urlscan.io logo urlscan.io
SecurityTrails logo

app.espresa.com Open in urlscan Pro
54.244.35.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://espresa.app.link/?loginid=waldhs1%40nationwide.com&group_id=190&action=cem-erg-group-preview
Effective URL: https://app.espresa.com/portal/
Submission: On January 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 106 HTTP transactions. The main IP is 54.244.35.201, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is app.espresa.com. The Cisco Umbrella rank of the primary domain is 554764.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 22nd 2023. Valid for: a year.
This is the only time app.espresa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2600:9000:25a2:1a00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
espresa.app.link
6    54.244.35.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-35-201.us-west-2.compute.amazonaws.com
app.espresa.com
75    18.165.183.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-19.zrh55.r.cloudfront.net
cdn.prod.espresa.com
1    52.222.165.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-165-229.cdg52.r.cloudfront.net
www.datadoghq-browser-agent.com
2    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
1    162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
3    18.165.183.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-38.zrh55.r.cloudfront.net
js.stripe.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
1    151.101.1.81 (United States)

ASN54113 (FASTLY, US)
widgets-sandbox.marqeta.com
1    18.165.183.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-33.zrh55.r.cloudfront.net
cdn.plaid.com
1    18.239.94.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-121.ams1.r.cloudfront.net
static.hotjar.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
1    18.165.183.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-15.zrh55.r.cloudfront.net
script.hotjar.com
4    2600:1f18:24e6:b900:3312:8a39:82c1:5d3c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
1    18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net
vc.hotjar.io
2    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
1    34.213.37.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-37-126.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
81 espresa.com
app.espresa.com — Cisco Umbrella Rank: 554764
cdn.prod.espresa.com — Cisco Umbrella Rank: 644856
2 MB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1227
q.stripe.com — Cisco Umbrella Rank: 7010
m.stripe.com — Cisco Umbrella Rank: 1188
149 KB
4 browser-intake-datadoghq.com
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 1960
1 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1315
16 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 681
script.hotjar.com — Cisco Umbrella Rank: 996
59 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 75
69 KB
2 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4957
22 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2633
259 B
1 googleapis.com
translate.googleapis.com — Cisco Umbrella Rank: 800
209 KB
1 gstatic.com
www.gstatic.com
5 KB
1 plaid.com
cdn.plaid.com — Cisco Umbrella Rank: 14348
43 KB
1 marqeta.com
widgets-sandbox.marqeta.com — Cisco Umbrella Rank: 720088
14 KB
1 google.com
translate.google.com — Cisco Umbrella Rank: 1164
31 KB
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 1876
12 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1454
48 KB
1 app.link
espresa.app.link
774 B
106 16
Domain Requested by
75 cdn.prod.espresa.com app.espresa.com
cdn.prod.espresa.com
www.datadoghq-browser-agent.com
6 app.espresa.com 2 redirects cdn.prod.espresa.com
www.datadoghq-browser-agent.com
4 rum.browser-intake-datadoghq.com www.datadoghq-browser-agent.com
3 q.stripe.com app.espresa.com
3 js.stripe.com app.espresa.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.youtube.com app.espresa.com
www.youtube.com
2 browser.sentry-cdn.com app.espresa.com
1 m.stripe.com m.stripe.network
1 vc.hotjar.io www.datadoghq-browser-agent.com
1 script.hotjar.com static.hotjar.com
1 translate.googleapis.com
1 www.gstatic.com
1 static.hotjar.com app.espresa.com
1 cdn.plaid.com app.espresa.com
1 widgets-sandbox.marqeta.com app.espresa.com
1 translate.google.com app.espresa.com
1 player.vimeo.com app.espresa.com
1 www.datadoghq-browser-agent.com app.espresa.com
1 espresa.app.link 1 redirects
106 20

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.espresa.com
Subject Issuer Validity Valid
*.espresa.com
Amazon RSA 2048 M03		 2023-12-22 -
2025-01-19		 a year crt.sh
espresa.com
Amazon RSA 2048 M03		 2023-11-18 -
2024-12-16		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-12 -
2024-12-14		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-01 -
2024-09-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-01 -
2024-02-29		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-01-02 -
2024-04-04		 3 months crt.sh
widgets-sandbox.marqeta.com
R3		 2023-12-10 -
2024-03-09		 3 months crt.sh
secure.plaid.com
DigiCert EV RSA CA G2		 2023-03-09 -
2024-04-08		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.browser-intake-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-17 -
2024-06-18		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://app.espresa.com/portal/
Frame ID: DA6791429914529A43AFE6F727805914
Requests: 97 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 7D5628EA04D0A4D3FB2B6203AC80E987
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B171452A77A60C1F546E9BC7C0A184DC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Espresa

Page URL History Show full URLs

  1. https://espresa.app.link/?loginid=waldhs1%40nationwide.com&group_id=190&action=cem-erg-group-... HTTP 307
    https://app.espresa.com/branch?loginid=waldhs1%40nationwide.com&amp%3Bgroup_id=190&amp%3Baction=cem-... HTTP 302
    https://app.espresa.com/public_site.public_home HTTP 302
    https://app.espresa.com/portal/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • highcharts.*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

