urlscan.io logo urlscan.io
SecurityTrails logo

huntr.dev Open in urlscan Pro
2600:9000:211a:6200:14:bb32:5f00:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Submission: On January 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 1 countries across 10 domains to perform 83 HTTP transactions. The main IP is 2600:9000:211a:6200:14:bb32:5f00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is huntr.dev.
TLS certificate: Issued by Amazon on December 26th 2022. Valid for: a year.
This is the only time huntr.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37 2600:9000:211... 16509 (AMAZON-02)
7 13.224.192.183 16509 (AMAZON-02)
1 9 54.237.133.81 14618 (AMAZON-AES)
2 3.230.168.220 14618 (AMAZON-AES)
16 99.86.4.5 16509 (AMAZON-02)
1 13.32.27.21 16509 (AMAZON-02)
2 2a04:4e42:400... 54113 (FASTLY)
1 52.36.153.191 16509 (AMAZON-02)
1 13.249.9.41 16509 (AMAZON-02)
1 18.66.147.116 16509 (AMAZON-02)
4 2600:9000:214... 16509 (AMAZON-02)
3 2606:50c0:800... 54113 (FASTLY)
1 52.216.222.33 16509 (AMAZON-02)
83 13
37    2600:9000:211a:6200:14:bb32:5f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
huntr.dev
7    13.224.192.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-183.fra2.r.cloudfront.net
cdn.segment.com
9    54.237.133.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-133-81.compute-1.amazonaws.com
app.chatwoot.com
2    3.230.168.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-168-220.compute-1.amazonaws.com
app.posthog.com
16    99.86.4.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-5.fra6.r.cloudfront.net
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com
1    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
static.hotjar.com
2    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
1    52.36.153.191 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-153-191.us-west-2.compute.amazonaws.com
api.segment.io
1    13.249.9.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-41.cdg53.r.cloudfront.net
script.hotjar.com
1    18.66.147.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-116.fra60.r.cloudfront.net
vars.hotjar.com
4    2600:9000:214f:9600:7:dce7:b680:21 (United States)

ASN16509 (AMAZON-02, US)
d3tq67kexc2w2i.cloudfront.net
3    2606:50c0:8002::154 (United States)

ASN54113 (FASTLY, US)
avatars.githubusercontent.com
1    52.216.222.33 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
prod-chatwoot-assets.s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
37 huntr.dev
huntr.dev
1 MB
17 amazonaws.com
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com
prod-chatwoot-assets.s3.amazonaws.com — Cisco Umbrella Rank: 910459
36 KB
9 chatwoot.com
app.chatwoot.com — Cisco Umbrella Rank: 277289
43 KB
7 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1421
59 KB
4 cloudfront.net
d3tq67kexc2w2i.cloudfront.net
212 KB
3 githubusercontent.com
avatars.githubusercontent.com — Cisco Umbrella Rank: 9115
36 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 606
script.hotjar.com — Cisco Umbrella Rank: 725
vars.hotjar.com — Cisco Umbrella Rank: 866
75 KB
2 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4071
19 KB
2 posthog.com
app.posthog.com — Cisco Umbrella Rank: 25348
769 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 999
170 B
83 10
Domain Requested by
37 huntr.dev 1 redirects huntr.dev
16 mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com huntr.dev
browser.sentry-cdn.com
9 app.chatwoot.com 1 redirects huntr.dev
app.chatwoot.com
d3tq67kexc2w2i.cloudfront.net
7 cdn.segment.com huntr.dev
cdn.segment.com
4 d3tq67kexc2w2i.cloudfront.net app.chatwoot.com
d3tq67kexc2w2i.cloudfront.net
3 avatars.githubusercontent.com huntr.dev
2 browser.sentry-cdn.com cdn.segment.com
2 app.posthog.com huntr.dev
browser.sentry-cdn.com
1 prod-chatwoot-assets.s3.amazonaws.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 api.segment.io cdn.segment.com
1 static.hotjar.com cdn.segment.com
83 13
Subject Issuer Validity Valid
*.huntr.dev
Amazon		 2022-12-26 -
2024-01-24		 a year crt.sh
*.segment.com
Amazon		 2022-12-13 -
2024-01-12		 a year crt.sh
app.chatwoot.com
R3		 2023-01-11 -
2023-04-11		 3 months crt.sh
app.posthog.com
Amazon		 2022-10-04 -
2023-11-02		 a year crt.sh
*.appsync-api.eu-west-1.amazonaws.com
Amazon		 2022-12-07 -
2024-01-05		 a year crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
*.segment.io
Amazon		 2023-01-11 -
2024-02-10		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh

This page contains 3 frames:

Primary Page: https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Frame ID: EBD517B87AC5C30C391888A9CA91981B
Requests: 62 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
Frame ID: C163961CA29D4341D42103163927D4E5
Requests: 1 HTTP requests in this frame

Frame: https://app.chatwoot.com/widget?website_token=puTnMCiAd9DHeNuoWk2mzm6X
Frame ID: DF63FAC91101BF94944B7D8525A8447E
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ANSI Escape Sequence Injection vulnerability found in radare2

Page URL History Show full URLs

  1. https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e HTTP 301
    https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

83
Requests

99 %
HTTPS

31 %
IPv6

10
Domains

13
Subdomains

13
IPs

1
Countries

1806 kB
Transfer

5776 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e HTTP 301
    https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76
  • https://app.chatwoot.com/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBeWplRVE9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--6cb91ac7b4e48808e78a8d6ff61c52a99da0d564/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaDdCem9MWm05eWJXRjBTU0lJY0c1bkJqb0dSVlE2QzNKbGMybDZaVWtpRERJMU1IZ3lOVEFHT3daVSIsImV4cCI6bnVsbCwicHVyIjoidmFyaWF0aW9uIn19--0ebc19c01420fe8a8c6a202fcf9e63947dea59fd/New%20Project%20(16).png HTTP 302
  • https://prod-chatwoot-assets.s3.amazonaws.com/variants/2ll67w41cg1ugvvjj7lvmhtlw499/57496d59bd65461658f8699a5f17b76e76ea0b02ffb71890c8dbfe4064ba7e6e?response-content-disposition=inline%3B%20filename%3D%22New%20Project%20%252816%2529.png%22%3B%20filename%2A%3DUTF-8%27%27New%2520Project%2520%252816%2529.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAX7PDOLKIAFKYEREY%2F20230125%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230125T004206Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=0d00f33bb4c4a6864178fea49280d9f32eb00994d5a604ced81b051da655f0a3

83 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Redirect Chain
  • https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e
  • https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49bd253d01e5010a90042708e1a92c1763b3282a1cf80833038f6d7d4ecae770

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 25 Jan 2023 00:42:04 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-id
jqya6z0H_RvezuRPJ-O7yDH1O6PLxQjy2twMilEmbvYSZpgP5FZZOA==
x-amz-cf-pop
VIE50-C2
x-cache
Error from cloudfront

