Submitted URL: https://app.nuvi.com/
Effective URL: https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
Submission Tags: falconsandbox
Submission: On February 09 via api from US — Scanned from DE

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 55 HTTP transactions. The main IP is 2600:9000:211e:8600:3:fc5d:f540:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.nuvi.com.
TLS certificate: Issued by Amazon on September 20th 2022. Valid for: a year.
This is the only time app.nuvi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
12 nuviapp.com
graph-api.whiskey.nuviapp.com
websocket-relay-api.whiskey.nuviapp.com
30 KB
12 nuvi.com
app.nuvi.com
23 MB
10 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 366
fonts.googleapis.com — Cisco Umbrella Rank: 32
253 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
587 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
23 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149 Failed
87 KB
2 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 841
268 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 766
7 KB
55 8
Domain Requested by
12 app.nuvi.com app.nuvi.com
9 graph-api.whiskey.nuviapp.com
6 maps.googleapis.com app.nuvi.com
maps.googleapis.com
5 www.gstatic.com www.google.com
www.gstatic.com
4 fonts.googleapis.com app.nuvi.com
4 www.google.com app.nuvi.com
www.gstatic.com
www.google.com
3 fonts.gstatic.com fonts.googleapis.com
www.google.com
3 websocket-relay-api.whiskey.nuviapp.com
2 connect.facebook.net connect.facebook.net
2 cdn.pendo.io app.nuvi.com
2 unpkg.com app.nuvi.com
55 11

This site contains links to these domains. Also see Links.

Domain
policies.google.com
Subject Issuer Validity Valid
*.nuvi.com
Amazon
2022-09-20 -
2023-10-18
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-01 -
2023-06-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
www.google.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
cdn.pendo.io
Amazon
2022-07-30 -
2023-08-28
a year crt.sh
*.whiskey.nuviapp.com
Amazon
2022-05-23 -
2023-06-21
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-11-19 -
2023-02-17
3 months crt.sh
*.google.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh

This page contains 2 frames:

Primary Page: https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
Frame ID: C8A34311E10487491C4C08A156274A02
Requests: 43 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_wl0aAAAAACNZbPaaTa9dQsCEfzZsuPL_3DcW&co=aHR0cHM6Ly9hcHAubnV2aS5jb206NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=qszf1dhh4cuo
Frame ID: 55EA82FBAD77C08E7B0BDBC59BC10F93
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

Sign in

Page URL History Show full URLs

  1. https://app.nuvi.com/ Page URL
  2. https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

