urlscan.io logo urlscan.io
SecurityTrails logo

newsletter.recoveryauto.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://newsletter.recoveryauto.com/
Submission: On November 05 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 38 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsletter.recoveryauto.com.
TLS certificate: Issued by WE1 on October 3rd 2024. Valid for: 3 months.
This is the only time newsletter.recoveryauto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
9 172.67.198.118 13335 (CLOUDFLAR...)
1 11 18.173.205.71 16509 (AMAZON-02)
4 188.114.97.3 13335 (CLOUDFLAR...)
1 162.159.128.61 13335 (CLOUDFLAR...)
38 7
3    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
newsletter.recoveryauto.com
5    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    172.67.198.118 (United States)

ASN13335 (CLOUDFLARENET, US)
app.saasonboard.com
11    18.173.205.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-71.fra56.r.cloudfront.net
widget.freshworks.com
4    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
newsletter.recoveryauto.com
1    162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
Apex Domain
Subdomains		 Transfer
11 freshworks.com
widget.freshworks.com — Cisco Umbrella Rank: 18061
142 KB
9 saasonboard.com
app.saasonboard.com
13 KB
7 recoveryauto.com
newsletter.recoveryauto.com
607 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
4 KB
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 1941
0 gstatic.com Failed
fonts.gstatic.com Failed
0 globalcontrol.io Failed
api.globalcontrol.io Failed
38 7
Domain Requested by
11 widget.freshworks.com 1 redirects newsletter.recoveryauto.com
widget.freshworks.com
9 app.saasonboard.com newsletter.recoveryauto.com
7 newsletter.recoveryauto.com newsletter.recoveryauto.com
5 fonts.googleapis.com newsletter.recoveryauto.com
app.saasonboard.com
1 player.vimeo.com newsletter.recoveryauto.com
0 fonts.gstatic.com Failed fonts.googleapis.com
0 api.globalcontrol.io Failed newsletter.recoveryauto.com
38 7

This site contains links to these domains. Also see Links.

Domain
titaniumtechcall.com
Subject Issuer Validity Valid
recoveryauto.com
WE1		 2024-10-03 -
2025-01-01		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
saasonboard.com
WE1		 2024-10-28 -
2025-01-26		 3 months crt.sh
*.freshworks.com
Amazon RSA 2048 M02		 2024-06-25 -
2025-07-24		 a year crt.sh
player.vimeo.com
WE1		 2024-09-22 -
2024-12-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://newsletter.recoveryauto.com/
Frame ID: 386029A85960F305C66F12A9DFFF6E3D
Requests: 28 HTTP requests in this frame

Frame: https://widget.freshworks.com/widgetBase/widget.js
Frame ID: F8E1E9234FFA1C6A031D4D8B2D39027E
Requests: 7 HTTP requests in this frame

Frame: https://player.vimeo.com/video/678180705
Frame ID: E6A0F8004D81CB7DD4CB072DE64FFDE5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Newsletters

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

38
Requests

82 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

766 kB
Transfer

2875 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://widget.freshworks.com/widgets/153000003044.js HTTP 301
  • https://widget.freshworks.com/widgetBase/bootstrap.js

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsletter.recoveryauto.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsletter.recoveryauto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f714e41f77fa192ddb037a3d770f2f3e7ed52b98590271157f2d1c36291b6893

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ddc528ed9e2b890-AMS
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Tue, 05 Nov 2024 10:57:22 GMT
last-modified
Tue, 05 Nov 2024 00:30:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vPwYm%2FPcbvOTynL0Lp5ipW3417erIW5dxHPH8R6pfmsFUtQ73y0eN9kCoroHw%2F0RRrSWmirtkt23hsuUgVeBEOPeYGk%2Brh4%2F6jFd6hA9Gz3Odl6biaWAeDcnS9QjceHDsLfy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=1053&sent=3&recv=6&lost=0&retrans=0&sent_bytes=139&recv_bytes=1236&delivery_rate=1349487&cwnd=251&unsent_bytes=0&cid=d663748f66e9c9b1&ts=21&x=0" cfL4;desc="?proto=TCP&rtt=20082&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4022&recv_bytes=2338&delivery_rate=267496&cwnd=254&unsent_bytes=0&cid=0dff629955055bb4&ts=746&x=0"
vary
accept-encoding
css2
fonts.googleapis.com/ 		15 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5945935b868b1a8f5eb9e4df30b412e760115b11aa161469fbcf79123816a3a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 10:57:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 10:57:22 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 05 Nov 2024 09:03:53 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
upgrade_pop.css
app.saasonboard.com/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.saasonboard.com/upgrade_pop.css
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f2238817d92e2fb95682d349e5dd3096707b5862558d202de7910c46bdf4655