Redirect headers

content-length
0
content-type
application/xml
date
Wed, 25 Jan 2023 00:42:04 GMT
location
/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
server
AmazonS3
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-id
Noca6iW2a0YOtVYqL-AWdUfGcRPeWBno21PfE2gaenwkS9JC6Q8zag==
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
47d093f.js
huntr.dev/_nuxt/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/47d093f.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21bc8c4d3fb08edcd7d9b2c96a67a831c0c2df78b6474a008747a5bee07f86c0
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:36:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
age
366
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"bacd123b208660e59e178d62a1268f76"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
j8yKALg2qZwvbcO9k2mwE02P3aivsfn8uJNUakP4rTwzCqkEUna40Q==
1d4ee68.js
huntr.dev/_nuxt/ 		314 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/1d4ee68.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5ef42cc9d816b7450985d9dbf4b4c975116a40dfe01b7d461f034c6fa6ae9e6
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:36:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
age
366
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:42 GMT
server
AmazonS3
etag
W/"0199d76025dfaebb022981a554081799"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
qabrVO9YYKp3TlazLleh7n0V0PcGVq9P6dB0pO3RmADY6gC52SqnMQ==
b70fbba.js
huntr.dev/_nuxt/ 		1 MB
304 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/b70fbba.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b2d5459d042fcb31fd94f5ffcba83cdfc477e50d7f8705e36c6cf410426fb38
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:36:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
age
366
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:42 GMT
server
AmazonS3
etag
W/"ff8ffe67558998d857504d1273be9426"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
sTMyZJ6tEn1dHUyOF4itYWaDjJ8z6z86PSU7G6907czomaHW3Paoqw==
b482d67.js
huntr.dev/_nuxt/ 		87 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/b482d67.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c7701ac7e9a124ca0c629310b75ddb17853f3b4f0e8eff8fe936aaf0418560a
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:36:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
age
366
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:42 GMT
server
AmazonS3
etag
W/"dc41807fffc71e639f8a1247da67a936"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
WohOayZyvyuZsrf9OYCqnjGNwgio_JBX_7mlGWre3xNGgPEBUORkRg==
a1c16fd.js
huntr.dev/_nuxt/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/a1c16fd.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7eaced6d29ad8d3a5ff3d9e3fab5954a5e0151f96ef3414b11c51a146de2338e
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:36:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
age
366
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:42 GMT
server
AmazonS3
etag
W/"67eabd045d50056750f5aa530f5d23cb"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
m7wZ_hHrmE_o96hFkoGWYXN_-e_H6gxCZitgrNnelM1q7E8wFX9fsw==
506d26e.js
huntr.dev/_nuxt/ 		68 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/506d26e.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e6f2337de072d2411ac7e6ba6e07394b59ac3461300b455fb1a0b597224d219
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:36:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
age
366
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"22d4d18b7a1d51aba7ed982f2d8dec60"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
LJ-v-3Paa1BZVd8oC6TUIFf0qjk2yZM2-8F-X-Iv19U1hQS46KOKTQ==
c731e0b.js
huntr.dev/_nuxt/ 		863 KB
273 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/c731e0b.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb711b4aea63c35577beb5a192268acce04e9a396497d4ef4fb523e0c1f2cfcc
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:36:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
age
366
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:42 GMT
server
AmazonS3
etag
W/"24e709b076a0c4c17fc1916f8d6153e7"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
CWoaXxL7Jt9VJCNcMitkgEWmnNX8Ku7-g2bALasaXa5buuhwHhpQfA==
8554d82.js
huntr.dev/_nuxt/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/8554d82.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0da065d858979f2a894cc0fec20d885d949252ba1022d153f8363088848a69da
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:36:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
age
366
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"0e23911f494bbe78c240881d1b9ba2e2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
f7VywTp2CSX5VD39suoT-65WvgVNkz-uRT87MkaPybqaQnNiln334w==
c146111.js
huntr.dev/_nuxt/ 		435 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/c146111.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df7faafe95e348d6c9ec91a7c4cb616e482a363f082efc683244599aed20ceca
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:36:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
age
366
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:42 GMT
server
AmazonS3
etag
W/"05c108770ec74157f2399ca034a400e1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
7hMRmXVTiTZjDKJfi0gudH9ElLzm6YMLe5HV0Y7orLxPrCx7Rj5NTA==
analytics.min.js
cdn.segment.com/analytics.js/v1/VWwEgATDMwku1jvgt0soCRaORr8xbOyx/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/VWwEgATDMwku1jvgt0soCRaORr8xbOyx/analytics.min.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/b70fbba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-183.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c796cd2178da32b5c1dec2054a1abb5be5f48d826e0e8dc01fc60e4b74bedf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
0LQPDjVSd9sBiMWf2dGzh1jmSns4w.0f
content-encoding
br
via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
date
Wed, 25 Jan 2023 00:42:05 GMT
x-amz-cf-pop
FRA2-C1
age
53
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 14 Dec 2022 01:07:10 GMT
server
AmazonS3
etag
W/"ce91874fd979208240e2c739da83e107"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
C61CmC6-1ZuyM9h69Jygq8cLGCgwZ189tOAA2D3g0-lvbMFtwQqylQ==
sdk.js
app.chatwoot.com/packs/js/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/packs/js/sdk.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/b482d67.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
1ef90aaa45179ae37fb65591377180eb48040ccbd6b3e36fa1a5497544c712de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 00:42:05 GMT
Content-Encoding
br
Via
1.1 vegur
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 24 Jan 2023 07:56:15 GMT
Server
Cowboy
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
Cache-Control
public, max-age=31556952
Connection
keep-alive
Content-Length
29278
/
app.posthog.com/decide/ 		239 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/decide/?v=2&ip=1&_=1674607325301
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/b70fbba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.168.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-168-220.compute-1.amazonaws.com
Software
/
Resource Hash
e39e46684de1d904f143b7e5598c153b851a70188e0d720cc5c288a447dffcaa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://huntr.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 25 Jan 2023 00:42:05 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://huntr.dev
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/b70fbba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash
fcb23a9a90f5baafeb42d59ee6826fd291451f9fb1ce7f76c2cc137bb2da6d19

Request headers

accept
*/*
Referer
https://huntr.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
x-api-key
da2-fql7xoajcng6pilmew4lfbi6ga
content-type
application/json