106
Requests

100 %
HTTPS

35 %
IPv6

16
Domains

20
Subdomains

19
IPs

3
Countries

2502 kB
Transfer

9701 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://espresa.app.link/?loginid=waldhs1%40nationwide.com&amp;group_id=190&amp;action=cem-erg-group-preview HTTP 307
    https://app.espresa.com/branch?loginid=waldhs1%40nationwide.com&amp%3Bgroup_id=190&amp%3Baction=cem-erg-group-preview&_branch_match_id=1278494199487887959&_branch_referrer=H4sIAAAAAAAAAy3M2wqFIBBA0a%2BpN7Wol4IIzo8cBh1syMuglr%2FfhV43i72VwnlWCjMnzCCBWToKu1pdtBTILBWc2XLfjF2AQjFUMih19C14boafTfHg%2F%2B36qfsS6MctGr3AZMUrxL0%2FCesFWwXwN3AAAAA%3D HTTP 302
    https://app.espresa.com/public_site.public_home HTTP 302
    https://app.espresa.com/portal/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

106 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.espresa.com/portal/
Redirect Chain
  • https://espresa.app.link/?loginid=waldhs1%40nationwide.com&amp;group_id=190&amp;action=cem-erg-group-preview
  • https://app.espresa.com/branch?loginid=waldhs1%40nationwide.com&amp%3Bgroup_id=190&amp%3Baction=cem-erg-group-preview&_branch_match_id=1278494199487887959&_branch_referrer=H4sIAAAAAAAAAy3M2wqFIBBA0...
  • https://app.espresa.com/public_site.public_home
  • https://app.espresa.com/portal/
19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.35.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-35-201.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
290bae938eed0d4ca021e6af31c5b861e74b5f1d240c74ce21e1e46991634b2b
Security Headers
Name Value
Content-Security-Policy script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com whatfix.com cdn.whatfix.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate.googleapis.com translate-pa.googleapis.com api.lokalise.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com *.smooch.io *.gstatic.com widget-mediator.zopim.com browser.sentry-cdn.com cdn.plaid.com sandbox.plaid.com development.plaid.com 'nonce-HffQdKPNEVdsWjumfRmGRg=='; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com maps.gstatic.com maps.google.com www.googletagmanager.com whatfix.com cdn.whatfix.com js.stripe.com *.hotjar.io *.hotjar.com translate.googleapis.com app.powerbi.com *.qlikcloud.com *.qlik.com *.loom.com *.zdassets.com *.zendesk.com *.smooch.io *.marqeta.com http://widgets-env.marqeta.com/ cdn.plaid.com sandbox.plaid.com development.plaid.com wss://app.espresa.com; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.espresa.com espresa.com ws://*.espresa.com wss://*.espresa.com wss://*.hotjar.com whatfix.com *.ibytedtos.com translate.googleapis.com api.lokalise.com *.us.qlikcloud.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com wss://*.smooch.io csp.withgoogle.com wss://widget-mediator.zopim.com *.browser-intake-datadoghq.com production.plaid.com sandbox.plaid.com development.plaid.com; frame-ancestors http: https: ftp: ftps:; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com www.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; base-uri 'none'; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com translate.googleapis.com www.gstatic.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate, private
content-encoding
gzip
content-language
de
content-length
4261
content-security-policy
script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com whatfix.com cdn.whatfix.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate.googleapis.com translate-pa.googleapis.com api.lokalise.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com *.smooch.io *.gstatic.com widget-mediator.zopim.com browser.sentry-cdn.com cdn.plaid.com sandbox.plaid.com development.plaid.com 'nonce-HffQdKPNEVdsWjumfRmGRg=='; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com maps.gstatic.com maps.google.com www.googletagmanager.com whatfix.com cdn.whatfix.com js.stripe.com *.hotjar.io *.hotjar.com translate.googleapis.com app.powerbi.com *.qlikcloud.com *.qlik.com *.loom.com *.zdassets.com *.zendesk.com *.smooch.io *.marqeta.com http://widgets-env.marqeta.com/ cdn.plaid.com sandbox.plaid.com development.plaid.com wss://app.espresa.com; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.espresa.com espresa.com ws://*.espresa.com wss://*.espresa.com wss://*.hotjar.com whatfix.com *.ibytedtos.com translate.googleapis.com api.lokalise.com *.us.qlikcloud.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com wss://*.smooch.io csp.withgoogle.com wss://widget-mediator.zopim.com *.browser-intake-datadoghq.com production.plaid.com sandbox.plaid.com development.plaid.com; frame-ancestors http: https: ftp: ftps:; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com www.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; base-uri 'none'; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com translate.googleapis.com www.gstatic.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Wed, 24 Jan 2024 00:09:58 GMT
expires
Wed, 24 Jan 2024 00:09:58 GMT
index-hash
87f19e1f66b83bf35fcc1f7cd6fc2367
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Language, Cookie, origin, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