55
Requests

95 %
HTTPS

82 %
IPv6

8
Domains

11
Subdomains

12
IPs

3
Countries

24477 kB
Transfer

115370 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://app.nuvi.com/ Page URL
  2. https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
app.nuvi.com/
2 KB
2 KB
Document
General
Full URL
https://app.nuvi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:3:fc5d:f540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8fb91212a673e256fecd3270b253cb9db536542eb4fd77dfad2ecefdfe969334
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 09 Feb 2023 21:03:45 GMT
etag
W/"e8b9ab50d801863276a59e2e691d2918"
last-modified
Wed, 08 Feb 2023 22:53:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-cf-id
7yK9ccBEilanD-mxWK7RmQmY9cO3uolKHfwYg8-Rb7TA22Ph60ax_A==
x-amz-cf-pop
FRA56-C2
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
indexBubbleLoader.css
app.nuvi.com/app/css/
920 B
1 KB
Stylesheet
General
Full URL
https://app.nuvi.com/app/css/indexBubbleLoader.css
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:3:fc5d:f540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
960107fb2aa8a8fbe7617a38877b901b27c9691e0aa901af876f7dbd19b50cea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Thu, 09 Feb 2023 21:03:46 GMT
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
content-length
920
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Feb 2023 22:53:07 GMT
server
AmazonS3
etag
"2a60a935513c77623b87b17bf4a72267"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
vF80o_VFQtJHbTDOwxiVvSEkN2DXrKIuxMR2ZUGj_4fWak0BQafOhQ==
leaflet.css
unpkg.com/leaflet@1.4.0/dist/
14 KB
4 KB
Stylesheet
General
Full URL
https://unpkg.com/leaflet@1.4.0/dist/leaflet.css
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611e07ac3138efd12961981e4e441f81526ad3cfb6efb517c4c2db8bf60febda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.nuvi.com/
Origin
https://app.nuvi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 21:03:44 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
753678
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GR5H34F3HJX5Q39XWV2CMWB0-fra
server
cloudflare
etag
W/"371a-BHwra6tEHm/m0+qAT9uCUksxKCk"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
796f8db1ab9e3a72-FRA
bundle-style.1fa9bc38d548d173d931.css
app.nuvi.com/app/
2 MB
227 KB
Stylesheet
General
Full URL
https://app.nuvi.com/app/bundle-style.1fa9bc38d548d173d931.css
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:3:fc5d:f540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55dc7a74c1354f856b3bed7f555c522acdbc9b4ee74693952b958c7e3da6bf5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
date
Thu, 09 Feb 2023 21:03:46 GMT
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Feb 2023 22:53:07 GMT
server
AmazonS3
etag
W/"bc4a119aa85a295ac81c9531de4127c5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
eylUEANc1e-b3x3RjWjkJIECo2V9PAopEBPEs1b9HlH48f7f-ebiKg==
js
maps.googleapis.com/maps/api/
177 KB
58 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCAKu590crc0rYPq0vZtXtHetoz9SoDF4k&libraries=drawing%2Cplaces%2Cgeometry
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
ad4482db97afe1d0ef27e84ce0f99daa89fbd561a5016e3ffd6a09ba8b2c2c17
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 21:03:44 GMT
content-encoding
gzip
server
mafe
vary
Accept-Language
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=48
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59251
x-xss-protection
0
expires
Thu, 09 Feb 2023 21:33:44 GMT
api.js
www.google.com/recaptcha/
884 B
901 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Lf_wl0aAAAAACNZbPaaTa9dQsCEfzZsuPL_3DcW
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4775d7b7bb1cbc4b41d148b4d68fdaa4392d86369e6e952943c224bb3f261b77
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 21:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
581
x-xss-protection
1; mode=block
expires
Thu, 09 Feb 2023 21:03:44 GMT
bundle-main.1fa9bc38d548d173d931.js
app.nuvi.com/app/
52 MB
11 MB
Script
General
Full URL
https://app.nuvi.com/app/bundle-main.1fa9bc38d548d173d931.js
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:3:fc5d:f540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f95f9ab681129f5c02baa931cafda6eb97e9b659f9fcbf057a1c33bfb1c2aef9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
date
Thu, 09 Feb 2023 21:03:46 GMT
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
content-length
11505793
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Feb 2023 22:53:10 GMT
server
AmazonS3
etag
"09449f5d3296870b216b6a97cdaf74d9-2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
x-amz-cf-id
F02_MqdVUQKxrdd1LiBP8bkgATQs-TYZHY9C3g3REuBRcPNdGaOcVw==
bundle-style.1fa9bc38d548d173d931.js
app.nuvi.com/app/
4 KB
2 KB
Script
General
Full URL
https://app.nuvi.com/app/bundle-style.1fa9bc38d548d173d931.js
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:3:fc5d:f540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f4226f68e3fe5205672edf436e4bd98193d8f862c7b5f7daa35515b8b58460f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
date
Thu, 09 Feb 2023 21:03:46 GMT
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Feb 2023 22:53:07 GMT
server
AmazonS3
etag
W/"d86a13fb7c39e32d492ee99c09ff3e01"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-amz-cf-id
g4L5Rbjx1I7LCD6OR0Ntnzi0qeWdhlxUAYDRXd5Bpv8abr8-p5dCLA==
css2
fonts.googleapis.com/
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/app/bundle-style.1fa9bc38d548d173d931.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25038265e790e4ee17e16018c71e3a315baa5975b36afefe5249f8310f6aa749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Feb 2023 21:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 20:22:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Feb 2023 21:03:45 GMT
css2
fonts.googleapis.com/
4 KB
551 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Assistant:wght@300;400;600;700&display=swap
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/app/bundle-style.1fa9bc38d548d173d931.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f3502d5721043685a395f6f022069497c30c2a660bea479c4d9242027f4af808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Feb 2023 21:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 21:03:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Feb 2023 21:03:45 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCAKu590crc0rYPq0vZtXtHetoz9SoDF4k&libraries=drawing%2Cplaces%2Cgeometry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 21:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://app.nuvi.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/
406 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lf_wl0aAAAAACNZbPaaTa9dQsCEfzZsuPL_3DcW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.nuvi.com/
Origin
https://app.nuvi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 18:09:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165540
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Feb 2024 18:09:34 GMT
pendo.js
cdn.pendo.io/agent/static/3ae98de2-2d52-4bb6-51e4-ef933673e419/
404 KB
134 KB
Script
General
Full URL
https://cdn.pendo.io/agent/static/3ae98de2-2d52-4bb6-51e4-ef933673e419/pendo.js
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8600:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 21:03:45 GMT
content-encoding
gzip
via
1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
x-guploader-uploadid
ADPycdt4VTV_kEXo4sT8fkWBkCzUXFgCCU3Kx6NcsiFWAA4MWDT5bl8Ti6JIWHsVF5Vfss2Mr_pLcqJxucaN7tZ7jVgD
x-cache
Miss from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
136448
last-modified
Thu, 09 Feb 2023 19:08:57 GMT
server
UploadServer
etag
"e06ec87bef527e7575d53d0927cdb6a2"
vary
Accept-Encoding
x-goog-generation
1675969737639206
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=4eH6Og==, md5=4G7Ie+9SfnV11T0JJ822og==
access-control-expose-headers
*
cache-control
max-age=450
x-goog-stored-content-length
136448
accept-ranges
bytes
x-amz-cf-id
b5ly4u5tRch6wVpd576PxTZhBvpu5OIhBEZjaaLCDMLA9aN1m1ttCQ==
expires
Thu, 09 Feb 2023 21:11:15 GMT
whitelabel_lookup
graph-api.whiskey.nuviapp.com/sso/ Frame
0
0
Preflight
General
Full URL
https://graph-api.whiskey.nuviapp.com/sso/whitelabel_lookup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.226.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-226-53.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.nuvi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
access-control-allow-methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
date
Thu, 09 Feb 2023 21:03:46 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
/
websocket-relay-api.whiskey.nuviapp.com/socket.io/
103 B
627 B
XHR
General
Full URL
https://websocket-relay-api.whiskey.nuviapp.com/socket.io/?EIO=3&transport=polling&t=OOt_T27
Requested by
Host:
URL: webpack-internal:///../node_modules/engine.io-client/lib/transports/polling-xhr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.125.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-125-253.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Referer
https://app.nuvi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin
https://app.nuvi.com
date
Thu, 09 Feb 2023 21:03:46 GMT
access-control-allow-credentials
true
content-length
103
content-type
text/plain; charset=UTF-8
whitelabel_lookup
graph-api.whiskey.nuviapp.com/sso/
0
0