Response headers

x-amzn-appsync-tokensconsumed
4
date
Wed, 25 Jan 2023 00:42:05 GMT
content-encoding
gzip
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
9da811fe-258d-4845-8b7e-2c5dc339d010
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
x-amz-cf-id
W1advRUvqB6nZ7CGkaQ0fZptJzX7oIRVL4CSqorLQBHwVB0kuzETOQ==
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://huntr.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age
172800
content-length
0
date
Wed, 25 Jan 2023 00:42:05 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
aWbJo2I0nTkB0MEtBpMRGFHRNivnCOgnM4uaqsmqLsprduO1JPpCSQ==
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
ec17d2cc-2597-4a23-a8fa-a69473b49c2d
x-cache
Miss from cloudfront
Montserrat-Regular.3cd7866.ttf
huntr.dev/_nuxt/fonts/ 		240 KB
111 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/fonts/Montserrat-Regular.3cd7866.ttf
Requested by
Host: huntr.dev
URL: https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Origin
https://huntr.dev
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:42 GMT
server
AmazonS3
etag
W/"ee6539921d713482b8ccd4d0d23961bb"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
lsvfCQY7ohy5lx9Fm7JtW385LP359LaAa_X0KeqzY0dhAglhOGkduA==
Montserrat-Medium.e2d60bc.ttf
huntr.dev/_nuxt/fonts/ 		237 KB
110 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/fonts/Montserrat-Medium.e2d60bc.ttf
Requested by
Host: huntr.dev
URL: https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
421f26b23e2be6b98373d32acd3cb2897b154d4bf0a77d26534ce476e4cbed53
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Origin
https://huntr.dev
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:42 GMT
server
AmazonS3
etag
W/"c8b6e083af3f94009801989c3739425e"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/ttf
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
whK6k2egUhdUC7GeUg-T_tUdBwTtbYvP80dDud_A6IdLYhkI3uhqpg==
ebd9b2a.js
huntr.dev/_nuxt/ 		33 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/ebd9b2a.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a69ebf9d3758c59b6ad01b94915c8a48b5ec9b665360df30642da9cb6ccb1702
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"123cdca8d79e4280edd634cd72040c97"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
zDc-1ZLv7y6_j1Ju85Q2mQNETujUplNMMLLi6O_WxqfWJCKS9L6o1Q==
manifest.js
huntr.dev/_nuxt/static/1673288377/ 		170 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/static/1673288377/manifest.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/b70fbba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10b631396fbe1f84cecffdc5dc60c14c20ac75aaabc3be086047bbb8573603e2
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:44:02 GMT
server
AmazonS3
etag
W/"91d4040a8b52874d02c055018d8c37aa"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
G4kpe4G43QeyNS0BNI0jzrUsE-A18QBvhckOdeeEFWxzTqrQhZQDPQ==
b2ac75d.js
huntr.dev/_nuxt/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/b2ac75d.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
891f49cc40881692a5acc981a1c0fd856e8ce78838acaa1001ff0ad74d5ae281
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"99a725a21abb3eec208fbabdeb935565"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
qH6ZOU-x00cvtoWKDm3mmBShuYIdKt5O6WRCd5k0RgJ8u1fEw1FXdA==
fceccfb.js
huntr.dev/_nuxt/ 		70 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/fceccfb.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bb5f2cb4977648049b57d0ad6fd50c0a614dd7fe5141010a5f696cf82110e4b
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:42 GMT
server
AmazonS3
etag
W/"43c3cdd2ae4dfbc9cbb1a8d11f67860d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
vuiMR3yNbKplOey9gqxmxwy5hOkyL2uH8fxUaHT4PTfz0nXyjIzjrQ==
settings
cdn.segment.com/v1/projects/VWwEgATDMwku1jvgt0soCRaORr8xbOyx/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/VWwEgATDMwku1jvgt0soCRaORr8xbOyx/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/VWwEgATDMwku1jvgt0soCRaORr8xbOyx/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-183.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c15d07f9d87fea851ff9306ff597b442e7ca8f6b306acaf6fe753ed259decee4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id
i9_qgm6tEM5rZut_i1KSuO6gKrVDsodO
content-encoding
br
via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
date
Wed, 25 Jan 2023 00:04:31 GMT
x-amz-cf-pop
FRA2-C1
age
9311
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 16 Jun 2022 18:54:24 GMT
server
AmazonS3
etag
W/"749a45c0a89b0126d214cd63e5d896fb"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
NIw2X3pb2EQo-IIhlCLpk9zhlxziB5urxSyF_hHegrMPXS2kOllZhA==
cf5c3c2.js
huntr.dev/_nuxt/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/cf5c3c2.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
908f3baf7f7be6cd2a61b20b70bf20ccd4cf7cb421d3936d0b49d5047ccd6d93
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"4b0e1689f17d85cae2f43b4793ce6162"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
QIVyo7M9v7v8fOxkeDhicFhOFXRsLHLwaDcqueePlp2mTTMgekdjFg==
3144c50.js
huntr.dev/_nuxt/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/3144c50.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
827800680fa89a9e7361fa540081e6542a18efa2a7ffd8add5de06ad0f73cf89
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"e8e41fa06c8c923f9e1b4c2fe0ec8176"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
QS_-yzrK7ULFWffQhQTOztRo2m7D1y5-DE-MoMfFc8VsYZ4NYEg0PA==
5b602b4.js
huntr.dev/_nuxt/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/5b602b4.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7d23d5f64780fefc599dd4d012a5a4ceb5f7ff6af738ce820d47468481d78ec
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"6dcb6bfa75a589e4130d61b3682d6e28"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
iBJjLjODVAR7DPv8DXCwvUfgeMFM84kTaxTk2wT_raPkQaH3QHRGkQ==
f380f2d.js
huntr.dev/_nuxt/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/f380f2d.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5318d15be0ffc7b9a01306e195f0308fc8d1a3250e2f451d0370ee56da6f7d5c
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"fa20690bc08a23d17e4244f3377d6f13"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
IiXZDSq_nbv6-XrauXpm6QJPgPJkDXQwIwIv2Dl_-vIfVg5vClMjeA==
60bc138.js
huntr.dev/_nuxt/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/60bc138.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
94ba145bdb5489f3ca0a82579fc65adc7b2386719e2a80d914792598ef464f0e
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"00bf2672d849d02f9b0d122ba89a80ab"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
mARjb-chwaiFcf_8H8VKBoBPmp_hgWwXOs19M6rTqUgLQFpgIkWoFQ==
bf084fd.js
huntr.dev/_nuxt/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/bf084fd.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fda5f52e7e399c69f8079b4bff344c255cb80a11accac53b79738896d2a641c
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"b4b5aaabb73d884cf3a6becdea8643ac"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
AujS72GMt90Q0wiER5UV5aA4Bl1vUr__5LTrMYeTXZRzmWaxOYtnYQ==
672a893.js
huntr.dev/_nuxt/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/672a893.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87148e3b1c176f254a9327fcd50b8007118d8cc699f12fb163c6ee89388ab056
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"62fbfdc905b2b104ba002b8e68b54811"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
9c09Hrzxj7MESIxZ03RMOInJv_KUCLW0JP4nbjKQncunSjqv-Gqa9Q==
31ff7ef.js
huntr.dev/_nuxt/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/31ff7ef.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e14567b6b937e98681aed9d48f39148db6e68aa4ecb2629258d8c833f5fad296
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"bbe204fd68dafe294b6ad1112f543100"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
-5e6HLj-RCFm2DR6kr5RRz7AH1U_CKZz0bLXfrO2cveEbf8_CoCqtg==
dc2c72b.js
huntr.dev/_nuxt/ 		141 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/dc2c72b.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d03a36e65d82b4bd6469004dcefaf5c19e990fa2fd9662a3cfdbac2d17b0448
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:42 GMT
server
AmazonS3
etag
W/"f3f7a32723cb1267975d194af7508bd7"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
uGilv2yDPfLgyOQTGoYjnkgaORQ2sEMDZxjrJVt6XYjt0CvCD6tTFg==
ajs-destination.bundle.1466bb14223e695495e6.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.1466bb14223e695495e6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/VWwEgATDMwku1jvgt0soCRaORr8xbOyx/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-183.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aab3c7efa1174866dc81b505ba5bc940bec1200e2b11758484cce9cf8f2cd43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 08 Dec 2022 03:00:42 GMT
x-amz-version-id
laxW76Utysumpt4PGNIVrD2EkpEC_Vx5
content-encoding
br
via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
4138883
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Dec 2022 00:52:27 GMT
server
AmazonS3
etag
W/"238b8357fd89fec8e05754f2e8550aa2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
ky5vVB7oAdiOMZdvYsRWp8c1ZE-SjVLPH4TJI4ifyFf6NSPLUeLMwg==
schemaFilter.bundle.debb169c1abb431faaa6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/VWwEgATDMwku1jvgt0soCRaORr8xbOyx/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-183.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 07:58:45 GMT
x-amz-version-id
DaaIbLnzvn06V4JPscsHdkknFnPWetFJ
content-encoding
br
via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
4466601
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Sun, 04 Dec 2022 04:06:01 GMT
server
AmazonS3
etag
W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
QE-e7T99rWhkkNH1qSLCXtOuXzToZpRLn9ON7378C5-MO9p1x1wSFA==
hotjar.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/hotjar.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/VWwEgATDMwku1jvgt0soCRaORr8xbOyx/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-183.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05cee74e08992e6f58bc28d43ff042c5def119ba66ca7601cdb4b3efce53625f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 00:51:56 GMT
content-encoding
gzip
via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
x-amz-version-id
ssIuRlv9DUFiuYPFxkC3rj0dOyfsNCMD
x-amz-cf-pop
FRA2-C1
age
4233009
x-cache
Hit from cloudfront
content-length
1336
last-modified
Tue, 06 Dec 2022 17:40:57 GMT
server
AmazonS3
etag
"4cd7c93a55ce331d264d9a857bd044ed"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
OpYWQy6rc_GqTVmRiQq9ajGZ7EJgbR-J0wTKrkINP-kc_UV4dQIJUQ==
sentry.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/sentry/3.0.1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/sentry/3.0.1/sentry.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/VWwEgATDMwku1jvgt0soCRaORr8xbOyx/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-183.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb918e4772434c8678a69a4d9c1683e0ccf4bc2498f5240d1465b8287d2387cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 01:26:27 GMT
content-encoding
gzip
via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
x-amz-version-id
5bNum2ops_RpUQWE_bP7Ci0RrOJq1fgB
x-amz-cf-pop
FRA2-C1
age
4749339
x-cache
Hit from cloudfront
content-length
1635
last-modified
Mon, 24 Oct 2022 18:48:00 GMT
server
AmazonS3
etag
"ddd169ee2d3b58407ac01df09d8dbdc7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
yAmae8GkzZZbLiN3av-q11l_9QgyvU3Z8wTSA3fBDRhhV5UhKnsy0Q==