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"611a9ec9-6c73"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQ7tv8tS2qShjetG3mxw66CUL64CtzaXYPOEcShAV5QM2J4gGzdK31KqGvzQAhlwSg3bSDXB8TGcBZ30HdKk2p3HPyKHiUvF5R9EoUsg9Ef78yZYg982rdcj3jryv8u0euVb2p%2FJ"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddc52956ca06650-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19384&sent=19&recv=16&lost=0&retrans=0&sent_bytes=9150&recv_bytes=5771&delivery_rate=141682&cwnd=12000&unsent_bytes=0&cid=0d4231f9ce5272e0&ts=788&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 10:57:23 GMT
content-type
text/css
last-modified
Mon, 16 Aug 2021 17:22:17 GMT
vary
Accept-Encoding
priority
u=0,i=?0
index-d45fe0fe.js
newsletter.recoveryauto.com/assets/ 		2 MB
581 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.recoveryauto.com/assets/index-d45fe0fe.js
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
538c1d75c2fb69403f87ffe0de3a15d28a1395330b2b21870696518a67febf5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newsletter.recoveryauto.com
Referer
https://newsletter.recoveryauto.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67296741-22af03"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2FbRP7zSVAiQXrv%2FyPDSIN8x2BQPnA3fRW8fYz8QzGU6koJCpEaxqzAuIiK72AfOHTgt9LWcUNvvot50OQFju5RathX1hf9Mf3pJzIA8dMApfDaK%2FsHIPozX6%2B9XiSD5ctQWIHoab78eL0KJMDv30wXPQDMETGWnmys%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddc5293af08b890-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=18218&sent=36&recv=36&lost=0&retrans=0&sent_bytes=23459&recv_bytes=2597&delivery_rate=1341459&cwnd=257&unsent_bytes=0&cid=0dff629955055bb4&ts=1804&x=0"
date
Tue, 05 Nov 2024 10:57:23 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 00:30:57 GMT
vary
Accept-Encoding
server
cloudflare
index-a2017a62.css
newsletter.recoveryauto.com/assets/ 		93 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsletter.recoveryauto.com/assets/index-a2017a62.css
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2017a62196113bee8d45dae5a577b5f24e11d189e72ff1e5cfc9070bbc08432