sdk.js
connect.facebook.net/en_US/
0
0

Primary Request signin
app.nuvi.com/app/
2 KB
2 KB
Document
General
Full URL
https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
Requested by
Host:
URL: webpack-internal:///./helpers/logout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:3:fc5d:f540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8fb91212a673e256fecd3270b253cb9db536542eb4fd77dfad2ecefdfe969334
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.nuvi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 09 Feb 2023 21:03:48 GMT
etag
W/"e8b9ab50d801863276a59e2e691d2918"
last-modified
Wed, 08 Feb 2023 22:53:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-cf-id
MvPREvi4PVNzNji7aUXysUF7Y8_pAiAneg6gZs-NDjrrOpo8vhWEkg==
x-amz-cf-pop
FRA56-C2
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
/
websocket-relay-api.whiskey.nuviapp.com/socket.io/
0
0

indexBubbleLoader.css
app.nuvi.com/app/css/
920 B
1 KB
Stylesheet
General
Full URL
https://app.nuvi.com/app/css/indexBubbleLoader.css
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:3:fc5d:f540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
960107fb2aa8a8fbe7617a38877b901b27c9691e0aa901af876f7dbd19b50cea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Thu, 09 Feb 2023 21:03:49 GMT
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
content-length
920
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Feb 2023 22:53:07 GMT
server
AmazonS3
etag
"2a60a935513c77623b87b17bf4a72267"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
Hsi37g24ciUq9GlVEXeUdpK8aIowPRDsfxF5DTQF7ubE31oFfj_ykQ==
leaflet.css
unpkg.com/leaflet@1.4.0/dist/
14 KB
3 KB
Stylesheet
General
Full URL
https://unpkg.com/leaflet@1.4.0/dist/leaflet.css
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611e07ac3138efd12961981e4e441f81526ad3cfb6efb517c4c2db8bf60febda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.nuvi.com/
Origin
https://app.nuvi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 21:03:48 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
753682
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GR5H34F3HJX5Q39XWV2CMWB0-fra
server
cloudflare
etag
W/"371a-BHwra6tEHm/m0+qAT9uCUksxKCk"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
796f8dc599533a72-FRA
bundle-style.1fa9bc38d548d173d931.css
app.nuvi.com/app/
2 MB
227 KB
Stylesheet
General
Full URL
https://app.nuvi.com/app/bundle-style.1fa9bc38d548d173d931.css
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:3:fc5d:f540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55dc7a74c1354f856b3bed7f555c522acdbc9b4ee74693952b958c7e3da6bf5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
date
Thu, 09 Feb 2023 21:03:49 GMT
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Feb 2023 22:53:07 GMT
server
AmazonS3
etag
W/"bc4a119aa85a295ac81c9531de4127c5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
eQ4AgfeypYYGJ2fRrDDUsEAsb-N5ROLEY_btnbeFdqa-2_i4sIJ1sw==
js
maps.googleapis.com/maps/api/
177 KB
58 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyCAKu590crc0rYPq0vZtXtHetoz9SoDF4k&libraries=drawing%2Cplaces%2Cgeometry
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
ad4482db97afe1d0ef27e84ce0f99daa89fbd561a5016e3ffd6a09ba8b2c2c17
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 21:03:48 GMT
content-encoding
gzip
server
mafe
vary
Accept-Language
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=53
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59251
x-xss-protection
0
expires
Thu, 09 Feb 2023 21:33:48 GMT
api.js
www.google.com/recaptcha/
884 B
669 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Lf_wl0aAAAAACNZbPaaTa9dQsCEfzZsuPL_3DcW
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4775d7b7bb1cbc4b41d148b4d68fdaa4392d86369e6e952943c224bb3f261b77
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 21:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
581
x-xss-protection
1; mode=block
expires
Thu, 09 Feb 2023 21:03:48 GMT
bundle-main.1fa9bc38d548d173d931.js
app.nuvi.com/app/
52 MB
11 MB
Script
General
Full URL
https://app.nuvi.com/app/bundle-main.1fa9bc38d548d173d931.js
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:3:fc5d:f540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f95f9ab681129f5c02baa931cafda6eb97e9b659f9fcbf057a1c33bfb1c2aef9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
gzip
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
date
Thu, 09 Feb 2023 21:03:49 GMT
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
content-length
11505793
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Feb 2023 22:53:10 GMT
server
AmazonS3
etag
"09449f5d3296870b216b6a97cdaf74d9-2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