cache-control
max-age=0, no-cache, no-store, must-revalidate, private
content-language
de
content-length
0
content-security-policy
img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com maps.gstatic.com maps.google.com www.googletagmanager.com whatfix.com cdn.whatfix.com js.stripe.com *.hotjar.io *.hotjar.com translate.googleapis.com app.powerbi.com *.qlikcloud.com *.qlik.com *.loom.com *.zdassets.com *.zendesk.com *.smooch.io *.marqeta.com http://widgets-env.marqeta.com/ cdn.plaid.com sandbox.plaid.com development.plaid.com wss://app.espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com whatfix.com cdn.whatfix.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate.googleapis.com translate-pa.googleapis.com api.lokalise.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com *.smooch.io *.gstatic.com widget-mediator.zopim.com browser.sentry-cdn.com cdn.plaid.com sandbox.plaid.com development.plaid.com; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com www.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com translate.googleapis.com www.gstatic.com; object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.espresa.com espresa.com ws://*.espresa.com wss://*.espresa.com wss://*.hotjar.com whatfix.com *.ibytedtos.com translate.googleapis.com api.lokalise.com *.us.qlikcloud.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com wss://*.smooch.io csp.withgoogle.com wss://widget-mediator.zopim.com *.browser-intake-datadoghq.com production.plaid.com sandbox.plaid.com development.plaid.com
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Wed, 24 Jan 2024 00:09:58 GMT
expires
Wed, 24 Jan 2024 00:09:58 GMT
index-hash
87f19e1f66b83bf35fcc1f7cd6fc2367
location
https://app.espresa.com/portal/#/login
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Language, origin, Cookie
x-content-type-options
nosniff
x-frame-options
DENY
fix-blinking.min.css
cdn.prod.espresa.com/static/https://cdn.prod.espresa.com/static/app/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/https://cdn.prod.espresa.com/static/app/fix-blinking.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
fonts.min.css
cdn.prod.espresa.com/static/https://cdn.prod.espresa.com/static/app/assets/fonts/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/https://cdn.prod.espresa.com/static/app/assets/fonts/fonts.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
bootstrap.min.css
cdn.prod.espresa.com/static/bower_components/bootstrap/dist/css/ 		119 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/bootstrap/dist/css/bootstrap.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc6ffe00ea357a0f8ce9d0104243cd52ed4a09e4c4594d27dbe5b44c3af92c4d
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:27 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14133
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:43 GMT
server
AmazonS3
etag
W/"e4144b27ffe4358234ea86d48c68b3af"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
tixhoX3vlMJ20PqP4b8frKM9wJOA6T0Lsy3QDH9r4re-Rdb33EdEHQ==
jquery-ui.min.css
cdn.prod.espresa.com/static/bower_components/jquery-ui/ 		31 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/jquery-ui/jquery-ui.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29bb97518fad77c095e12b38fab4e2d7feaa2f5a4898385a0439dbbef21fbf52
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:27 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14133
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:24 GMT
server
AmazonS3
etag
W/"fc0c010ba36c153bfb2af9c6e6d10148"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
y5K-7SotQVYY-BbzXxLWB00bzoNohY0kAWfyBBNRFkPHI_P2uphNkg==
jquery-ui.structure.min.css
cdn.prod.espresa.com/static/bower_components/jquery-ui/ 		15 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/jquery-ui/jquery-ui.structure.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29f4fbefad4b5ec62b509f075a7fe116e9c6471d331c110b9d17c0ad5ec80436
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:27 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14133
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:24 GMT
server
AmazonS3
etag
W/"5a1d741302fc59c8b298057a5c797bb5"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
oHTYPIUzIAkgglSrMJT_AB0Apwln3InvGEIgPUgjvlEcyDFYhOlpvA==
jquery-ui.theme.min.css
cdn.prod.espresa.com/static/bower_components/jquery-ui/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/jquery-ui/jquery-ui.theme.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8a3498b987a36d13115fc555204f13000a6872b74c84dadcf6d0888f34b36bd
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:24 GMT
server
AmazonS3
etag
W/"f66ec9224db9243a19b18a252c15cbdd"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
owJSQY2veSu-8p5OTFRP98QMRHTcrC5LbkVtFAaIJvXW_xWyFuJtOw==
quill.snow.css
cdn.prod.espresa.com/static/bower_components/quill/dist/ 		65 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/quill/dist/quill.snow.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ec3b0c61c05f634d980caa7b68751a65bf6fcaa03ffe807014782b701a97022
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:27 GMT
server
AmazonS3
etag
W/"b9efd621fd171fb9c056378a7670a5ee"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
SjESuGcHbJSUPJN0uqVR9PZJKdQukVVXb0eb6bf-TtvnDPTT3FzjHw==
datadog-rum.js
www.datadoghq-browser-agent.com/us1/v4/ 		150 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.165.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-165-229.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 00:09:22 GMT
content-encoding
br
via
