.io/logger-1.min.js
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/static/js/715.d9ae0cc257b06946e4c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:a339 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bcc2647f23bdfd648da200f77e58cc7141b4edd14e3d86bccbac1cd6f8d39eb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 14:56:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
145
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31556926
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19183-FRA
last-modified
Tue, 21 Sep 2021 21:13:12 GMT
server
cloudflare
x-timer
S1632258919.019902,VS0,VE1
etag
W/"6f0781c25880d8e8955ff998f8ab263054636992aba7828ccbc4b54fda400a5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mL4QH9kJtWmBLmeFzxDarE1YEjh2tm3vuoi5YX0nTqF%2Fq%2Brv6UaHyQg9QYTf%2Byu72Kl7A%2FrTpu70fSL0D9PJiqLta9YzzuXqFZGuqJXFwzz73S382Q6rz8RjJKY25xQvwvCMEpZ2VWiivE9%2BB%2FbE"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
692c61251d9442cf-FRA
x-cache-hits
1
/
o518899.ingest.sentry.io/api/5831310/envelope/
41 B
300 B
Fetch
General
Full URL
https://o518899.ingest.sentry.io/api/5831310/envelope/?sentry_key=84588f0f1719402d82be577e6c10865e&sentry_version=7
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/static/js/715.d9ae0cc257b06946e4c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
59f1aa16d4f21d8b42dbcb1979f042fd8d7cfae130fe01828dd90ae45c9c72b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Sep 2021 14:56:21 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://admin.pc-cm-3-usbank-0.voiceflow.com
access-control-expose-headers
retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
41
client:platform.js
apis.google.com/js/
54 KB
21 KB
Script
General
Full URL
https://apis.google.com/js/client:platform.js
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/static/js/715.d9ae0cc257b06946e4c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b146e47043207e55d806094e8ead9a906a5c1ed9e5f8a69b68c178cdfb5fa0f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ir9F+cdTDUfHR/uEBMoKEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 14:56:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"c8f4f8914be2c851685aae86ec009476"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-Ir9F+cdTDUfHR/uEBMoKEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Wed, 22 Sep 2021 14:56:21 GMT
1b5c0e3c88d03fe95597.png
admin.pc-cm-3-usbank-0.voiceflow.com/
28 KB
29 KB
Image
General
Full URL
https://admin.pc-cm-3-usbank-0.voiceflow.com/1b5c0e3c88d03fe95597.png
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.164.33.18 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-33-18.compute-1.amazonaws.com
Software
/
Resource Hash
7192d3a5c0a60c8b15396a4b8ce8829574a778e238dd79a1bb248d4e101a15d3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/1b5c0e3c88d03fe95597.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
admin.pc-cm-3-usbank-0.voiceflow.com
referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/login
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 14:56:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 17 Sep 2021 22:55:28 GMT
etag
W/"61451ce0-71cd"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=1800 public, no-transform
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 22 Sep 2021 15:26:21 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6869107ed1efb83229c82f2136349d9d9611429d2b1a4cf929481cc0b062fce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://admin.pc-cm-3-usbank-0.voiceflow.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 07:54:01 GMT
x-content-type-options
nosniff
age
457340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Sep 2022 07:54:01 GMT
ac368ff3-74ce-4fca-8832-2a43236512b1