accept-ranges
bytes
x-amz-cf-id
xgJIXorcdwBJv-pg_RhdYcs8SnDNPWWppIw9LDJPHwBJIpUCysBnng==
bundle-style.1fa9bc38d548d173d931.js
app.nuvi.com/app/
4 KB
2 KB
Script
General
Full URL
https://app.nuvi.com/app/bundle-style.1fa9bc38d548d173d931.js
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:3:fc5d:f540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f4226f68e3fe5205672edf436e4bd98193d8f862c7b5f7daa35515b8b58460f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
date
Thu, 09 Feb 2023 21:03:49 GMT
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Feb 2023 22:53:07 GMT
server
AmazonS3
etag
W/"d86a13fb7c39e32d492ee99c09ff3e01"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
x-amz-cf-id
GYeXuPT4lnu2N_BikoziZPjjkMZPWBBrIxUwz5lme_7X3MqoRmlMjw==
css2
fonts.googleapis.com/
14 KB
913 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/app/bundle-style.1fa9bc38d548d173d931.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25038265e790e4ee17e16018c71e3a315baa5975b36afefe5249f8310f6aa749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Feb 2023 21:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 20:23:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Feb 2023 21:03:48 GMT
css2
fonts.googleapis.com/
4 KB
551 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Assistant:wght@300;400;600;700&display=swap
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/app/bundle-style.1fa9bc38d548d173d931.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f3502d5721043685a395f6f022069497c30c2a660bea479c4d9242027f4af808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Feb 2023 21:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 21:03:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Feb 2023 21:03:48 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCAKu590crc0rYPq0vZtXtHetoz9SoDF4k&libraries=drawing%2Cplaces%2Cgeometry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 21:03:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://app.nuvi.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/
406 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lf_wl0aAAAAACNZbPaaTa9dQsCEfzZsuPL_3DcW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.nuvi.com/
Origin
https://app.nuvi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 18:09:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165540
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Feb 2024 18:09:34 GMT
pendo.js
cdn.pendo.io/agent/static/3ae98de2-2d52-4bb6-51e4-ef933673e419/
404 KB
134 KB
Script
General
Full URL
https://cdn.pendo.io/agent/static/3ae98de2-2d52-4bb6-51e4-ef933673e419/pendo.js
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8600:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
38cbb2e7248086c29392b8358feabe6ca4e174bd6a4c5761bda855a8468c6bd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 21:03:45 GMT
content-encoding
gzip
via
1.1 97101640da3dcba7a2d4a3d67a31b114.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
3
x-guploader-uploadid
ADPycdt4VTV_kEXo4sT8fkWBkCzUXFgCCU3Kx6NcsiFWAA4MWDT5bl8Ti6JIWHsVF5Vfss2Mr_pLcqJxucaN7tZ7jVgD
x-cache
Hit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
136448
last-modified
Thu, 09 Feb 2023 19:08:57 GMT
server
UploadServer
etag
"e06ec87bef527e7575d53d0927cdb6a2"
vary
Accept-Encoding
x-goog-generation
1675969737639206
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=4eH6Og==, md5=4G7Ie+9SfnV11T0JJ822og==
access-control-expose-headers
*
cache-control
max-age=450
x-goog-stored-content-length
136448
accept-ranges
bytes
x-amz-cf-id
BWn1grfhDKbWYKS8WLqIUzI-l0F1Lm2hRuXwvNbW94fu2YitoPDN5g==
expires
Thu, 09 Feb 2023 21:11:15 GMT
whitelabel_lookup
graph-api.whiskey.nuviapp.com/sso/ Frame
0
0
Preflight
General
Full URL
https://graph-api.whiskey.nuviapp.com/sso/whitelabel_lookup
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.226.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-226-53.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.nuvi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
access-control-allow-methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
date
Thu, 09 Feb 2023 21:03:49 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
/
websocket-relay-api.whiskey.nuviapp.com/socket.io/
103 B
626 B
XHR
General
Full URL
https://websocket-relay-api.whiskey.nuviapp.com/socket.io/?EIO=3&transport=polling&t=OOt_To6
Requested by
Host:
URL: webpack-internal:///../node_modules/engine.io-client/lib/transports/polling-xhr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.125.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-125-253.compute-1.amazonaws.com
Software
/
Resource Hash
8faecb3264b12740346539567de2091a0d3b376ed2d839baf0d961c64dd7d06e