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
etag
W/"67296741-17351"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f1S9IUxfhWKBZNPx91yCz8cweYdGU%2Fl%2Bkz7TNHSp%2FxZKxlkqlbLsvOWT7lclh4viAl4Tn6M6JGLh%2BN2A3AJByv3UEg8H8gNSuCKQ%2Bnq22sHskCds3m4s8kF6MqOroPx%2FVmDxoJw2H59uSivGLEHDzNuByOsn5ZAYnzE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddc5293af04b890-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=17651&sent=15&recv=19&lost=0&retrans=0&sent_bytes=5707&recv_bytes=2597&delivery_rate=361331&cwnd=257&unsent_bytes=0&cid=0dff629955055bb4&ts=1752&x=0"
date
Tue, 05 Nov 2024 10:57:23 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 00:30:57 GMT
vary
Accept-Encoding
server
cloudflare
index.js
api.globalcontrol.io/script/ 		0
0
onboardinglibrary.js
app.saasonboard.com/assets/custom/js/iframe/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.saasonboard.com/assets/custom/js/iframe/onboardinglibrary.js
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e28d3221485ab553f9f708e30bd5afea947f87f2d0cd67941ab57b370b0e6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"610320ec-83b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5YRquVCNiHUsIAKGQ%2BQEit1LVx9Pv8qNH4qVKqLSRoI4cdrHirEZ3TXU5%2B1BfvYdFro%2F9riiiaEysaoZnH2NwPe9aFtezVmmOybuE1CMZnf3cLMek4ytlLuGspOYBxwCtbkfQab"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddc52956c9e6650-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20024&sent=17&recv=15&lost=0&retrans=0&sent_bytes=7774&recv_bytes=5728&delivery_rate=555&cwnd=12000&unsent_bytes=0&cid=0d4231f9ce5272e0&ts=781&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 10:57:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 29 Jul 2021 21:43:08 GMT
vary
Accept-Encoding
priority
u=1,i=?0
wizard.js
app.saasonboard.com/assets/custom/js/iframe/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.saasonboard.com/assets/custom/js/iframe/wizard.js
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294d7b82cfc984740b54a2a5cf6cf708f97f86d35759e70de378e19b5d3d35ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"662b4391-96c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WN4MSTmNkZCcnz2EmleNPo1Tp1UKALBGOTDB1INCzM5OCScfyv0cUeK9Ne4eu9Iqogywmul7e0Ki81fE8lNf%2FH98Sa4MYqmJR64RrtqVJF5tPy6tzs8kQkTlz8WQu4%2Bmsvg%2Brkow"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddc52956c9a6650-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20024&sent=15&recv=15&lost=0&retrans=0&sent_bytes=6317&recv_bytes=5728&delivery_rate=555&cwnd=12000&unsent_bytes=0&cid=0d4231f9ce5272e0&ts=774&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 10:57:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 26 Apr 2024 06:02:57 GMT
vary
Accept-Encoding
priority
u=1,i=?0
splashscreenlibrary.js
app.saasonboard.com/assets/custom/js/iframe/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.saasonboard.com/assets/custom/js/iframe/splashscreenlibrary.js
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb7e0ee4ba53f171d75494246574c8e4744ce948322d1142df3afec80d1f51d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"610321cb-869"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sWuf9qMDsaXfJY0jCELBZle4Z%2BlZnOqmi6n4UNEoqvq8rYo4oWYW0jaj81OlbV7SyUCCVNt%2B%2FYiuybMicFJwsSQOXQMTuL5TjP7f0pYd62e%2Fvynb92a6ff4Pyhkpr5vqCsPA7cFa"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddc52956c9c6650-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18882&sent=24&recv=20&lost=0&retrans=0&sent_bytes=14182&recv_bytes=5943&delivery_rate=426969&cwnd=12000&unsent_bytes=0&cid=0d4231f9ce5272e0&ts=806&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 10:57:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 29 Jul 2021 21:46:51 GMT
vary
Accept-Encoding
priority
u=1,i=?0
upgrade_pop.js
app.saasonboard.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.saasonboard.com/upgrade_pop.js
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de6be42122fce6801df9b7cf4d7dd901b5f58ddb576c83a151524674350ae2b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
REVALIDATED
etag
W/"67092b69-138a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D03PgDu4F%2FXMscOQkkRLsEK6Pa2whprZw%2BoBZgIPKxbF6XHJvmuT%2BNlLseTxakSHigrGIyuuXYmufGEBqbwpjy%2Fan2pBFeU%2FTwujvBgoaE%2B6zGinniLcClFjnK4PXI3Kn7v42KHH"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddc52956c986650-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20024&sent=13&recv=15&lost=0&retrans=0&sent_bytes=4205&recv_bytes=5728&delivery_rate=555&cwnd=12000&unsent_bytes=0&cid=0d4231f9ce5272e0&ts=770&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 10:57:23 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 11 Oct 2024 13:43:05 GMT
vary
Accept-Encoding
priority
u=1,i=?0
bootstrap.js
widget.freshworks.com/widgetBase/
Redirect Chain
  • https://widget.freshworks.com/widgets/153000003044.js
  • https://widget.freshworks.com/widgetBase/bootstrap.js
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/bootstrap.js
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/
Protocol
H2
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b750aa111101eb8685436690b034ab2cbe57accdc04bb818f060639a8a5b81f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
x-amz-version-id
W3AOh4MIVkhe_ZGc7BbCBngLno88LKvk
etag
W/"96358557f33cdca557d32231f632b6ca"
age
304
via
1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
99L7jL1Kb8zksxY8cF7HAF7uYaTIRxOcHDRbXLehqKjhagw5anyhhw==
date
Tue, 05 Nov 2024 10:52:20 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:29:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding

Redirect headers

location
/widgetBase/bootstrap.js
via
1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
VhSIeHTGvpoFn1g5oeflBAdDJwmzpsJRHSkMMZTBXqPbuJ6k-vcu9A==
date
Tue, 05 Nov 2024 10:57:23 GMT
x-amz-cf-pop
FRA56-P12
server
AmazonS3
css2
fonts.googleapis.com/ 		15 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: app.saasonboard.com
URL: https://app.saasonboard.com/upgrade_pop.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5945935b868b1a8f5eb9e4df30b412e760115b11aa161469fbcf79123816a3a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.saasonboard.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 10:57:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 10:57:22 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 05 Nov 2024 09:03:53 GMT
x-frame-options
SAMEORIGIN
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		7 KB
662 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Maven+Pro:wght@400;500;600;700;800;900&display=swap
Requested by
Host: app.saasonboard.com
URL: https://app.saasonboard.com/upgrade_pop.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b887d8a14779799668a8296697abfa2f006e82f5f95248ec924fe703052691b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.saasonboard.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 10:57:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 10:57:23 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 05 Nov 2024 10:15:48 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		28 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: app.saasonboard.com
URL: https://app.saasonboard.com/upgrade_pop.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.saasonboard.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 10:57:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 10:57:23 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 05 Nov 2024 09:26:20 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		8 KB
718 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap
Requested by
Host: app.saasonboard.com
URL: https://app.saasonboard.com/upgrade_pop.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b78976e0a15138b3b1bde71abfa5bbb603eff6bdf1fc4d4eaffaeeaab0abc26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.saasonboard.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 10:57:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 10:57:23 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 05 Nov 2024 09:30:50 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
153000003044.json
widget.freshworks.com/widgets/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgets/153000003044.json?randomId=0.3267142542927739
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/153000003044.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
046d2e3403302c94ecfcabcf7639ee6a0eda9dd28d08865ab7b4bd222acea119

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

content-encoding
gzip
etag
W/"8a4d94e2a53c0454d00caeb255c9761c"
x-amz-version-id
jNz4_Uhvsn04n_2WjrPfGPLcqzFGZKu4
access-control-allow-methods
GET
via
1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
d2bCpBk-YWA2UDxnnfRypU1lxeXvVxZuwX7HP2Ods5OltyFvebkeOA==
date
Tue, 05 Nov 2024 10:57:24 GMT
content-type
application/json
last-modified
Fri, 18 Oct 2024 23:00:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding,Origin
frame.d7ae132c.css
widget.freshworks.com/widgetBase/static/media/ 		1 KB
910 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/static/media/frame.d7ae132c.css
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/153000003044.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

cache-control
max-age=8640000
content-encoding
gzip
x-amz-version-id
tBMRWrlEEJWTHjkqjcoskFevcD7QLYla
etag
W/"d7ae132c387286735e2e9d369838b0c5"
age
4144241
via
1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
51x3VMvZrEpZrp7LkB_De1uGBj12HCVccw9hbOuL286GenQv0Gb-8Q==
date
Wed, 18 Sep 2024 11:46:43 GMT
content-type
text/css
last-modified
Wed, 14 Aug 2024 07:18:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding
widget.js
widget.freshworks.com/widgetBase/ Frame F8E1 		295 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/153000003044.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
580dbdf71ce0d645eeb9f90a9590534195b4aa9b8d869b40e6bf6e5010ca98d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

cache-control
max-age=900
content-encoding
gzip
x-amz-version-id
EA95Ssh7R70epn693aEZw9cUCHjdTVOD
etag
W/"316a997fbea89f20f77b5e78a558038a"
age
137
via
1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
e8Cjbz_7PVa0366OEPdtf2nfWgK1Ptyx1PytLy8sW4gi341hZUF1VA==
date
Tue, 05 Nov 2024 10:55:08 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:28:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding
0.e2caf280750f3ece06da.widget.js
widget.freshworks.com/widgetBase/ Frame F8E1 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/0.e2caf280750f3ece06da.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08e57da2e4e7172c19d9982a1ccc90402da5c4453093123e982e1fa7f9eccc8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

cache-control
max-age=8640000
content-encoding
gzip
x-amz-version-id
XwT3J_zaNN2rLU3RJAXl9dqpMbQuaW7m
etag
W/"3eb7d6da69812f629e5409d725c8ca3b"
age
4081836
via
1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
KBDo36H5TLwdXllCu-F6Z1l-ECf7TL5ZImulCtPDNI5Y7jyKHtOsdA==
date
Thu, 19 Sep 2024 05:06:49 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:19:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding
1.0e8f0237accf8416de7f.widget.js
widget.freshworks.com/widgetBase/ Frame F8E1 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/1.0e8f0237accf8416de7f.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

cache-control
max-age=8640000
content-encoding
gzip
x-amz-version-id
C6j4B_SzRlsDpB94QlvtbAL62WONzvdp
etag
W/"7c346979da8f0571ca5e101f69a9c6f0"
age
4243448
via
1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ja_e9bjtQUWTSZ1nDrdz36H9ilw7YjHMzQc8meONRsfwN4KaZLT9WA==
date
Tue, 17 Sep 2024 08:13:17 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:19:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding
8.d7c0d0debf20c1c1c333.widget.js
widget.freshworks.com/widgetBase/ Frame F8E1 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/8.d7c0d0debf20c1c1c333.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a39871377278f3eb590fc0d64a4b46137a8959030f6b3fe9b5c7ef7e7da2015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