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/VWwEgATDMwku1jvgt0soCRaORr8xbOyx/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-183.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 11 Dec 2022 22:57:48 GMT
content-encoding
gzip
via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
x-amz-version-id
nCe7.wX1BbiLVINghrbErhSI9GNiVjGD
x-amz-cf-pop
FRA2-C1
age
3807858
x-cache
Hit from cloudfront
content-length
22177
last-modified
Wed, 07 Dec 2022 17:21:14 GMT
server
AmazonS3
etag
"befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
RmxBGS_VHqKuMACI4SSWrWcA87tmNsGo6SDATrnydbrcJs2qKlO9pw==
hotjar-2380708.js
static.hotjar.com/c/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2380708.js?sv=6
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/hotjar.dynamic.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
1cc0864ec8a54bf64fb3e01c8528379b20cb726ad8f4e034331d88b194ab2390
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 25 Jan 2023 00:42:05 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
21
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/ea73e923c81cc25de9ffcdb58086b4cc
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
ZxaAs34JAmZp4IV2XNXyStSHlgDZdvecnpKcS6td927Wik4LnNs98A==
bundle.min.js
browser.sentry-cdn.com/5.12.1/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
75457b054e6e1e89f10dda4b777d5676404acaa1541618f03d4ed055a3857e05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://huntr.dev/
Origin
https://huntr.dev
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 04 Feb 2020 11:19:05 GMT
server
Fastly
age
4210757
etag
"1c5228c89d281d08aa0ce908f582609a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17201
expires
Thu, 07 Dec 2023 07:02:48 GMT
p
api.segment.io/v1/ 		21 B
170 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/VWwEgATDMwku1jvgt0soCRaORr8xbOyx/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.153.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-153-191.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://huntr.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://huntr.dev
date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
rewriteframes.min.js
browser.sentry-cdn.com/5.12.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.12.1/rewriteframes.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
93a1f3263e3c883f998ff8f4a3fd8afc3066f33daf90248b89e2bb01cd2003f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://huntr.dev/
Origin
https://huntr.dev
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 04 Feb 2020 11:19:05 GMT
server
Fastly
age
11624755
etag
"4e240097ab71acf709caa48e23cd6411"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1807
expires
Tue, 12 Sep 2023 11:36:11 GMT
payload.js
huntr.dev/_nuxt/static/1673288377/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/static/1673288377/payload.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/b70fbba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e7056490a6aa47842422c016c7990d2621f7efb96114ba073809ca7ef306489
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:44:02 GMT
server
AmazonS3
etag
W/"126dd630135f2a51a22e58e9f9dbb73b"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
5GF4vvNG5ueG65y6viSOeoUHhSEBPbtxTSEK4iFcqm_AeGspibH6fg==
payload.js
huntr.dev/_nuxt/static/1673288377/bounties/hacktivity/ 		81 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/static/1673288377/bounties/hacktivity/payload.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/b70fbba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a279a8cfe3eb891b1a7a5458606ae20be74304c60e05b985f3bea0f6815e96b
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
81
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:44:02 GMT
server
AmazonS3
etag
"fc04d064f666e6c3a67bfdf89f4b2801"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
accept-ranges
bytes
x-amz-cf-id
seFcJ1kTO7TvwIfEDHnObJEuAQIruRUjqt3IPAEGUNaEMhu_7iUSoQ==
payload.js
huntr.dev/_nuxt/static/1673288377/leaderboard/ 		73 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/static/1673288377/leaderboard/payload.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/b70fbba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9de1041297927941b9c0d2104c967e3a17544dc79c5c9d49d3500af6397a9f7f
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
73
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:44:02 GMT
server
AmazonS3
etag
"7dcde85f209c9e271f0e80211fb29626"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
accept-ranges
bytes
x-amz-cf-id
KKA7NUiqpVnd71m3YT7MyKlDTC2zpYIx4QOEUh6Ul4-cx_TD8MGJGg==
payload.js
huntr.dev/_nuxt/static/1673288377/faq/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/static/1673288377/faq/payload.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/b70fbba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7291a5aa447f8204ee87c00e0858a634a42fdfd069800723df869ce8c4b2bad4
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:44:02 GMT
server
AmazonS3
etag
W/"dbb534f774918384d507e308d90ab593"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
8nkoM57vqIRWw1KuhtqABLziOm_rS_-E6B0NV_84w45NCHIlD_ZDfQ==
payload.js
huntr.dev/_nuxt/static/1673288377/contact-us/ 		72 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/static/1673288377/contact-us/payload.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/b70fbba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a37031e6a0feef007ad05ef938452805b8c01fd6a3e3388e62a951c65796df7
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
72
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:44:02 GMT
server
AmazonS3
etag
"366dc6ea76591bc89566ac85b90aec65"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
accept-ranges
bytes
x-amz-cf-id
B4Ls9eBJ-LIbcvLRzgVTyez-5I-qh3mBVgPBfYQ534uvj3nEsYPhDQ==
payload.js
huntr.dev/_nuxt/static/1673288377/terms/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/static/1673288377/terms/payload.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/b70fbba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3f358e1f5ac676b17fa1868e8aa2670f7ac176d91594391e73fe359c4a1be1a
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:44:02 GMT
server
AmazonS3
etag
W/"a4ea7714bcbfbd711bcfeb538c80c8d4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
o1pGvrFMyWd47MjkWVDGp270N93MPPiSp85wIYCyO7qqO4G8iwArqQ==
payload.js
huntr.dev/_nuxt/static/1673288377/privacy/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/static/1673288377/privacy/payload.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/b70fbba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55bd74b3c7c7167fe128eacf44052c3f943ac5b2748e07869ef5dfc6c424e69c
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:44:02 GMT
server
AmazonS3
etag
W/"6b3ae41d715bbd2b5cf61cb43f39636b"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
-v6pmWIy7oEPLnA9xMHOK0fVagiakFxaxon--MgySN4tHe8PTs12jA==
payload.js
huntr.dev/_nuxt/static/1673288377/bounties/disclose/ 		79 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/static/1673288377/bounties/disclose/payload.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/b70fbba.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78a22e968841df97d2a8f5f6150f98a563a711e6d4097962719837c18320f3b1
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
79
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:44:01 GMT
server
AmazonS3
etag
"11e86df8ac1d9c85f55c418a4fbf5255"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
accept-ranges
bytes
x-amz-cf-id
V_R86uPBeL22Ecjx0EIeRxREgofYCSTAVXvBXLkd49SCXwk3NYV9Wg==
modules.ea0a6d6a741d5de8308e.js
script.hotjar.com/ 		263 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.ea0a6d6a741d5de8308e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2380708.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.9.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-9-41.cdg53.r.cloudfront.net
Software
/
Resource Hash
6619ef277249ca9230cbc0315da9b41caa9f15996d143f7d1a77d52d901ce269
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 11:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 4d3c039385e1d4ab0e1d024dacb2fd62.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG53-C1
age
394320
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68675
last-modified
Fri, 20 Jan 2023 11:09:55 GMT
etag
"e45ceb77c1a47254136f1ef733de65df"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
vh9Blh7YH8Iu08x68TMM5FC9dLYJbg9TKMzQ0Z4tfNI0MbVWGPqZWg==
box-ff00c703c3bbdf54ae44ee858d64f69e.html
vars.hotjar.com/ Frame C163 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-ff00c703c3bbdf54ae44ee858d64f69e.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2380708.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-116.fra60.r.cloudfront.net
Software
/
Resource Hash
cacf589210d4361a42eed0c4a5ac94db9d22ac0a437db9bcccb8efadc06d71aa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://huntr.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
570539
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 10:13:06 GMT
etag
"730971b89ffa8b99e4157f49a4275594"
last-modified
Wed, 18 Jan 2023 10:12:30 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-cf-id
MahActW0TfTQktX8r6_JhNbfOoOKibfVLjpvNRWPr-SqsfK5KTw82A==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
widget
app.chatwoot.com/ Frame DF63 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/widget?website_token=puTnMCiAd9DHeNuoWk2mzm6X
Requested by
Host: app.chatwoot.com
URL: https://app.chatwoot.com/packs/js/sdk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
a753277dacf794df86fdbfa275b943595d5de318d6051927ccad552c703c632a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://huntr.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Wed, 25 Jan 2023 00:42:05 GMT
Etag
W/"a753277dacf794df86fdbfa275b94359"
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
931f5c2e-2388-4393-9942-eb387153f45b
X-Runtime
0.061011
X-Xss-Protection
1; mode=block
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://huntr.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age
172800
content-length
0
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
TRIYdFeDg1kkUemcYwfHnAfY9SKoUiC1TCOaSmTz_QkCSzBB-1qmvw==
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
22f048ae-9780-400c-8861-792504263929
x-cache
Miss from cloudfront
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://huntr.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age
172800
content-length
0
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
tCzu_gcG14Z23BHcgtMKGSfIR1vBcEi1BRArqz7W9IkJRfvH7Gzghg==
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
ba4212d3-89e4-48f8-8d70-7a0599061150
x-cache
Miss from cloudfront
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://huntr.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age
172800
content-length
0
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
dUnsa55E3znrTvXIw8KNx2cmHAtnXZs8NS6FH5Yajm9A4SvoW6rttA==
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
92c316b8-adb0-4e5a-88a3-dc3363342262
x-cache
Miss from cloudfront
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://huntr.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age
172800
content-length
0
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
wAf-6-tjsssloy6iyhKPMY4Cy6_GI7CYajeQpCPqfvHp6I2OLENujQ==
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
c608eb81-451d-4d60-b9cd-31f120f96ef0
x-cache
Miss from cloudfront
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ 		196 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash
f5e35686236d0f9e4504e46b3ea76792742c325c72782fec159573474f8e4ab3