Request headers

Accept
*/*
Referer
https://app.nuvi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin
https://app.nuvi.com
date
Thu, 09 Feb 2023 21:03:49 GMT
access-control-allow-credentials
true
content-length
103
content-type
text/plain; charset=UTF-8
whitelabel_lookup
graph-api.whiskey.nuviapp.com/sso/
14 B
291 B
Fetch
General
Full URL
https://graph-api.whiskey.nuviapp.com/sso/whitelabel_lookup
Requested by
Host:
URL: webpack-internal:///./helpers/getWhiteLabelAccount.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.226.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-226-53.compute-1.amazonaws.com
Software
/
Resource Hash
a144668b1b1f02dea1fe103c21765c5a1cbce585da165ce1d841b79b1316a3e4

Request headers

Referer
https://app.nuvi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 09 Feb 2023 21:03:49 GMT
etag
W/"e-03kLYIAmmsYTWdpUMUwK+o+G6Ew"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
14
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host:
URL: webpack-internal:///./externals/asyncLoadScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cc41ca16e4300a2b830765d8755b4a69cc57f86463a6e372b06fb6dffd45abde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Feb 2023 21:03:49 GMT
content-md5
Jti3WR46c27nRQykyQBVHA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
ezV0alrRvmJxHbX7vSOcleZaj2Dn8+OR7oM8V0TOlo9LLZcl3Zw59rImjy+sfhsdPSNenVSPBZeJuxsWDyPLDQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
917726464
x-fb-content-md5
920fe8d9e52df5e16470f85baee5b936
cross-origin-opener-policy
same-origin-allow-popups
etag
"74bed097e169cfbd3409457045462df2"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 09 Feb 2023 21:23:00 GMT
/
websocket-relay-api.whiskey.nuviapp.com/socket.io/
3 B
522 B
XHR
General
Full URL
https://websocket-relay-api.whiskey.nuviapp.com/socket.io/?EIO=3&transport=polling&t=OOt_Ty_&sid=3inWNrjgNqN2PGH9AGv-
Requested by
Host:
URL: webpack-internal:///../node_modules/engine.io-client/lib/transports/polling-xhr.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.125.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-125-253.compute-1.amazonaws.com
Software
/
Resource Hash
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0