1.1 8fa6a359afa3b10c460a2c884c6400e8.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:24:57 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
37
x-amz-server-side-encryption
AES256
etag
W/"2630b3d7ad4a41fac67742216e506d83"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
j-UvrljrnQ2nNdoxmCTGB3Gb6klBhNOJ2fzFbg6FPK8DUlSgFgso2g==
font-awesome.min.css
cdn.prod.espresa.com/static/bower_components/fontawesome/css/ 		23 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/fontawesome/css/font-awesome.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:31 GMT
server
AmazonS3
etag
W/"04425bbdc6243fc6e54bf8984fe50330"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
kmzY_DXFjP9lKCL4VmCBkKznJHNID0-M_oBlHtVDWRiw_Kezib2ImA==
fullcalendar.min.css
cdn.prod.espresa.com/static/bower_components/fullcalendar/dist/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/fullcalendar/dist/fullcalendar.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93f5c7d2340d52a0817cd821cdf0fb03bd9336f142b6921187df087bd5ef302d
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:47 GMT
server
AmazonS3
etag
W/"a3f5a337345c6d440d8a6aeac931afdb"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
uhLfXTTJSWrBA1CiaguU6DDxDKy10vg_JijLRmlbsCmqeKhm1ulElA==
scheduler.min.css
cdn.prod.espresa.com/static/bower_components/fullcalendar-scheduler/dist/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/fullcalendar-scheduler/dist/scheduler.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c44cf84e3ecde30b60aae7f3c71e97daab38da884b88fb1b7cafd9f45a4b854f
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:55 GMT
server
AmazonS3
etag
W/"809e8b96a8c4d22d2bc754836cc27ddb"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
vevnq4ZR_-maP-8DSreGiv1A4t2RasSERgzFilAelMRk8X2vvvScEg==
select.css
cdn.prod.espresa.com/static/bower_components/angular-ui-select/dist/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-ui-select/dist/select.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cca95184a5b43a18e52c39192baf2371518daa621ebd1a8b13af75c50de084cc
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:06:59 GMT
server
AmazonS3
etag
W/"83568b770c2f8a20be49edcc8dddfb70"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
GF0y9nzPxZmV4X5uN-w2XaNLfZw9zXq-xCw71SbN-HGG2dY772sPcA==
colorpicker.min.css
cdn.prod.espresa.com/static/bower_components/angular-bootstrap-colorpicker/css/ 		16 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-bootstrap-colorpicker/css/colorpicker.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a3e677a1295c85f2fcd11375c50518aa50875a9f8f490a172d1836e8f8b5a07
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:29 GMT
server
AmazonS3
etag
W/"8d41b847910f316dcedfc6a45ee97cbf"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
ui7S1djkZBM5EVHtUjpPBj5J_Qffl9gllI5VOZjaIkSlHc3koP2tLA==
rzslider.css
cdn.prod.espresa.com/static/bower_components/angularjs-slider/dist/ 		15 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angularjs-slider/dist/rzslider.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f53d5fd2b3769b28325693a7dd6804fb5209b9bf843096d6b116dab97d12091d
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:21 GMT
server
AmazonS3
etag
W/"7a5a7c4c3509a49ccbebc21008d8b9a8"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
Z-8KHAq2AKLKtQd4k7D-FIPpiJT1BQiGJE7Jnj0HpfcOw5KpvgO3zg==
slick.css
cdn.prod.espresa.com/static/bower_components/slick-carousel/slick/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/slick-carousel/slick/slick.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:22 GMT
server
AmazonS3
etag
W/"13b1b6672b8cfb0d9ae7f899f1c42875"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
tlB5ChkwkNZHPdfEMkdV7KspHtvYF9KMcDX1BcjIFOS5JJm0yGv8dQ==
ngCropperjs.all.min.css
cdn.prod.espresa.com/static/bower_components/ng-cropperjs/dist/ 		4 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/ng-cropperjs/dist/ngCropperjs.all.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d12543ca3ea45141d6dddb3bca50f46a0c3edaf58099638d1f726cd3ff277440
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:06:58 GMT
server
AmazonS3
etag
W/"cf4de4f7b141a1ddf9d9c7021527e2de"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
fWYLl32z8z-moyS0ImoLKo0oi1H0zmvN-rHxqOl0HDeF7j1XDefscw==
fix-blinking.min.css
cdn.prod.espresa.com/static/app/ 		128 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/app/fix-blinking.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbcfa062bb4ebadff034e84427512a1452e4a5303fccdd67abe84d402511b4c0
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
128
last-modified
Tue, 23 Jan 2024 20:08:29 GMT
server
AmazonS3
etag
"e4e9f9754a1d4a8c2ec2a9cf65730ba5"
x-frame-options
DENY
vary
Origin
content-type
text/css
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
BMk_DjkKLsgv04TMCCecHBpTODWITCniTTPtB7GcXxcLusqJQCZ9Cw==
index.min.css
cdn.prod.espresa.com/static/app/ 		1 MB
170 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/app/index.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
942fa7650b6e188058809b8a95074df6874108ae6ef036f64ff81e003ff4bc91
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:29 GMT
server
AmazonS3
etag
W/"91a08c587e27bf37c3562324739a2eb3"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
8hS3ivexnScj_25bYjx2OheYfaXQYTmhKPYWNEarqpU5uGmWr4Dkgw==
fonts.min.css
cdn.prod.espresa.com/static/app/assets/fonts/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/app/assets/fonts/fonts.min.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99a1f89d54f46e1897a07f69de9140bd6ea8146b665fa26052da6075626b061d
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:10:35 GMT
server
AmazonS3
etag