Request headers

accept
*/*
Referer
https://huntr.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
x-api-key
da2-fql7xoajcng6pilmew4lfbi6ga
content-type
application/json

Response headers

x-amzn-appsync-tokensconsumed
2
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
29b1711c-79a6-41fa-ac93-8fbd802a8fed
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
content-length
196
x-amz-cf-id
KVpg-O0LpASHKR0cJF9-xyr5hCtGg4EZJrMebJJjHKD7kB0zA-mN4g==
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ 		8 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash
c0e26594811939eaa3434c887bcd3ea2738aea3b86d15c3c972bb79779124b1f

Request headers

accept
*/*
Referer
https://huntr.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
x-api-key
da2-fql7xoajcng6pilmew4lfbi6ga
content-type
application/json

Response headers

x-amzn-appsync-tokensconsumed
4
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
7d204a1b-ba6e-4366-997d-ed460ea66454
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
content-length
8010
x-amz-cf-id
FwNJIgicoS7UbpLzgIlbKD3fLkmMQJqnOLu_Zq_cejBQEJa27cblBQ==
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ 		550 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash
c7f801b39995504360838f5bfa7e0b494e1380c386df7d43943536ebeaf15f64

Request headers

accept
*/*
Referer
https://huntr.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
x-api-key
da2-fql7xoajcng6pilmew4lfbi6ga
content-type
application/json

Response headers

x-amzn-appsync-tokensconsumed
1
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
a28ec651-1842-4831-8ec6-aac06dfb488f
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
content-length
550
x-amz-cf-id
dVOXLg42PfjwUltpI5MZSmPGJEodC30aNoltjaF_PrgY2uagST36Kg==
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash
c3810816c7a258b68843c16f2a38ca900b1c6a661b0f8fc145630c8cc8aa5dbf

Request headers

accept
*/*
Referer
https://huntr.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
x-api-key
da2-fql7xoajcng6pilmew4lfbi6ga
content-type
application/json

Response headers

x-amzn-appsync-tokensconsumed
1
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
b9878397-fed9-460a-bc58-d6ba3716bb1d
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
content-length
3158
x-amz-cf-id
gnEnfq8yrq8DVIjvrQ-mUOCcPJVftKiwWYRQIB2zWOv9rVJ1ut1WoA==
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ 		31 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash
917a1a36e4df34776ab68224439190e342ac6cb9b3697d51606a6b8c7d9271f6

Request headers

accept
*/*
Referer
https://huntr.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
x-api-key
da2-fql7xoajcng6pilmew4lfbi6ga
content-type
application/json

Response headers

x-amzn-appsync-tokensconsumed
16
date
Wed, 25 Jan 2023 00:42:07 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
ec18730a-e704-4c60-b3f4-2e59706aa6cf
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
content-length
31
x-amz-cf-id
nDu12xGuTVSZmXImJ5ojhf_zpRmjLNYXhNjN_5tpMR97uKkfmvnL7w==
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://huntr.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age
172800
content-length
0
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
6GvJWqnpbU-4Cotf0fHsd6mbrbSJJwYSFJKw8Nu4mM4tUgQkfGsLGg==
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
110f5569-1049-4bfd-a4a6-dd5edd07c6c0
x-cache
Miss from cloudfront
Metropolis-Regular.67a1988.otf
huntr.dev/_nuxt/fonts/ 		23 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/fonts/Metropolis-Regular.67a1988.otf
Requested by
Host: huntr.dev
URL: https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f8992eb58eeced41efea7076be4d468ac678f9778420438fab4a3358aa2b462
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Origin
https://huntr.dev
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"f7b5e589f88206b4bd5cb1408c5362e6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
font/otf
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
mPhwmsQGIyQho7C5Dxdj9MlqAeEpBZU4uhUcL5va6w6YeVY9RA4Jpg==
115a5e1.js
huntr.dev/_nuxt/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/115a5e1.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adcb9f19c870809c26413c8e4c8586abd23edceaea94c43d70ce6c08290d4b35
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"37f96a6920493724aa23237699cd1162"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
FjiOoYlxNmMaKS_AdZZRKtPyjVulxsdmkmaUwmxdQ0RXzLGxWXmtQA==
widget-988087a63814a6f3f97f.js
d3tq67kexc2w2i.cloudfront.net/packs/js/ Frame DF63 		692 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-988087a63814a6f3f97f.js
Requested by
Host: app.chatwoot.com
URL: https://app.chatwoot.com/widget?website_token=puTnMCiAd9DHeNuoWk2mzm6X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9600:7:dce7:b680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
4764f12e7c7f47de7502035205b559d400ed4738f115719094bfa0165e037206
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.chatwoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 08:02:14 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 24 Jan 2023 07:56:15 GMT
server
Cowboy
x-amz-cf-pop
FRA53-C1
age
59991
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31556952
content-length
194694
x-amz-cf-id
I-H37gYLC8-tvi1SEmHUItY_sbDIPcxe1QXUBinfkh4fMWAWhtkokQ==
widget-b18e24a1.css
d3tq67kexc2w2i.cloudfront.net/packs/css/ Frame DF63 		114 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3tq67kexc2w2i.cloudfront.net/packs/css/widget-b18e24a1.css
Requested by
Host: app.chatwoot.com
URL: https://app.chatwoot.com/widget?website_token=puTnMCiAd9DHeNuoWk2mzm6X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9600:7:dce7:b680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
366ee2bd48f5356ddcfe38aa922933bc895a12ff1b8adeccd871ebcb7dca7f6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.chatwoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 08:02:27 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 24 Jan 2023 07:56:15 GMT
server
Cowboy
x-amz-cf-pop
FRA53-C1
age
59979
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31556952
content-length
16511
x-amz-cf-id
RDHmVItj8sOnOl7iTmoVixsIAIJMlkG4LJIzeLOeMTnKXklILJHQGw==
24-1f097d15.chunk.css
d3tq67kexc2w2i.cloudfront.net/packs/css/ Frame DF63 		1 KB
904 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3tq67kexc2w2i.cloudfront.net/packs/css/24-1f097d15.chunk.css
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-988087a63814a6f3f97f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9600:7:dce7:b680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
b6ab533881a858227c19cb2e27a8740ab16b3688620636970f306cb1bbe3c8c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.chatwoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 08:02:22 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 24 Jan 2023 07:56:15 GMT
server
Cowboy
x-amz-cf-pop
FRA53-C1
age
59983
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31556952
content-length
512
x-amz-cf-id
DgGHhIWcgVOxvwuNGTjeDAJKfb6-hbazE053CDEytc4U-jXJ8V7kNQ==
24-926aee3f3b0f438a2023.chunk.js
d3tq67kexc2w2i.cloudfront.net/packs/js/ Frame DF63 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3tq67kexc2w2i.cloudfront.net/packs/js/24-926aee3f3b0f438a2023.chunk.js
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-988087a63814a6f3f97f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:9600:7:dce7:b680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
9d0c11e436e6438313590f8cceb1dbb9a9c50e85c3c4f0c4d0ae27d4688c8321
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.chatwoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 08:02:35 GMT
content-encoding
gzip
via
1.1 vegur, 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Tue, 24 Jan 2023 07:56:15 GMT
server
Cowboy
x-amz-cf-pop
FRA53-C1
age
59970
vary
Accept-Encoding,Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=31556952
content-length
3986
x-amz-cf-id
05NKNW2aR9gVfkCnOb-Xpz-pJ11VTRSgfi58cRQqeKdf-26dAc1-mA==
conversations
app.chatwoot.com/api/v1/widget/ Frame DF63 		2 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/api/v1/widget/conversations?website_token=puTnMCiAd9DHeNuoWk2mzm6X
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-988087a63814a6f3f97f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.chatwoot.com/widget?website_token=puTnMCiAd9DHeNuoWk2mzm6X
X-Auth-Token
eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiJkNDI2NjYzNi05NThjLTQwNTktYWY2OS0xMjc2MTBhZTRmYjMiLCJpbmJveF9pZCI6MTQxMn0.PiJN8PVCOSU_iu12nzvD93iekvzNGEUAIJ74TgJIIOs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 00:42:05 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Via
1.1 vegur
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
f73cd2d6-8b5b-47e2-9bb1-086c3b426f97
X-Runtime
0.028699
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"44136fa355b3678a1146ad16f7e8649e"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
messages
app.chatwoot.com/api/v1/widget/ Frame DF63 		14 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/api/v1/widget/messages?website_token=puTnMCiAd9DHeNuoWk2mzm6X
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-988087a63814a6f3f97f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.chatwoot.com/widget?website_token=puTnMCiAd9DHeNuoWk2mzm6X
X-Auth-Token
eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiJkNDI2NjYzNi05NThjLTQwNTktYWY2OS0xMjc2MTBhZTRmYjMiLCJpbmJveF9pZCI6MTQxMn0.PiJN8PVCOSU_iu12nzvD93iekvzNGEUAIJ74TgJIIOs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 00:42:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Via
1.1 vegur
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
61efbf3e-9943-4633-b2d9-60c665fadb2d
X-Runtime
0.050244
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"258153158e38e3291e3d48162225fcdb"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
inbox_members
app.chatwoot.com/api/v1/widget/ Frame DF63 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/api/v1/widget/inbox_members?website_token=puTnMCiAd9DHeNuoWk2mzm6X
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-988087a63814a6f3f97f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
539f3907b1df190e365f7fb14702edf6b43cc1c253e5b768f884951c6801c992
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.chatwoot.com/widget?website_token=puTnMCiAd9DHeNuoWk2mzm6X
X-Auth-Token
eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiJkNDI2NjYzNi05NThjLTQwNTktYWY2OS0xMjc2MTBhZTRmYjMiLCJpbmJveF9pZCI6MTQxMn0.PiJN8PVCOSU_iu12nzvD93iekvzNGEUAIJ74TgJIIOs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 00:42:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Via
1.1 vegur
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
640e0513-081b-429c-8943-3105fcc5667a
X-Runtime
0.045089
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"539f3907b1df190e365f7fb14702edf6"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
contact
app.chatwoot.com/api/v1/widget/ Frame DF63 		93 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/api/v1/widget/contact?website_token=puTnMCiAd9DHeNuoWk2mzm6X
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-988087a63814a6f3f97f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
6a2ff5a8c3cdb3c93e20f03c2729ea0f84fc23d556b685292addb3d571101a39
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.chatwoot.com/widget?website_token=puTnMCiAd9DHeNuoWk2mzm6X
X-Auth-Token
eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiJkNDI2NjYzNi05NThjLTQwNTktYWY2OS0xMjc2MTBhZTRmYjMiLCJpbmJveF9pZCI6MTQxMn0.PiJN8PVCOSU_iu12nzvD93iekvzNGEUAIJ74TgJIIOs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 00:42:05 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Via
1.1 vegur
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
5acf2cff-bcf4-4111-a2c9-e0e559d9b59e
X-Runtime
0.022333
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"6a2ff5a8c3cdb3c93e20f03c2729ea0f"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
campaigns
app.chatwoot.com/api/v1/widget/ Frame DF63 		2 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.chatwoot.com/api/v1/widget/campaigns?website_token=puTnMCiAd9DHeNuoWk2mzm6X
Requested by
Host: d3tq67kexc2w2i.cloudfront.net
URL: https://d3tq67kexc2w2i.cloudfront.net/packs/js/widget-988087a63814a6f3f97f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.chatwoot.com/widget?website_token=puTnMCiAd9DHeNuoWk2mzm6X
X-Auth-Token
eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiJkNDI2NjYzNi05NThjLTQwNTktYWY2OS0xMjc2MTBhZTRmYjMiLCJpbmJveF9pZCI6MTQxMn0.PiJN8PVCOSU_iu12nzvD93iekvzNGEUAIJ74TgJIIOs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 00:42:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Via
1.1 vegur
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
deb5d576-ffc5-4439-a279-dfa472e39ab8
X-Runtime
0.016779
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
Etag
W/"4f53cda18c2baa0c0354bb5f9a3ecbe5"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ 		26 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash
6fa6da6f05f56f48f876b2fe7504dc0e89cd6ae5d6874bcc83c85b1e14778a01