Request headers

Accept
*/*
Referer
https://app.nuvi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin
https://app.nuvi.com
date
Thu, 09 Feb 2023 21:03:50 GMT
access-control-allow-credentials
true
content-length
3
content-type
text/plain; charset=UTF-8
anchor
www.google.com/recaptcha/api2/ Frame 55EA
42 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_wl0aAAAAACNZbPaaTa9dQsCEfzZsuPL_3DcW&co=aHR0cHM6Ly9hcHAubnV2aS5jb206NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=qszf1dhh4cuo
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
52e81f1e6f68faae21496af54614e9e6822d4909b823b2e15395f2fc77c5fbdd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IuQIZPvpjvMj51i3RpOYTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.nuvi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22106
content-security-policy
script-src 'report-sample' 'nonce-IuQIZPvpjvMj51i3RpOYTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 09 Feb 2023 21:03:50 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
graph-api.whiskey.nuviapp.com/ Frame
0
0
Preflight
General
Full URL
https://graph-api.whiskey.nuviapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.226.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-226-53.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://app.nuvi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
access-control-allow-methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
date
Thu, 09 Feb 2023 21:03:50 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
/
graph-api.whiskey.nuviapp.com/ Frame
0
0
Preflight
General
Full URL
https://graph-api.whiskey.nuviapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.226.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-226-53.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://app.nuvi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
access-control-allow-methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
date
Thu, 09 Feb 2023 21:03:50 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
/
graph-api.whiskey.nuviapp.com/
93 KB
9 KB
Fetch
General
Full URL
https://graph-api.whiskey.nuviapp.com/
Requested by
Host:
URL: webpack-internal:///./graphql/GraphQLClient.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.226.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-226-53.compute-1.amazonaws.com
Software
/
Resource Hash
5230d4849d57243aac0c1c363f5add9d6206e74a29a6f074d18c714ff30bd398

Request headers

Referer
https://app.nuvi.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 09 Feb 2023 21:03:50 GMT
content-encoding
gzip
etag
W/"17501-Hv+N2e7SiQxXm+AUFs/uZzNuAhs"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
/
graph-api.whiskey.nuviapp.com/
22 KB
3 KB
Fetch
General
Full URL
https://graph-api.whiskey.nuviapp.com/
Requested by
Host:
URL: webpack-internal:///./graphql/GraphQLClient.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.226.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-226-53.compute-1.amazonaws.com
Software
/
Resource Hash
44b0e2cf4010771465450f63416f88ebd72ef5c7c66374dd1ca6c4bb7f78bd28

Request headers

Referer
https://app.nuvi.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 09 Feb 2023 21:03:50 GMT
content-encoding
gzip
etag
W/"576b-o2UQ780s9JFV2VDSosYP7s+ohFA"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
/
graph-api.whiskey.nuviapp.com/
456 KB
16 KB
Fetch
General
Full URL
https://graph-api.whiskey.nuviapp.com/
Requested by
Host:
URL: webpack-internal:///./graphql/GraphQLClient.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.226.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-226-53.compute-1.amazonaws.com
Software
/
Resource Hash
592da114e7feee625c99fa5b6f48670417569904639c8785de97ca228415eb77