cache-control
max-age=8640000
content-encoding
gzip
x-amz-version-id
VqRZ8SQSw8FXxlbsGuy2qAtPTWs.LT.z
etag
W/"9595037458ddb204b700bf581e6193cb"
age
4081836
via
1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Iyl2NaF6SaFjIJFv34FBxK5QjGQs_zj0hmTPwbQ3frWI3Qvs22IWVw==
date
Thu, 19 Sep 2024 05:06:49 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:19:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding
10.e2a6e1199313e5325e57.widget.js
widget.freshworks.com/widgetBase/ Frame F8E1 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/10.e2a6e1199313e5325e57.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddce5d923065edc47c2b3a1d0157f2cfc0d502566b43b1014a51cb18ebd77cb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

cache-control
max-age=8640000
content-encoding
gzip
x-amz-version-id
LQjR2f8YIxslmiSdzuhWln2jSX0k9nsG
etag
W/"e1fa78a672e16586648645742dd1af72"
age
4243448
via
1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
WZC4Ooh0IQ-nl_nEQZhhgoJQrF9L8GxnDwSy1l93cnsQA9RhckSpBw==
date
Tue, 17 Sep 2024 08:13:17 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:19:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding
16.91e55ff21de942a8b5a0.widget.js
widget.freshworks.com/widgetBase/ Frame F8E1 		645 B
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/16.91e55ff21de942a8b5a0.widget.js
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c29229a800cc364c4bdbd63abdd676f570302a3b90c618ffe54f54447bc0d83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

cache-control
max-age=8640000
x-amz-version-id
e3P81e1o6hXKc5KIKj2GELLLZ7Ulh8oC
etag
"ee6a274e041d81acb09fb70447eb7252"
age
4243448
via
1.1 2148953aab7910c366395376a0db1450.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
645
x-amz-cf-id
fe1YpcevgOSj_Ugbv0uTFB6_muuxVkqYpb3NSU_dpWhP9ftFH4kzPA==
date
Tue, 17 Sep 2024 08:13:17 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 07:20:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
en.json
widget.freshworks.com/widgetBase/locales/ Frame F8E1 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.freshworks.com/widgetBase/locales/en.json
Requested by
Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/10.e2a6e1199313e5325e57.widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-71.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a50b51ac483825c4c798132f572dc813498c9087ff4f4d4b0cafd5deba43d130

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

cache-control
max-age=8640000
content-encoding
gzip
etag
W/"b89e0007134ac4d219df17aa6fcd289e"
x-amz-version-id
uuo8_aHJYG5TT2HQw1TJpDJZj2jMWZZl
access-control-allow-methods
GET
via
1.1 7f26f4279546775ace8410d89a15a960.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
mUC6jpl9TDlyvuFL59RVsKUepI91D_EjEV6sK9tEy52AvTUXhOLqFA==
date
Tue, 05 Nov 2024 10:57:25 GMT
content-type
application/json
last-modified
Wed, 14 Aug 2024 07:19:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
vary
Accept-Encoding,Origin
Login-39b31f32.js
newsletter.recoveryauto.com/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.recoveryauto.com/assets/Login-39b31f32.js
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/assets/index-d45fe0fe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83bba05aeb8ba096cc6f7d7a5b649b398aabc00eb65d45708bdb799f0997c1e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newsletter.recoveryauto.com
Referer

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"67296741-1cd2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MjflqmBMXrX9fMj0wcHcnmsMG9Lq73PU28q3duA9HKi05g9FGnSpfKdxeTx3WDJxfEAOvIeS4so1arieqhPWicNZbWvlOiY4f7H%2BWvct7NCCtRM2JizYLM0ogi2XQ3IWt4I6NbT4uz23Uju7FrA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddc529fe94fb960-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19135&sent=17&recv=13&lost=0&retrans=0&sent_bytes=6348&recv_bytes=5109&delivery_rate=611&cwnd=12000&unsent_bytes=0&cid=2b3a235067bc796c&ts=2431&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 10:57:24 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 00:30:57 GMT
vary
Accept-Encoding
priority
u=1,i=?0
login-icon-6c232d70.js
newsletter.recoveryauto.com/assets/ 		58 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.recoveryauto.com/assets/login-icon-6c232d70.js
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/assets/index-d45fe0fe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03e5df232f6cb0961f3e847351f96484d35e126e0ca2d19244d9dafa750410f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newsletter.recoveryauto.com
Referer