W/"ca05b06859eb183ec0e42f19d194cb64"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
FepTUptl1NF9uL3VueKMH6BNyNqPg9hgUjidyiedxKzYiqQbCg15_A==
slick-theme.css
cdn.prod.espresa.com/static/bower_components/slick-carousel/slick/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/slick-carousel/slick/slick-theme.css?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:23 GMT
server
AmazonS3
etag
W/"f9faba678c4d6dcfdde69e5b11b37a2e"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css
cache-control
max-age=86400
x-amz-cf-id
93ndv8SaNbdWAfrOI_Mq47M9YjUwJuSLjqjFGSBPiQ88Ck2H_Wrj0A==
bundle.min.js
browser.sentry-cdn.com/6.19.7/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.19.7/bundle.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6ba797956f6d29b650d458897e48a190cddf0a6ba374350c0bb565fa04f80d65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
Origin
https://app.espresa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 00:09:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 26 Apr 2022 13:11:05 GMT
server
Fastly
age
14274
etag
"4dc87c1e025f84ef0d14fe9187946dfd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20887
expires
Wed, 22 Jan 2025 20:12:05 GMT
angular.min.js
browser.sentry-cdn.com/6.19.7/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.19.7/angular.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8971fe0a892f03a0f0ba568b545194578eaf62dcafabc254e2677c7af64200c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
Origin
https://app.espresa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 00:09:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 26 Apr 2022 13:11:05 GMT
server
Fastly
age
14273
etag
"14f18525c8f97317f08d5cc6f80a1953"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
882
expires
Wed, 22 Jan 2025 20:12:05 GMT
jquery.min.js
cdn.prod.espresa.com/static/bower_components/jquery/dist/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/jquery/dist/jquery.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:30 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:06:48 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
oSt9a4tblZjESGnnaCFM-FK86YChrtylqAEvsMVpu_Y50d1b0MioPA==
angular.min.js
cdn.prod.espresa.com/static/bower_components/angular/ 		173 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular/angular.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24103af48b9ee0409c9178cd92eba5dc3cdf0c76827b7c265c4f6f681b4dc176
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:30 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:27 GMT
server
AmazonS3
etag
W/"a8b55518d979465737523088a9007e74"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
oq5TWdQsM0jfIuAPjIB4lCsy8gv06elAaPFdPRx7Y3TAnHTag2RsAg==
angular-aria.min.js
cdn.prod.espresa.com/static/bower_components/angular-aria/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-aria/angular-aria.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40ced4e99411a77f3b98712e1b340a28ba33160eca965a8453eb07984220a02d
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:29 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:27 GMT
server
AmazonS3
etag
W/"727773d099e3e73ffb4efe2deb1015e7"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
xtuhU8pJ9mp354478GtH5bU6jcHMlUn83_rg5YRr6pt5SNVxBZ1gFg==
angular-animate.min.js
cdn.prod.espresa.com/static/bower_components/angular-animate/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-animate/angular-animate.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91dd61cff58efd54434d6bbea42fe6c0eed1af42968e9c592fb516736395c22a
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:29 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:42 GMT
server
AmazonS3
etag
W/"cbdb8547d6c9db7f423e2349d23e003c"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
b1816PTr3F-VYx6OrfkDKHvvUbp4SRB9qOT1eSdTs9bb1iGHA1SJ3Q==
angular-cookies.min.js
cdn.prod.espresa.com/static/bower_components/angular-cookies/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-cookies/angular-cookies.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14dd592e11b348118b490883a60bdaccb4b049c9a8e9f1b79f933d61e3cafd75
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:29 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:27 GMT
server
AmazonS3
etag
W/"6778e66773d44a1f9fab3c9d13ad539b"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
cxagiYjH5cfFCrOqgYQ6PTSaveZYwyhFi-hB5z0Jpf50ZPKTDkg5fg==
angular-touch.min.js
cdn.prod.espresa.com/static/bower_components/angular-touch/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-touch/angular-touch.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4bd11692e04ce20e8db6d96249a94dc2ccf02c49c3d8409c44396d641e52a72
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:29 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:06:58 GMT
server
AmazonS3
etag
W/"f60388ccd11b0128ee8ee808c9701542"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
LIX0YhWyqgYCacFwR0xhG-iJuWZuYnFI7y7beMnEcwZxMLYBs87gjw==
angular-sanitize.min.js
cdn.prod.espresa.com/static/bower_components/angular-sanitize/ 		6 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-sanitize/angular-sanitize.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e8d479b61e09797aa910a2de2d84cb0bdd8d1e26acd061ec713082ddd57839a
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:29 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:23 GMT
server
AmazonS3
etag
W/"274dd426608803df7b40b19238c19397"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
rgBhJenULRxMv5aZ5JJhYj2yrraL_WbddaTYa_SxYT2ghy-TUie14Q==
jquery-ui.min.js