Request headers

Referer
https://app.nuvi.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 09 Feb 2023 21:03:50 GMT
content-encoding
gzip
etag
W/"7217a-UPnoZaR58n6WoylJE+nO2zq7NKk"
vary
Accept-Encoding
access-control-allow-methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
/
graph-api.whiskey.nuviapp.com/ Frame
0
0
Preflight
General
Full URL
https://graph-api.whiskey.nuviapp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.226.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-226-53.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://app.nuvi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
access-control-allow-methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
access-control-allow-origin
*
content-length
2
content-type
text/plain; charset=utf-8
date
Thu, 09 Feb 2023 21:03:50 GMT
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
vary
Accept-Encoding
sdk.js
connect.facebook.net/en_US/
301 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=54d7c97e9b91a621d576ba5fedd3fd0d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f16f541807992b110cde4b80f5fbd513107bd6ec0b4007621cdc3d8aa394c831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.nuvi.com/
Origin
https://app.nuvi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Feb 2023 21:03:50 GMT
content-md5
l+9WVVpC426aopeR+o5vlw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87020
x-fb-rlafr
0
x-fb-debug
SXQQl0Un946MxBs1fl2u9UNmAjTXMwBUBTh+qxJB1I2rRnk8e8sFW2UMjp8jEsxMkd6LXLzeXQgx96KtTdKV/A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
9185416ab96ca31badba4e46ffdababb
cross-origin-opener-policy
same-origin-allow-popups
etag
"f3205c5d62170cf2a7f2952d5c796b88"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 09 Feb 2024 16:59:09 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.nuvi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 04:22:26 GMT
x-content-type-options
nosniff
age
492084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Feb 2024 04:22:26 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 55EA
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_wl0aAAAAACNZbPaaTa9dQsCEfzZsuPL_3DcW&co=aHR0cHM6Ly9hcHAubnV2aS5jb206NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=qszf1dhh4cuo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 18:23:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Feb 2024 18:23:23 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame 55EA
406 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_wl0aAAAAACNZbPaaTa9dQsCEfzZsuPL_3DcW&co=aHR0cHM6Ly9hcHAubnV2aS5jb206NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=qszf1dhh4cuo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 18:09:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10456
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165540
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Feb 2024 18:09:34 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 55EA
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 08:02:07 GMT
x-content-type-options
nosniff
age
306103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 13 Feb 2023 08:02:07 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 55EA
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_wl0aAAAAACNZbPaaTa9dQsCEfzZsuPL_3DcW&co=aHR0cHM6Ly9hcHAubnV2aS5jb206NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=qszf1dhh4cuo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 12:17:50 GMT
x-content-type-options
nosniff
age
463560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Feb 2024 12:17:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 55EA
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_wl0aAAAAACNZbPaaTa9dQsCEfzZsuPL_3DcW&co=aHR0cHM6Ly9hcHAubnV2aS5jb206NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=qszf1dhh4cuo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 15:26:18 GMT
x-content-type-options
nosniff
age
20252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Feb 2024 15:26:18 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 55EA
102 B
133 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gEr-ODersURoIfof1hiDm7R5
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_wl0aAAAAACNZbPaaTa9dQsCEfzZsuPL_3DcW&co=aHR0cHM6Ly9hcHAubnV2aS5jb206NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=qszf1dhh4cuo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf_wl0aAAAAACNZbPaaTa9dQsCEfzZsuPL_3DcW&co=aHR0cHM6Ly9hcHAubnV2aS5jb206NDQz&hl=de&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=qszf1dhh4cuo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 21:03:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
x-xss-protection
1; mode=block
expires
Thu, 09 Feb 2023 21:03:50 GMT
Reputation_Logo_Horizontal_Dark.png
app.nuvi.com/app/images/
11 KB
12 KB
Image
General
Full URL
https://app.nuvi.com/app/images/Reputation_Logo_Horizontal_Dark.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:3:fc5d:f540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b92afdc3362146139061d5493befca44024979f2ee3ba80124e9f5faf0c9fe0f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/app/signin?next=https%3A%2F%2Fapp.nuvi.com%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Thu, 09 Feb 2023 21:03:51 GMT
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
content-length
11760
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Feb 2023 22:53:07 GMT
server
AmazonS3
etag
"e4fbc59fdd890988d894e5bddf4158ee"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
L7vFNdz5gXKc0p0CDmDB5kKtcNrPyFnEP8H4B7KPXxleEx8x3cITiQ==
e4eabc4a9ca2b2b8566b0dcb60b30b40.png
app.nuvi.com/app/
247 KB
248 KB
Image
General
Full URL
https://app.nuvi.com/app/e4eabc4a9ca2b2b8566b0dcb60b30b40.png
Requested by
Host: app.nuvi.com
URL: https://app.nuvi.com/app/bundle-style.1fa9bc38d548d173d931.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:8600:3:fc5d:f540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3b757b74ad56a20e4d0f44829791ff52cfc912d6889d00a0bf57a8543bd47a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/app/bundle-style.1fa9bc38d548d173d931.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubdomains; preload
date
Thu, 09 Feb 2023 21:03:51 GMT
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
content-length
253363
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 08 Feb 2023 22:53:07 GMT
server
AmazonS3
etag
"e4eabc4a9ca2b2b8566b0dcb60b30b40"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
YWi4G5iKJhFrBwpR2mOcx9zXFGzN2wGAcF1qsaIIE9du3XspmwnHfg==
common.js
maps.googleapis.com/maps-api-v3/api/js/51/8/intl/de_ALL/
271 KB
76 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/8/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCAKu590crc0rYPq0vZtXtHetoz9SoDF4k&libraries=drawing%2Cplaces%2Cgeometry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89f4bfb243c64700034205f9f502828188a1d79af038797e4ea5eb8a58501883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 11:25:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77338
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 18:44:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 11:25:23 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/51/8/intl/de_ALL/
159 KB
58 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/8/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCAKu590crc0rYPq0vZtXtHetoz9SoDF4k&libraries=drawing%2Cplaces%2Cgeometry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4075b8fb3933f638735fc6d574639bc1aa950fe9dee5f9c5e35e6d085086026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.nuvi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 10:30:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124384
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59703
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 18:44:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 10:30:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
graph-api.whiskey.nuviapp.com
URL
https://graph-api.whiskey.nuviapp.com/sso/whitelabel_lookup
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/sdk.js
Domain
websocket-relay-api.whiskey.nuviapp.com
URL
https://websocket-relay-api.whiskey.nuviapp.com/socket.io/?EIO=3&transport=polling&t=OOt_TTn&sid=c6wJqHZN4Fka0ehYAGv8