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"67296741-3a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n6N%2BJzHzNOnYZRqkOZMutQFdiJ1HZnwu1v7C9pRty5VVlezKQccGeyLIyh8UjcATc20xaMIBls7PHrUyWIgPukPgssTYO1kqTnbBK1W9jfb7znMkQA4ZpMSJuXNVKXHP2CsTZH27Bt7rcG0ztUc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddc529fe951b960-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19135&sent=14&recv=13&lost=0&retrans=0&sent_bytes=4320&recv_bytes=5109&delivery_rate=611&cwnd=12000&unsent_bytes=0&cid=2b3a235067bc796c&ts=2419&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 10:57:24 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 00:30:57 GMT
vary
Accept-Encoding
priority
u=1,i=?0
Login-163eb8f2.css
newsletter.recoveryauto.com/assets/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsletter.recoveryauto.com/assets/Login-163eb8f2.css
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/assets/index-d45fe0fe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163eb8f215f9af9f1c817dc3ff888d245a740f36be68f33413238cd68fbb6271

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"67296741-793"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZ6LORusnqx56s5SThN2Qn7b7BsCxn6Js2VDSi7ZC3RH1DN3clracEKl1%2Bl1BS6X0GRZCY4Wt5%2B6ax1zCN%2BCcLE%2Bl3r1st4yBMmXr83cfjt5oV8z8LcrjytPVqZUJ3IoWS4eGt%2BbhqbAX23VEME%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddc529fe953b960-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19135&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5095&recv_bytes=5109&delivery_rate=611&cwnd=12000&unsent_bytes=0&cid=2b3a235067bc796c&ts=2428&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 10:57:24 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 00:30:57 GMT
vary
Accept-Encoding
priority
u=0,i=?0
get
app.saasonboard.com/api/login-screen/ 		942 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.saasonboard.com/api/login-screen/get
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/assets/index-d45fe0fe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e2b8cce18f97619406bc44ff9cd5dae570f0a16ad5410eb7403365387b238ed

Request headers

Referer
https://newsletter.recoveryauto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MEa0ua2VEOTOhqhP6IbGsYy%2FhLn5OWUuLUl4g258JLb6aKq2GmQUS3IpWLVOmWZ%2BBstNB2wfdMWX8Y16lsk88WUecVlhzN8GOJHZPODpf0VgFiuy4UmLEoqC%2FbFvBtRuS%2BkPrd33"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=62397&sent=14&recv=12&lost=0&retrans=0&sent_bytes=2975&recv_bytes=4716&delivery_rate=7423&cwnd=12000&unsent_bytes=0&cid=7d9a84d68a9fe3c1&ts=893&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 10:57:26 GMT
accept
application/json
content-type
application/json
vary
Origin
priority
u=1,i
access-control-allow-headers
X-Requested-With,Content-Type,X-Token-Auth,Authorization
cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
1
cf-ray
8ddc52a92d380b70-AMS
access-control-allow-origin
*
server
cloudflare
login-icon-0bd19ae4.svg
newsletter.recoveryauto.com/assets/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://newsletter.recoveryauto.com/assets/login-icon-0bd19ae4.svg
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/login?callback=dashboard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bd19ae407ea4104e342e9d532c92f8712cc14c1e818c67968a0e72078322210

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newsletter.recoveryauto.com/login?callback=dashboard