cdn.prod.espresa.com/static/bower_components/jquery-ui/ 		249 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/jquery-ui/jquery-ui.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f913921ac2e4d43fcb79e8f87d3c69df3a8c3c9a5ded30d8610b4f3ca6063d3a
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:29 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:24 GMT
server
AmazonS3
etag
W/"5148d8a88a6071cafc2a2b7e4a4c592c"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
UMU3zwEtfaXFuIgOCy1EYYxGvDS9d8TMpc6T1S514B5eQointBlIHQ==
angular-route.min.js
cdn.prod.espresa.com/static/bower_components/angular-route/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-route/angular-route.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c34f2aef7baa04ca110899ca685207323346266b7740deaa1f077aafb75ee4cb
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:29 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:20 GMT
server
AmazonS3
etag
W/"83f4d107c6992678c6f86f91452f4ded"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
VayC3lznqs43lzeqDwVjayj5zRpW5Fd2Ex0fVE4tj3VDupyJsCJX4A==
ui-bootstrap-tpls.min.js
cdn.prod.espresa.com/static/bower_components/angular-bootstrap/ 		123 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-bootstrap/ui-bootstrap-tpls.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b727d65b62ed250348fa5dc5d21eb10d5fe28fa31f9fc97048a1d63ac9848173
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:29 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:28 GMT
server
AmazonS3
etag
W/"c572f42d057f681abb138e2c2c966157"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
A9XNdjw_3gFDx1t5OEHOwKVoMHt58irCj-R801Vn-GOFaVdCXzDFhg==
lodash.min.js
cdn.prod.espresa.com/static/bower_components/lodash/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/lodash/lodash.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf63c4491140de87027557a7c15c741f65c83d98274347b105a06a20e05ce78d
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:30 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:26 GMT
server
AmazonS3
etag
W/"7629cac4f079926ef505e2271bb5135f"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
_o6FjP6ZG1WnysmFi3xxWgzFl4UHQGMFSyu_eQt_ojq1lkMN8lnzjg==
angular-ui-router.min.js
cdn.prod.espresa.com/static/bower_components/angular-ui-router/release/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-ui-router/release/angular-ui-router.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
396c4ad3d6c4a78e47b29a1d8e526bc83a72b61ead1b14b297752af2e8ab1005
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:29 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:18 GMT
server
AmazonS3
etag
W/"1f33a4658268b2e87515fe680a0f966d"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
7rVIQ_y-DkJ-2c8YP8qiXk54sWvYXWWxHXZ4RJsY6CaV6rhQzxSaVQ==
underscore-min.js
cdn.prod.espresa.com/static/bower_components/underscore/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/underscore/underscore-min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22b404d34700979e4c9746c855a72f38d926d317ca16336e1e24614664a6ff2e
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:30 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:26 GMT
server
AmazonS3
etag
W/"b87f566fe06d9943ad7fe234667a8154"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
DSN8PO3kbOVcTcHYjh6-BXLgl1ie7fLYDYW7UvezINEfJcq50P63hg==
moment.js
cdn.prod.espresa.com/static/bower_components/moment/ 		172 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/moment/moment.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7dc0a51c32dae143f2eade235145dfd6a7756388c0f0bf409fa373dd6c233629
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:30 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:56 GMT
server
AmazonS3
etag
W/"57246fb66210c7189fe95ca299666959"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
WXtAE14QALA_391TNF_t3GtOugE84GegchJtidCTvzKWHOXU6FNz6Q==
fullcalendar.js
cdn.prod.espresa.com/static/bower_components/fullcalendar/dist/ 		620 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/fullcalendar/dist/fullcalendar.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7049fe681fcb9ab0b698cb386df97d09c06604016d36f6ee0888abe9aa566cdb
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:30 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:48 GMT
server
AmazonS3
etag
W/"1bf191607589a43f8ca12e8ff615ed04"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
c5Fr9q34jcC8ADnU-eBRa0aP42gbZiHzqBMGzyKvCRiUdQC2cdCZpg==
scheduler.min.js
cdn.prod.espresa.com/static/bower_components/fullcalendar-scheduler/dist/ 		101 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/fullcalendar-scheduler/dist/scheduler.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b50388552d0e7e936b83cf21a2633f39215e57cb044e5c5f4e8028059bcecb2d
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:30 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:55 GMT
server
AmazonS3
etag
W/"bcbd413a27017dd43e8463ffc602263f"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
AVyUXRdqxNEuxxmN2F_EDGS6lvkR6Je2Pi_x-2C7h_buPOllMt_Vcg==
angular-file-upload.min.js
cdn.prod.espresa.com/static/bower_components/angular-file-upload/dist/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-file-upload/dist/angular-file-upload.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab63704a79519f09815b1693aa7bc0221234d9049cb40f5ab110fd3221caec49
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:30 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:46 GMT
server
AmazonS3
etag
W/"92a11cd0f52f3b4f2e0cef27d68fa70e"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
dj65ck2ZHjRe1S4ZTEQYJKN3XT_DPtlcB0zUMBkqZuJrPMVkZt2yOQ==