https://admin.pc-cm-3-usbank-0.voiceflow.com/
426 KB
0
Other
General
Full URL
blob:https://admin.pc-cm-3-usbank-0.voiceflow.com/ac368ff3-74ce-4fca-8832-2a43236512b1
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/login
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04ba0e9f1f0f3164df161be39257b4c98f90bbe52b4d29f9c1f8efb78792d3d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
436210
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/
313 KB
106 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b89bb651692e73dc3347c90af5dab24942237d4d5e7475d1e91e707f8fbfec5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 20 Sep 2021 10:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108745
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Tue, 20 Sep 2022 10:48:44 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/
62 B
536 B
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 09:22:48 GMT
x-content-type-options
nosniff
age
452013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Sat, 17 Sep 2022 09:22:48 GMT
iframe
accounts.google.com/o/oauth2/ Frame 430F
513 B
922 B
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0342584ba64df0a9de14d875cf1ac2f6fb0c89da98292baddd0c6f3eae1675b2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ar/tbDvv9qhg3WCUJTthEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
accept-encoding
gzip, deflate, br
cookie
NID=224=V5yzINhIzAMaZEK_uXYPr_qubYquxYv4vhiZ28XJbdFvnlyFYLYVwFxHyR8Cf1d1lAQusgfR9Sbs0EWNT5BR-FPvJM3fUZO4wKZbF5_yCTYWbh7plM2pCD1vT4SunYzVcuPpU2xEl_MO16RqVCR7W3e9XJ1_hPHdyjgisZJksos
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 22 Sep 2021 14:56:21 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-ar/tbDvv9qhg3WCUJTthEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1260035447-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame 430F
116 KB
40 KB
Script
General
Full URL
https://ssl.gstatic.com/accounts/o/1260035447-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44c8661f02d0547ad8bc6deb777a16c9f8bd783b5d6eb4a75eeaffed8e570042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 19:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40581
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 02:29:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="federated-signon-mpm-access"
expires
Wed, 21 Sep 2022 19:16:07 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 430F
15 B
173 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fadmin.pc-cm-3-usbank-0.voiceflow.com&client_id=792099969137-uf81ar579b5ea2ll96a37r3ruucfbrmv.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1260035447-idpiframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 14:56:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Wed, 22 Sep 2021 15:56:21 GMT
/
o518899.ingest.sentry.io/api/5831310/store/
41 B
142 B
Fetch
General
Full URL
https://o518899.ingest.sentry.io/api/5831310/store/?sentry_key=84588f0f1719402d82be577e6c10865e&sentry_version=7
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/static/js/715.d9ae0cc257b06946e4c0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44c897c8a7339ea18ab1efebe66904b348ec29be9785bc63f0742fa87f8c46e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Sep 2021 14:56:21 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://admin.pc-cm-3-usbank-0.voiceflow.com
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
41
i
r.lr-ingest.io/
78 B
540 B
XHR
General
Full URL
https://r.lr-ingest.io/i?a=eource%2Fvoiceflow&r=4-4769548f-91a9-40d5-b40f-1dc74158c42c&t=fa356b85-8b92-4730-ba23-62efc8d68700&s=0&rs=0%2Cu
Requested by
Host: admin.pc-cm-3-usbank-0.voiceflow.com
URL: https://admin.pc-cm-3-usbank-0.voiceflow.com/static/js/715.d9ae0cc257b06946e4c0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.198.23.205 -, , ASN (),