Request headers

accept
*/*
Referer
https://huntr.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
x-api-key
da2-fql7xoajcng6pilmew4lfbi6ga
content-type
application/json

Response headers

x-amzn-appsync-tokensconsumed
1
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
f2814e8a-64e9-496b-a035-7077f40fccf2
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
content-length
26
x-amz-cf-id
Zjp9SWF0mgHBBJ2w69s3xjWypw0jZJBqvBhIF9vgiToqtSkbU4cXfg==
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://huntr.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age
172800
content-length
0
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
32BgQW1Fk62iJVH77PWl17frPWlLh5t8F8LYT0USjh8t4GvFai8x_g==
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
a60baaa6-040b-438c-8da5-5b3ce8e5a62e
x-cache
Miss from cloudfront
111242479
avatars.githubusercontent.com/u/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.githubusercontent.com/u/111242479?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
81463bf2419029fb0cef6af71377ede0c7d59abbb137175f442f2098791a8a37
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-fastly-request-id
3e699461d214753bd623a36ead49e05bd00bcb0f
content-security-policy
default-src 'none'
strict-transport-security
max-age=31557600
x-content-type-options
nosniff
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 varnish
x-cache-hits
0
x-cache
MISS
content-length
1554
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220036-HHN
last-modified
Sun, 16 Dec 2012 10:53:01 GMT
x-github-request-id
1DDC:501C:A663D6:DDDF19:63D07ADE
x-timer
S1674607326.378251,VS0,VE99
etag
"81463bf2419029fb0cef6af71377ede0c7d59abbb137175f442f2098791a8a37"
source-age
0
x-frame-options
deny
vary
Authorization,Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
timing-allow-origin
https://github.com
expires
Wed, 25 Jan 2023 00:47:06 GMT
58fc1bb.js
huntr.dev/_nuxt/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntr.dev/_nuxt/58fc1bb.js
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/47d093f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:6200:14:bb32:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d6192a81436c4a5de2049e959595475e51439368fdea79df694ef20246e5c11
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 00:42:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://heapanalytics.com; connect-src 'self' https://cdn.segment.com https://*.ingest.sentry.io https://*.hotjar.com https://*.hotjar.io https://*.huntr.dev https://*.appsync-api.eu-west-1.amazonaws.com https://api.github.com https://api.bloggify.net https://heapanalytics.com https://api.segment.io wss://*.hotjar.com https://app.posthog.com https://app.chatwoot.com; script-src 'self' 'unsafe-inline' https://browser.sentry-cdn.com https://cdn.heapanalytics.com https://heapanalytics.com https://*.hotjar.com https://app.chatwoot.com https://cdn.segment.com; font-src 'self' data: https://fonts.gstatic.com; child-src blob: https://www.youtube.com https://app.chatwoot.com https://vars.hotjar.com https://www.podbean.com;
content-encoding
gzip
via
1.1 61bfa9dc3dc260c1f6ca617cfc7e065a.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Mon, 09 Jan 2023 18:43:41 GMT
server
AmazonS3
etag
W/"027d6eea97f36bfe12f54f8421a133ac"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=600
x-amz-cf-id
O1MHLWWA2fL-QFV8yzz5YvTKWY47MmI6yAcjNzgXV4NJGZkP7FJfxg==
6431515
avatars.githubusercontent.com/u/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.githubusercontent.com/u/6431515?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ced752a044b5c094e9db5bf8b504b790e985b1bf09542be0fcf39bd4d0dce745
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-fastly-request-id
9ee0b6ef615dc6177a459598db718b1c96d9026e
content-security-policy
default-src 'none'
strict-transport-security
max-age=31557600
x-content-type-options
nosniff
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 varnish
x-cache-hits
1
x-cache
HIT
content-length
17147
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220036-HHN
last-modified
Tue, 03 Feb 2015 13:37:17 GMT
x-github-request-id
2936:58FE:D7A1DF:11EF8C2:63C5F2F4
x-timer
S1674607327.579744,VS0,VE1
etag
"95a89ba0af76830574c5452008b9f75f4a3b375c0fc968eb31f5f03c40c9843e"
source-age
690154
x-frame-options
deny
vary
Authorization,Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
timing-allow-origin
https://github.com
expires
Wed, 25 Jan 2023 00:47:06 GMT
57496d59bd65461658f8699a5f17b76e76ea0b02ffb71890c8dbfe4064ba7e6e
prod-chatwoot-assets.s3.amazonaws.com/variants/2ll67w41cg1ugvvjj7lvmhtlw499/ Frame DF63
Redirect Chain
  • https://app.chatwoot.com/rails/active_storage/representations/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBeWplRVE9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--6cb91ac7b4e48808e78a8d6ff61c52a99da0...
  • https://prod-chatwoot-assets.s3.amazonaws.com/variants/2ll67w41cg1ugvvjj7lvmhtlw499/57496d59bd65461658f8699a5f17b76e76ea0b02ffb71890c8dbfe4064ba7e6e?response-content-disposition=inline%3B%20filenam...
18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-chatwoot-assets.s3.amazonaws.com/variants/2ll67w41cg1ugvvjj7lvmhtlw499/57496d59bd65461658f8699a5f17b76e76ea0b02ffb71890c8dbfe4064ba7e6e?response-content-disposition=inline%3B%20filename%3D%22New%20Project%20%252816%2529.png%22%3B%20filename%2A%3DUTF-8%27%27New%2520Project%2520%252816%2529.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAX7PDOLKIAFKYEREY%2F20230125%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230125T004206Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=0d00f33bb4c4a6864178fea49280d9f32eb00994d5a604ced81b051da655f0a3
Protocol
HTTP/1.1
Server
52.216.222.33 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e17900682004a70680ef07bcf114ef26e6cb94853892133a869e89e110b40a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.chatwoot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 00:42:08 GMT
Last-Modified
Wed, 30 Mar 2022 16:04:43 GMT
Server
AmazonS3
x-amz-request-id
52DQEE5WX3XMHVPP
ETag
"46905dbd95a052f59e14b7dec8b50a6a"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Content-Disposition
inline; filename="New Project %2816%29.png"; filename*=UTF-8''New%20Project%20%2816%29.png
Accept-Ranges
bytes
Content-Length
18903
x-amz-id-2
TUIh21YgU+22GkZua2BC/iOMeiICtEW92Jt96NhROwD8QeUKpWCk+3MjMo/bP7wkzIqvvm8xoYc=