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
MISS
etag
W/"67296741-146e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYE0pYcCF3mX%2FxCmU%2BQe5%2Fueb9MMYUtS81mEoOQIL3Y0ZMzPqtdD4yBxJ5qHjhtDIbHLIaA3uDsPjLFJiT0zgmi7foQpm88UyeJh5SZ4haNgUVUKxiOEZjEJB5FhH2%2FdShiEQe8qjgZCfwnXhsI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ddc52a4dea8b960-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36220&sent=21&recv=17&lost=0&retrans=0&sent_bytes=9916&recv_bytes=5621&delivery_rate=10868&cwnd=12000&unsent_bytes=0&cid=2b3a235067bc796c&ts=3213&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 10:57:25 GMT
content-type
image/svg+xml
last-modified
Tue, 05 Nov 2024 00:30:57 GMT
vary
Accept-Encoding
priority
u=3,i
get
app.saasonboard.com/api/login-screen/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.saasonboard.com/api/login-screen/get
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://newsletter.recoveryauto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
CONTENT-TYPE
access-control-allow-methods
POST
access-control-allow-origin
https://newsletter.recoveryauto.com
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8ddc52a568100b70-AMS
content-type
text/html; charset=UTF-8
date
Tue, 05 Nov 2024 10:57:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFDPhi2SbRopce%2B9j%2BvLoBXRgFEaqUVqJUlTSq3Gxkc42G76pjWXQY8xwn%2FelVRBiYRE7DG4ZEBBd%2FGq7a16dvo9hVJ82xaLEdG68quHNrMzCo8MqRWafR233p94cKYx95dmLBHq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=61027&sent=11&recv=9&lost=0&retrans=0&sent_bytes=2208&recv_bytes=4228&delivery_rate=268&cwnd=12000&unsent_bytes=0&cid=7d9a84d68a9fe3c1&ts=568&x=1" cfExtPri cfHdrFlush;dur=0
add-impressions
app.saasonboard.com/api/login-screen/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.saasonboard.com/api/login-screen/add-impressions
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/assets/index-d45fe0fe.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://newsletter.recoveryauto.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B8clwnsFEwjLa%2Fnq%2F0yFWrZqh8T9%2FJU2zAykiGXqHvF0gqlUCpaHG6NOPeNQNw8vE%2B%2FKc0I4ECQy1UhXClVLrmb3VHA2aCgfzA20WdKUo0394VAiNQAzB8Z1JjkD0CkiBnV%2F0foM"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=48182&sent=20&recv=16&lost=0&retrans=0&sent_bytes=5547&recv_bytes=5579&delivery_rate=2945&cwnd=12000&unsent_bytes=0&cid=7d9a84d68a9fe3c1&ts=1311&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 05 Nov 2024 10:57:26 GMT
accept
application/json
content-type
application/json
vary
Origin
priority
u=1,i
access-control-allow-headers
X-Requested-With,Content-Type,X-Token-Auth,Authorization
cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
1
cf-ray
8ddc52abc8e20b70-AMS
access-control-allow-origin
*
server
cloudflare
678180705
player.vimeo.com/video/ Frame E6A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/678180705
Requested by
Host: newsletter.recoveryauto.com
URL: https://newsletter.recoveryauto.com/assets/index-d45fe0fe.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsletter.recoveryauto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

CF-Cache-Status
DYNAMIC
CF-Ray
8ddc52ac7ac21c0c-AMS
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Nov 2024 10:57:26 GMT
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin, <https://i.vimeocdn.com>; rel=preconnect; crossorigin, <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Vary
Origin, Referer, Accept-Encoding
Via
1.1 varnish
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://edge-player5.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://drm.vhx.com/v2/fairplay/cert https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://vimeo.magisto.com https://stage-proxy.vimeo.magisto.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://branding.cdn.magisto.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://i.vimeocdn.com https://duysrfiajusdh.cloudfront.net https://d263mgllkjh2k2.cloudfront.net https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-5d5b9857c9-7ls9z
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-host
player-backend-5d5b9857c9-7ls9z
x-player-backend
g
x-served-by
cache-ams2100093-AMS
x-timer
S1730804247.509087,VS0,VE283
x-xss-protection
1; mode=block
ViUQd8X3htdL3UqRazE3MTfkF
app.saasonboard.com/assets/img/login_screen_background/ 		0
0
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		0
0
pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		0
0
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		0
0
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		0
0
add-impressions
app.saasonboard.com/api/login-screen/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.saasonboard.com/api/login-screen/add-impressions
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.118 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://newsletter.recoveryauto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
CONTENT-TYPE
access-control-allow-methods
POST
access-control-allow-origin
https://newsletter.recoveryauto.com
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8ddc52aa8eff0b70-AMS
content-type
text/html; charset=UTF-8
date
Tue, 05 Nov 2024 10:57:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=1,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SKLJCfUk5XzqjMZTKnKcYg25APM53vB6KRyGymNLWaG2tQzbdeAgMJDdDNjvpJaYC%2F1zzXvZX%2BIXYPspiWAzDvAZpPj3npVBzjpiSfOiO%2BvOMCrSFlB0XglLpgGW8jpB2koJ%2FReU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=51305&sent=18&recv=14&lost=0&retrans=0&sent_bytes=4836&recv_bytes=5118&delivery_rate=8918&cwnd=12000&unsent_bytes=0&cid=7d9a84d68a9fe3c1&ts=1092&x=1" cfExtPri cfHdrFlush;dur=0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.globalcontrol.io
URL
https://api.globalcontrol.io/script/index.js
Domain
app.saasonboard.com
URL
https://app.saasonboard.com/assets/img/login_screen_background/ViUQd8X3htdL3UqRazE3MTfkF
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| OnBoardingLibrary object| Wizard object| SplashScreenLibrary object| MYLIBRARY function| closemodel function| openUpgradeModal object| PopUpLibrary object| fwSettings function| FreshworksWidget object| FwBootstrap object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| CKEDITOR_TRANSLATIONS string| CKEDITOR_VERSION boolean| __VUE__ function| Swal function| ToastAlert function| ToastConfirm