angular-google-maps.min.js
cdn.prod.espresa.com/static/bower_components/angular-google-maps/dist/ 		200 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-google-maps/dist/angular-google-maps.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9565c2844335c6d78993d7d037fd6a93b722ca0bfe0b1094e32e2f792238c29f
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:30 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:27 GMT
server
AmazonS3
etag
W/"6d10187ec1e7ee27c44c0fc4ab8ca49d"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
lb_PwJrl4dgd0JYsmf2jKLUM_Z141cnVaesYM-30GPBDbr3ZLRU-Dg==
select.min.js
cdn.prod.espresa.com/static/bower_components/angular-ui-select/dist/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-ui-select/dist/select.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c2213b64fbf14d006d891972ff12062a72aea19d4d303d646555c626394bf16
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:29 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:07:00 GMT
server
AmazonS3
etag
W/"12cb6671c8fd1e863011db3e10797858"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
8NwpBmIJ8dgQGbdc8YKztTjTmT4_0Hu4mosxZFvMsH8mgXfgpVJsSw==
sortable.min.js
cdn.prod.espresa.com/static/bower_components/angular-ui-sortable/ 		5 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-ui-sortable/sortable.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88973ad5cefa421a85874182a1c273f8bdcdf6ab17a78e5894e72c6f5231ce55
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:29 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:45 GMT
server
AmazonS3
etag
W/"59cb3f206bb68eea08d69cea9ea559b0"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
8JY71ZwRiwJXnKK5x0ME3xJt8sWdPFlfNnRcAB32XuxugF1D7O4UKA==
ng-websocket.js
cdn.prod.espresa.com/static/bower_components/ng-websocket/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/ng-websocket/ng-websocket.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3efdbe3b5dc306b14ed939f54b6a286c5e851bfeb3a14c4aa54b788b5dda4d6
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:29 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:17 GMT
server
AmazonS3
etag
W/"da2666949eb4a13e1f37ddabba051a20"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
3hG-TRJQyhyvBKsb1Ek4gbO9KR9PimxncN44_UgsD_nu-r5jY02Bqw==
highcharts.js
cdn.prod.espresa.com/static/bower_components/highcharts/ 		202 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/highcharts/highcharts.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d43fc95f84364c007fa49c61fcac91b8c269e477e336a998a4246bff00eda1f
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:29 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14131
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:07:02 GMT
server
AmazonS3
etag
W/"7823a3aa84a3c4b85c421f53399a863b"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
NTU8TFJRlavah2VO0DAu4Aj0wzmCLZPv0_GJMvMtvjtS1hw5GvRGzg==
quill.js
cdn.prod.espresa.com/static/bower_components/quill/dist/ 		331 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/quill/dist/quill.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9eef3861f5cedfb286eb1e52ded1f813bacf11082ddcfc23e7c896164b08039
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:27 GMT
server
AmazonS3
etag
W/"701d13d12a7fc7a2c68543db44c28a06"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
7dRvqpNja7Gg0uVXfV2O-eK7DZWTY7mHWlHRpYC9QfoH0dMsV0Aarg==
ng-quill.min.js
cdn.prod.espresa.com/static/bower_components/ngQuill/src/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/ngQuill/src/ng-quill.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2aa6e1e303225202e848b6613e71c0d9c973b8fa80ca112bc42943fd5cfd9ef4
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:28 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14132
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:31 GMT
server
AmazonS3
etag
W/"e3ed4058c1094d98ffb2966c8ed480e4"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
nXmSI5xMcOAN-8N4PKnpj2vBEp5hy5LBQ8MKd4690G8Dsa5IbewQIg==
readmore.min.js
cdn.prod.espresa.com/static/bower_components/angular-read-more/dist/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-read-more/dist/readmore.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7f376d187614b8774414b045caea55331a22f21bc9a22e78f2ac67a73f0f8e2
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:26 GMT
server
AmazonS3
etag
W/"e250db9165ea555d8de65e2258a28abe"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
5DZQkeVWIA0upxtufDKCx_vL-Mn_RQJT3_BoOEoj56FD5fdKnXJvpw==
clipboard.js
cdn.prod.espresa.com/static/bower_components/clipboard/dist/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/clipboard/dist/clipboard.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c35ba42e1dcbca7027adf7a7ba1b3b65f9ed37ef580c6063af06afb4257b8288
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:47 GMT
server
AmazonS3
etag
W/"35087b4c975ff6fe10ae99640fa9160e"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
BrIEOvTROBQoFuZF6Vc_feEYkTjA_OxZVpp13RVjWQJBnU7TpNyhNg==
ngclipboard.js
cdn.prod.espresa.com/static/bower_components/ngclipboard/dist/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/ngclipboard/dist/ngclipboard.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
272cb08ecf2c8522966e1b85e037c34b4e2573ba9b214968100acee2851ed916
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:23 GMT
server
AmazonS3
etag
W/"81c7b7e2f3907716b11a60dbe61fb0e7"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
S_PpEzz0BSl2YrBvtkBQzdcbjBhYNXwj4ZBKK9C6PF4AbEbeM8iL1A==
moment-timezone-with-data-10-year-range.min.js