Redirect headers

Date
Wed, 25 Jan 2023 00:42:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Via
1.1 vegur
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-Id
1d723948-4714-4814-a2a3-ea76a2a5b73e
X-Runtime
0.059042
Referrer-Policy
strict-origin-when-cross-origin
Server
Cowboy
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=utf-8
Location
https://prod-chatwoot-assets.s3.amazonaws.com/variants/2ll67w41cg1ugvvjj7lvmhtlw499/57496d59bd65461658f8699a5f17b76e76ea0b02ffb71890c8dbfe4064ba7e6e?response-content-disposition=inline%3B%20filename%3D%22New%20Project%20%252816%2529.png%22%3B%20filename%2A%3DUTF-8%27%27New%2520Project%2520%252816%2529.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAX7PDOLKIAFKYEREY%2F20230125%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20230125T004206Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=0d00f33bb4c4a6864178fea49280d9f32eb00994d5a604ced81b051da655f0a3
Cache-Control
max-age=300, private
logo_thumbnail.svg
app.chatwoot.com/brand-assets/ Frame DF63 		916 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.chatwoot.com/brand-assets/logo_thumbnail.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-133-81.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
9c1bb7bba73eaf75e949795556bc7e66ce7ff3fec6f65797271c7cfe1a305f6f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.chatwoot.com/widget?website_token=puTnMCiAd9DHeNuoWk2mzm6X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 25 Jan 2023 00:42:06 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Via
1.1 vegur
Last-Modified
Tue, 24 Jan 2023 07:36:50 GMT
Server
Cowboy
Content-Type
image/svg+xml
Cache-Control
public, max-age=31556952
Connection
keep-alive
Content-Length
916
6431515
avatars.githubusercontent.com/u/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.githubusercontent.com/u/6431515?v=4
Requested by
Host: huntr.dev
URL: https://huntr.dev/_nuxt/1d4ee68.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ced752a044b5c094e9db5bf8b504b790e985b1bf09542be0fcf39bd4d0dce745
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://huntr.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-fastly-request-id
1541c984ca85fb6d9c5b3d25dbde22d8da032b3d
content-security-policy
default-src 'none'
strict-transport-security
max-age=31557600
x-content-type-options
nosniff
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 varnish
x-cache-hits
2
x-cache
HIT
content-length
17147
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220036-HHN
last-modified
Tue, 03 Feb 2015 13:37:17 GMT
x-github-request-id
2936:58FE:D7A1DF:11EF8C2:63C5F2F4
x-timer
S1674607327.624703,VS0,VE0
etag
"95a89ba0af76830574c5452008b9f75f4a3b375c0fc968eb31f5f03c40c9843e"
source-age
690154
x-frame-options
deny
vary
Authorization,Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
timing-allow-origin
https://github.com
expires
Wed, 25 Jan 2023 00:47:06 GMT
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ 		26 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash
6fa6da6f05f56f48f876b2fe7504dc0e89cd6ae5d6874bcc83c85b1e14778a01

Request headers

accept
*/*
Referer
https://huntr.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
x-api-key
da2-fql7xoajcng6pilmew4lfbi6ga
content-type
application/json

Response headers

x-amzn-appsync-tokensconsumed
1
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
98e48b3a-0d79-4b1d-9e04-70c01fc8dd5d
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
content-length
26
x-amz-cf-id
QEeKvW2qTqBxjx1fkvcSPEQipFnpVVQ_RiozmyE0CJYaY-NH_VrbfA==
graphql
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-5.fra6.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://huntr.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-api-key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-user-agent,x-amzn-ErrorMessage,Date,x-amz-schema-version
access-control-max-age
172800
content-length
0
date
Wed, 25 Jan 2023 00:42:06 GMT
via
1.1 2f0580a0593ad9d3fb82aee9226d8178.cloudfront.net (CloudFront)
x-amz-cf-id
gefWF9Z-wattbgcUGab2oWEJ23kiKdf6kFS9b-jh_jvXFzXCrbc5MA==
x-amz-cf-pop
FRA6-C1
x-amzn-requestid
9960e039-e22a-40d0-89f1-e261705cc9ed
x-cache
Miss from cloudfront
/
app.posthog.com/e/ 		13 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/e/?compression=gzip-js&ip=1&_=1674607328313
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.168.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-168-220.compute-1.amazonaws.com
Software
/
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://huntr.dev/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Jan 2023 00:42:08 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://huntr.dev
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| FontAwesomeConfig object| ___FONT_AWESOME___ function| MarkdownHeaderButtonElement function| MarkdownBoldButtonElement function| MarkdownItalicButtonElement function| MarkdownQuoteButtonElement function| MarkdownCodeButtonElement function| MarkdownLinkButtonElement function| MarkdownImageButtonElement function| MarkdownUnorderedListButtonElement function| MarkdownOrderedListButtonElement function| MarkdownTaskListButtonElement function| MarkdownMentionButtonElement function| MarkdownRefButtonElement function| MarkdownStrikethroughButtonElement function| MarkdownToolbarElement function| __NUXT_JSONP__ object| __NUXT_JSONP_CACHE__ function| __NUXT_IMPORT__ function| Cvss function| _ object| analytics object| chatwootSettings object| $nuxt object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| hotjarDeps function| hotjarLoader object| sentryDeps function| sentryLoader object| webpackJsonp_name_Integration function| hotjarIntegration object| _hjSelf function| hj object| _hjSettings function| sentryIntegration object| Sentry object| __SENTRY__ object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| chatwootSDK object| $chatwoot function| playAudioAlert

9 Cookies

Domain/Path Name / Value
huntr.dev/ Name: auth.strategy
Value: cognito
.huntr.dev/ Name: ajs_anonymous_id
Value: e876e560-30db-4871-a0fc-7e84a57b5b5a
.huntr.dev/ Name: ph_phc_GS5LnADH5vBtmEMYnjEZbSH4DVSNMemzgYiuyGyUZz9_posthog
Value: %7B%22distinct_id%22%3A%22185e65ff07387a-03ad214bff8ad3-13363b7c-1d4c00-185e65ff074105a%22%2C%22%24device_id%22%3A%22185e65ff07387a-03ad214bff8ad3-13363b7c-1d4c00-185e65ff074105a%22%2C%22%24initial_referrer%22%3A%22%24direct%22%2C%22%24initial_referring_domain%22%3A%22%24direct%22%2C%22%24referrer%22%3A%22%24direct%22%2C%22%24referring_domain%22%3A%22%24direct%22%2C%22%24sesid%22%3A%5B1674607325308%2C%22185e65ff07c297-056c87dd6265bd-13363b7c-1d4c00-185e65ff07d11a2%22%5D%2C%22%24session_recording_enabled%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%7D
.huntr.dev/ Name: _hjSessionUser_2380708
Value: eyJpZCI6IjAzYWY1ZDAxLWYxMWEtNTE3Zi05YjAzLTcxOTlhZjFlOThkYiIsImNyZWF0ZWQiOjE2NzQ2MDczMjU3MjgsImV4aXN0aW5nIjpmYWxzZX0=
.huntr.dev/ Name: _hjFirstSeen
Value: 1
huntr.dev/ Name: _hjIncludedInSessionSample
Value: 0
.huntr.dev/ Name: _hjSession_2380708
Value: eyJpZCI6ImMyY2VhZThkLTkwNjUtNDhlNC05ZDdkLWY0MDZkYmZjZTUxZiIsImNyZWF0ZWQiOjE2NzQ2MDczMjU3NTcsImluU2FtcGxlIjpmYWxzZX0=
.huntr.dev/ Name: _hjAbsoluteSessionInProgress
Value: 0
huntr.dev/ Name: cw_conversation
Value: eyJhbGciOiJIUzI1NiJ9.eyJzb3VyY2VfaWQiOiJkNDI2NjYzNi05NThjLTQwNTktYWY2OS0xMjc2MTBhZTRmYjMiLCJpbmJveF9pZCI6MTQxMn0.PiJN8PVCOSU_iu12nzvD93iekvzNGEUAIJ74TgJIIOs