3 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: vuid
Value: pl137403348.2033453241
.vimeo.com/ Name: __cf_bm
Value: 4uN_hyN5cFFPIBGvZnkDYKzPvMQhPc0Wqu2.T6QAMhM-1730804248-1.0.1.1-6dQdv7_yAZDB1QGDHLRxmFOPKBIyBNZx8KcwvOQrEiKK45O6oDgfBK.jdgocH3np
.vimeo.com/ Name: _cfuvid
Value: b8497V1THjwas6enKbrbs9sgjlEoaM6j9y_pcIBO4UM-1730804248846-0.0.1.1-604800000

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://newsletter.recoveryauto.com/login?callback=dashboard
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.globalcontrol.io
app.saasonboard.com
fonts.googleapis.com
fonts.gstatic.com
newsletter.recoveryauto.com
player.vimeo.com
widget.freshworks.com
api.globalcontrol.io
app.saasonboard.com
fonts.gstatic.com
162.159.128.61
172.67.198.118
18.173.205.71
188.114.97.3
2a00:1450:4001:803::200a
2a06:98c1:3121::3
03e5df232f6cb0961f3e847351f96484d35e126e0ca2d19244d9dafa750410f3
046d2e3403302c94ecfcabcf7639ee6a0eda9dd28d08865ab7b4bd222acea119
08e28d3221485ab553f9f708e30bd5afea947f87f2d0cd67941ab57b370b0e6d
08e57da2e4e7172c19d9982a1ccc90402da5c4453093123e982e1fa7f9eccc8f
0a39871377278f3eb590fc0d64a4b46137a8959030f6b3fe9b5c7ef7e7da2015
0bd19ae407ea4104e342e9d532c92f8712cc14c1e818c67968a0e72078322210
163eb8f215f9af9f1c817dc3ff888d245a740f36be68f33413238cd68fbb6271
1c29229a800cc364c4bdbd63abdd676f570302a3b90c618ffe54f54447bc0d83
1cb7e0ee4ba53f171d75494246574c8e4744ce948322d1142df3afec80d1f51d
294d7b82cfc984740b54a2a5cf6cf708f97f86d35759e70de378e19b5d3d35ac
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
2e2b8cce18f97619406bc44ff9cd5dae570f0a16ad5410eb7403365387b238ed
3b750aa111101eb8685436690b034ab2cbe57accdc04bb818f060639a8a5b81f
538c1d75c2fb69403f87ffe0de3a15d28a1395330b2b21870696518a67febf5f
580dbdf71ce0d645eeb9f90a9590534195b4aa9b8d869b40e6bf6e5010ca98d8
5945935b868b1a8f5eb9e4df30b412e760115b11aa161469fbcf79123816a3a0
6b78976e0a15138b3b1bde71abfa5bbb603eff6bdf1fc4d4eaffaeeaab0abc26
83bba05aeb8ba096cc6f7d7a5b649b398aabc00eb65d45708bdb799f0997c1e4
8f2238817d92e2fb95682d349e5dd3096707b5862558d202de7910c46bdf4655
a2017a62196113bee8d45dae5a577b5f24e11d189e72ff1e5cfc9070bbc08432
a50b51ac483825c4c798132f572dc813498c9087ff4f4d4b0cafd5deba43d130
b887d8a14779799668a8296697abfa2f006e82f5f95248ec924fe703052691b9
be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42
ddce5d923065edc47c2b3a1d0157f2cfc0d502566b43b1014a51cb18ebd77cb3
de6be42122fce6801df9b7cf4d7dd901b5f58ddb576c83a151524674350ae2b2
f714e41f77fa192ddb037a3d770f2f3e7ed52b98590271157f2d1c36291b6893
fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576