Reverse DNS
Software
nginx/1.17.7 / Express
Resource Hash
0726a1460c479e6771c69b199c50878ab086b6688ee4360232d608a6c18ef142
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://admin.pc-cm-3-usbank-0.voiceflow.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 14:56:25 GMT
etag
W/"4e-tVpdzeH1qOmgCYkZn233dffv4yA"
server
nginx/1.17.7
x-powered-by
Express
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret
content-length
78

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| gapi object| ___jsl object| dataLayer string| VF_OVERRIDE_API_HOST string| VF_OVERRIDE_APP_ENV object| webpackChunk_voiceflow_admin_app object| __SENTRY__ object| regeneratorRuntime function| _lrMutationObserver object| __SDKCONFIG__ function| _lrXMLHttpRequest object| CreatorSocket function| _LRLogger boolean| _lr_loaded object| osapi object| gapix object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis

5 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 224=V5yzINhIzAMaZEK_uXYPr_qubYquxYv4vhiZ28XJbdFvnlyFYLYVwFxHyR8Cf1d1lAQusgfR9Sbs0EWNT5BR-FPvJM3fUZO4wKZbF5_yCTYWbh7plM2pCD1vT4SunYzVcuPpU2xEl_MO16RqVCR7W3e9XJ1_hPHdyjgisZJksos
admin.pc-cm-3-usbank-0.voiceflow.com/ Name: _lr_tabs_-eource%2Fvoiceflow
Value: {%22sessionID%22:0%2C%22recordingID%22:%224-4769548f-91a9-40d5-b40f-1dc74158c42c%22%2C%22lastActivity%22:1632322581428}
admin.pc-cm-3-usbank-0.voiceflow.com/ Name: _lr_hb_-eource%2Fvoiceflow
Value: {%22heartbeat%22:1632322581429}
admin.pc-cm-3-usbank-0.voiceflow.com/ Name: _lr_uf_-eource
Value: 94a37cfc-6893-498f-b251-818d760fa191
.admin.pc-cm-3-usbank-0.voiceflow.com/ Name: G_ENABLED_IDPS
Value: google

1 Console Messages

Source Level URL
Text
network error URL: https://www.googletagmanager.com/gtm.js?id=
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
admin.pc-cm-3-usbank-0.voiceflow.com
apis.google.com
assets.calendly.com
cdn.lr-ingest.io
fonts.googleapis.com
fonts.gstatic.com
o518899.ingest.sentry.io
r.lr-ingest.io
ssl.gstatic.com
www.googletagmanager.com
104.198.23.205
2600:9000:223d:d400:d:1c5c:fb80:93a1
2606:4700:3033::ac43:a339
2a00:1450:4001:813::2008
2a00:1450:4001:813::200d
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
34.120.195.249
54.164.33.18
02e1fe78d188ac663b1f05b0020c0f66a735f4369da6595b4201953dbaccbe45
0342584ba64df0a9de14d875cf1ac2f6fb0c89da98292baddd0c6f3eae1675b2
04ba0e9f1f0f3164df161be39257b4c98f90bbe52b4d29f9c1f8efb78792d3d0
0726a1460c479e6771c69b199c50878ab086b6688ee4360232d608a6c18ef142
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
44c8661f02d0547ad8bc6deb777a16c9f8bd783b5d6eb4a75eeaffed8e570042
44c897c8a7339ea18ab1efebe66904b348ec29be9785bc63f0742fa87f8c46e4
4a6ce8ee6ce904a9b590e3e458d3332b7ef3a17f53153d31cc2aa30821ebb46f
59f1aa16d4f21d8b42dbcb1979f042fd8d7cfae130fe01828dd90ae45c9c72b8
630a49cfaf368dccb0226b8f79265c613b70428b7813afde42d8b4b3ddf4c7c3
649a96c6a5c6cd80f7a1c9ad083557316dadb14ecaad8e013f0969358c7b3a02
7192d3a5c0a60c8b15396a4b8ce8829574a778e238dd79a1bb248d4e101a15d3
7bcc2647f23bdfd648da200f77e58cc7141b4edd14e3d86bccbac1cd6f8d39eb
8dbfadd60cd0edf66e1614879355872d622f45c00bcf7c5b4707baee1897bb6f
9133b0ad7311fe4a1997d99b75deeda75132cc56796fdc952fc06c8c3c41be31
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
b146e47043207e55d806094e8ead9a906a5c1ed9e5f8a69b68c178cdfb5fa0f3
b89bb651692e73dc3347c90af5dab24942237d4d5e7475d1e91e707f8fbfec5c
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c234008dd16f9be0fd67752fab36832e286887f07ba5fd1dcda9f4b42ec4fe08
d6869107ed1efb83229c82f2136349d9d9611429d2b1a4cf929481cc0b062fce
e896d77c9cbf23bc499a5fce823dbd13deacebf5d5f6936dc94090adebd98174
f45de1a83aa74cff4543db561c1083a9a378cf675b160c3308844ebd894d28ce