1 Console Messages

Source Level URL
Text
network error URL: https://huntr.dev/bounties/583133af-7ae6-4a21-beef-a4b0182cf82e/
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
app.chatwoot.com
app.posthog.com
avatars.githubusercontent.com
browser.sentry-cdn.com
cdn.segment.com
d3tq67kexc2w2i.cloudfront.net
huntr.dev
mnk2smepzzdp5djxpbthzr6odq.appsync-api.eu-west-1.amazonaws.com
prod-chatwoot-assets.s3.amazonaws.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
13.224.192.183
13.249.9.41
13.32.27.21
18.66.147.116
2600:9000:211a:6200:14:bb32:5f00:93a1
2600:9000:214f:9600:7:dce7:b680:21
2606:50c0:8002::154
2a04:4e42:400::729
3.230.168.220
52.216.222.33
52.36.153.191
54.237.133.81
99.86.4.5
05cee74e08992e6f58bc28d43ff042c5def119ba66ca7601cdb4b3efce53625f
077cdab15161232a9ba7124d2ddd7a9425145750788e9a966c156cc66274f525
0b2d5459d042fcb31fd94f5ffcba83cdfc477e50d7f8705e36c6cf410426fb38
0c796cd2178da32b5c1dec2054a1abb5be5f48d826e0e8dc01fc60e4b74bedf6
0da065d858979f2a894cc0fec20d885d949252ba1022d153f8363088848a69da
10b631396fbe1f84cecffdc5dc60c14c20ac75aaabc3be086047bbb8573603e2
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1a37031e6a0feef007ad05ef938452805b8c01fd6a3e3388e62a951c65796df7
1aab3c7efa1174866dc81b505ba5bc940bec1200e2b11758484cce9cf8f2cd43
1c7701ac7e9a124ca0c629310b75ddb17853f3b4f0e8eff8fe936aaf0418560a
1cc0864ec8a54bf64fb3e01c8528379b20cb726ad8f4e034331d88b194ab2390
1ef90aaa45179ae37fb65591377180eb48040ccbd6b3e36fa1a5497544c712de
21bc8c4d3fb08edcd7d9b2c96a67a831c0c2df78b6474a008747a5bee07f86c0
258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57
2bb5f2cb4977648049b57d0ad6fd50c0a614dd7fe5141010a5f696cf82110e4b
2fda5f52e7e399c69f8079b4bff344c255cb80a11accac53b79738896d2a641c
366ee2bd48f5356ddcfe38aa922933bc895a12ff1b8adeccd871ebcb7dca7f6d
421f26b23e2be6b98373d32acd3cb2897b154d4bf0a77d26534ce476e4cbed53
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4764f12e7c7f47de7502035205b559d400ed4738f115719094bfa0165e037206
49bd253d01e5010a90042708e1a92c1763b3282a1cf80833038f6d7d4ecae770
4d03a36e65d82b4bd6469004dcefaf5c19e990fa2fd9662a3cfdbac2d17b0448
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5318d15be0ffc7b9a01306e195f0308fc8d1a3250e2f451d0370ee56da6f7d5c
539f3907b1df190e365f7fb14702edf6b43cc1c253e5b768f884951c6801c992
55bd74b3c7c7167fe128eacf44052c3f943ac5b2748e07869ef5dfc6c424e69c
5d6192a81436c4a5de2049e959595475e51439368fdea79df694ef20246e5c11
6619ef277249ca9230cbc0315da9b41caa9f15996d143f7d1a77d52d901ce269
6a2ff5a8c3cdb3c93e20f03c2729ea0f84fc23d556b685292addb3d571101a39
6e6f2337de072d2411ac7e6ba6e07394b59ac3461300b455fb1a0b597224d219
6f8992eb58eeced41efea7076be4d468ac678f9778420438fab4a3358aa2b462
6fa6da6f05f56f48f876b2fe7504dc0e89cd6ae5d6874bcc83c85b1e14778a01
7291a5aa447f8204ee87c00e0858a634a42fdfd069800723df869ce8c4b2bad4
75457b054e6e1e89f10dda4b777d5676404acaa1541618f03d4ed055a3857e05
78a22e968841df97d2a8f5f6150f98a563a711e6d4097962719837c18320f3b1
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
7e7056490a6aa47842422c016c7990d2621f7efb96114ba073809ca7ef306489
7eaced6d29ad8d3a5ff3d9e3fab5954a5e0151f96ef3414b11c51a146de2338e
81463bf2419029fb0cef6af71377ede0c7d59abbb137175f442f2098791a8a37
827800680fa89a9e7361fa540081e6542a18efa2a7ffd8add5de06ad0f73cf89
87148e3b1c176f254a9327fcd50b8007118d8cc699f12fb163c6ee89388ab056
891f49cc40881692a5acc981a1c0fd856e8ce78838acaa1001ff0ad74d5ae281
908f3baf7f7be6cd2a61b20b70bf20ccd4cf7cb421d3936d0b49d5047ccd6d93
917a1a36e4df34776ab68224439190e342ac6cb9b3697d51606a6b8c7d9271f6
93a1f3263e3c883f998ff8f4a3fd8afc3066f33daf90248b89e2bb01cd2003f7
94ba145bdb5489f3ca0a82579fc65adc7b2386719e2a80d914792598ef464f0e
9a279a8cfe3eb891b1a7a5458606ae20be74304c60e05b985f3bea0f6815e96b
9c1bb7bba73eaf75e949795556bc7e66ce7ff3fec6f65797271c7cfe1a305f6f
9d0c11e436e6438313590f8cceb1dbb9a9c50e85c3c4f0c4d0ae27d4688c8321
9de1041297927941b9c0d2104c967e3a17544dc79c5c9d49d3500af6397a9f7f
a69ebf9d3758c59b6ad01b94915c8a48b5ec9b665360df30642da9cb6ccb1702
a753277dacf794df86fdbfa275b943595d5de318d6051927ccad552c703c632a
adcb9f19c870809c26413c8e4c8586abd23edceaea94c43d70ce6c08290d4b35
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b6ab533881a858227c19cb2e27a8740ab16b3688620636970f306cb1bbe3c8c3
bb918e4772434c8678a69a4d9c1683e0ccf4bc2498f5240d1465b8287d2387cb
c0e26594811939eaa3434c887bcd3ea2738aea3b86d15c3c972bb79779124b1f
c15d07f9d87fea851ff9306ff597b442e7ca8f6b306acaf6fe753ed259decee4
c3810816c7a258b68843c16f2a38ca900b1c6a661b0f8fc145630c8cc8aa5dbf
c5ef42cc9d816b7450985d9dbf4b4c975116a40dfe01b7d461f034c6fa6ae9e6
c7f801b39995504360838f5bfa7e0b494e1380c386df7d43943536ebeaf15f64
cacf589210d4361a42eed0c4a5ac94db9d22ac0a437db9bcccb8efadc06d71aa
ced752a044b5c094e9db5bf8b504b790e985b1bf09542be0fcf39bd4d0dce745
df7faafe95e348d6c9ec91a7c4cb616e482a363f082efc683244599aed20ceca
e14567b6b937e98681aed9d48f39148db6e68aa4ecb2629258d8c833f5fad296
e17900682004a70680ef07bcf114ef26e6cb94853892133a869e89e110b40a53
e39e46684de1d904f143b7e5598c153b851a70188e0d720cc5c288a447dffcaa
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
f3f358e1f5ac676b17fa1868e8aa2670f7ac176d91594391e73fe359c4a1be1a
f5e35686236d0f9e4504e46b3ea76792742c325c72782fec159573474f8e4ab3
f7d23d5f64780fefc599dd4d012a5a4ceb5f7ff6af738ce820d47468481d78ec
fb711b4aea63c35577beb5a192268acce04e9a396497d4ef4fb523e0c1f2cfcc
fcb23a9a90f5baafeb42d59ee6826fd291451f9fb1ce7f76c2cc137bb2da6d19