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange object| google object| module$contents$mapsapi$overlay$overlayView_OverlayView object| module$exports$mapsapi$geometry$polyGeometry object| module$exports$mapsapi$geometry$spherical object| module$exports$mapsapi$poly$polylineCodec object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| pendo object| recaptcha object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill string| __react_router_build__ object| __AMPLITUDE__ number| __styled-components-init__ object| Prism object| L object| env object| closure_lm_789911 object| FB object| __buffer

1 Cookies

Domain/Path Name / Value
websocket-relay-api.whiskey.nuviapp.com/ Name: AWSALBCORS
Value: Od+5OaAvpIMsjHRAmW2FzorYY53MkrheefanghKULFW5s2xKNuJv19vAmJaX1Pd0KOhGxYUXcr1Uz0d8FtP/Szt9y0F9ReX/xVUtZ5isz5Q90oD1qnGBzjSi5j5F

1 Console Messages

Source Level URL
Text
network error URL: https://graph-api.whiskey.nuviapp.com/sso/whitelabel_lookup
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.nuvi.com
cdn.pendo.io
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
graph-api.whiskey.nuviapp.com
maps.googleapis.com
unpkg.com
websocket-relay-api.whiskey.nuviapp.com
www.google.com
www.gstatic.com
connect.facebook.net
graph-api.whiskey.nuviapp.com
websocket-relay-api.whiskey.nuviapp.com
2600:9000:211e:8600:3:fc5d:f540:93a1
2600:9000:2127:8600:1f:aa31:7740:93a1
2606:4700::6810:7aaf
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
2a00:1450:400d:807::200a
2a03:2880:f02d:12:face:b00c:0:3
52.86.125.253
54.145.226.53
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
25038265e790e4ee17e16018c71e3a315baa5975b36afefe5249f8310f6aa749
2f4226f68e3fe5205672edf436e4bd98193d8f862c7b5f7daa35515b8b58460f
38cbb2e7248086c29392b8358feabe6ca4e174bd6a4c5761bda855a8468c6bd3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b0e2cf4010771465450f63416f88ebd72ef5c7c66374dd1ca6c4bb7f78bd28
4775d7b7bb1cbc4b41d148b4d68fdaa4392d86369e6e952943c224bb3f261b77
5230d4849d57243aac0c1c363f5add9d6206e74a29a6f074d18c714ff30bd398
52e81f1e6f68faae21496af54614e9e6822d4909b823b2e15395f2fc77c5fbdd
55dc7a74c1354f856b3bed7f555c522acdbc9b4ee74693952b958c7e3da6bf5b
592da114e7feee625c99fa5b6f48670417569904639c8785de97ca228415eb77
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
611e07ac3138efd12961981e4e441f81526ad3cfb6efb517c4c2db8bf60febda
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89f4bfb243c64700034205f9f502828188a1d79af038797e4ea5eb8a58501883
8faecb3264b12740346539567de2091a0d3b376ed2d839baf0d961c64dd7d06e
8fb91212a673e256fecd3270b253cb9db536542eb4fd77dfad2ecefdfe969334
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
960107fb2aa8a8fbe7617a38877b901b27c9691e0aa901af876f7dbd19b50cea
a144668b1b1f02dea1fe103c21765c5a1cbce585da165ce1d841b79b1316a3e4
a3b757b74ad56a20e4d0f44829791ff52cfc912d6889d00a0bf57a8543bd47a9
ad4482db97afe1d0ef27e84ce0f99daa89fbd561a5016e3ffd6a09ba8b2c2c17
b92afdc3362146139061d5493befca44024979f2ee3ba80124e9f5faf0c9fe0f
c4075b8fb3933f638735fc6d574639bc1aa950fe9dee5f9c5e35e6d085086026
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc41ca16e4300a2b830765d8755b4a69cc57f86463a6e372b06fb6dffd45abde
cfd288965d907162269e027312c7f64a05c1c4c360103c60c3daef3fe9298736
f16f541807992b110cde4b80f5fbd513107bd6ec0b4007621cdc3d8aa394c831
f3502d5721043685a395f6f022069497c30c2a660bea479c4d9242027f4af808
f95f9ab681129f5c02baa931cafda6eb97e9b659f9fcbf057a1c33bfb1c2aef9