cdn.prod.espresa.com/static/bower_components/moment-timezone/builds/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/moment-timezone/builds/moment-timezone-with-data-10-year-range.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f76f83f75befd2e33f03cf321c125633b076b17bd5725f2090d30175b995a57
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:25 GMT
server
AmazonS3
etag
W/"3d5f23458132990bf0544a307959d4de"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
EtifUg4-p_u2DnEOc3RrkatCkltQQSMfUKchce1wAZ6P8PhCcCPsdw==
bootstrap-colorpicker-module.js
cdn.prod.espresa.com/static/bower_components/angular-bootstrap-colorpicker/js/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-bootstrap-colorpicker/js/bootstrap-colorpicker-module.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22832a4e8d3de68ac14cccedb599f8a97d036739b8e491b2479e6317c182749c
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:29 GMT
server
AmazonS3
etag
W/"438b3d9474cac9bc1f5af5972a630894"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
ojvTRZUGSmAbVz3iqhp_WkJEoULYeoynmSdax24xjEbucn6P4mAthg==
rzslider.js
cdn.prod.espresa.com/static/bower_components/angularjs-slider/dist/ 		90 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angularjs-slider/dist/rzslider.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c0cb07ac75e2a1911086758d4af52caffe90755f367517226e64e1cfd2041af
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:20 GMT
server
AmazonS3
etag
W/"d20483dc232cc43d8cac4fbb6800a8a0"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
XisBQSSsPSFbR75N60-kvFVBGIEZ0Syw0ldxZ7mwv3RWprubvopY7w==
svgxuse.js
cdn.prod.espresa.com/static/bower_components/svgxuse/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/svgxuse/svgxuse.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d4fa78c606eed3d43adf2a0381107ee408ab25ed412f50dce965a79434d1a2f
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:23 GMT
server
AmazonS3
etag
W/"7e1b11d81e0f5dc457b20e887458e8e6"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
6FXD-MSFw-f-PKudRs6Ptt8EeR1Nq5ZZw0DjYYS2aoptivYK_dDfLQ==
slick.js
cdn.prod.espresa.com/static/bower_components/slick-carousel/slick/ 		82 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/slick-carousel/slick/slick.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:22 GMT
server
AmazonS3
etag
W/"99cf8430b8d81c268269760118ec31a4"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
L2fuP2DeG4-7-XcYRQA2Uw8MN929TpARQFplUYXV8H7eoXLAIPmNyg==
angular-slick.min.js
cdn.prod.espresa.com/static/bower_components/angular-slick-carousel/dist/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angular-slick-carousel/dist/angular-slick.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d6fdb61164573916c572333cbda31efc42942e21e0b75cdf12c814bcd5fe6ac
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:18 GMT
server
AmazonS3
etag
W/"732ef8e2b4e778ad8e3c379787a8cbdc"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
zYHHHYH6dEVZkCYOoLHeaGY4vz7SE-QoJ3koLpIsGgp4Uxsgc4M6KA==
angularjs-dropdown-multiselect.min.js
cdn.prod.espresa.com/static/bower_components/angularjs-dropdown-multiselect/dist/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/angularjs-dropdown-multiselect/dist/angularjs-dropdown-multiselect.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19228a5d25317a57df6e4faa04f7a75719d167f10cc7a53cb491713f16c1ced2
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:23 GMT
server
AmazonS3
etag
W/"5aa844628499ec844f137c179f257679"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
fjp5ETUuG8RhBooIdPKhreJHSX48Z4QMEi2aeiiX-wy5ZbWT2vBo1g==
ngCropperjs.all.min.js
cdn.prod.espresa.com/static/bower_components/ng-cropperjs/dist/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/ng-cropperjs/dist/ngCropperjs.all.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
444611bad2c8c4639ee043176072752fa3bf673968c86e27cde0f5d36875ccd5
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:06:57 GMT
server
AmazonS3
etag
W/"f948e1418aa2f0dffabd976d12f08a6f"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
IKYsdHGRTe-5MH0nq7eTnne1S5ORnPQkE-8qe6ZAixv16aeMn3NcHA==
ngtweet.js
cdn.prod.espresa.com/static/bower_components/ngtweet/dist/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/ngtweet/dist/ngtweet.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f81a19995a675cf01b6b3f8191ebd840fb17b6623f4da7ef897a0de3eaf9fec
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:31 GMT
server
AmazonS3
etag
W/"277b1301fbb3afeef88061c9609242be"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
9_K4FSIgiLRmw4KT3_lFWb1KVvNJRJ2L5x6J-Fa1q9AcxkwkzGdJhw==
app-min.js
cdn.prod.espresa.com/static/app/ 		3 MB
480 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/app/app-min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66e122958469a428aa3ab3aacd3f6009ba04da0681bc59336410b028161b67e9
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:29 GMT
server
AmazonS3
etag
W/"5f2a19ca4b95c7591afb16b658f9eef4"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
zRz-19QvW2hYfqlSXjl8U8BkIvBL6iqxUhsvfnI4YyRnimR5Dygp_Q==
player.js
player.vimeo.com/api/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Tue, 23 Jan 2024 19:14:11 GMT
Date
Wed, 24 Jan 2024 00:09:59 GMT
content-security-policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Via
1.1 varnish
Age
1547
X-Cache
HIT
Connection
keep-alive
x-backend-server
player-backend-edge-entry
Content-Length
11228
X-Served-By
cache-fra-eddf8230087-FRA
x-player-backend
g
Server
cloudflare
X-Timer
S1706054999.116004,VS0,VE0
Vary
Accept-Encoding
Content-Type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1800
x-bapp-server
Accept-Ranges
bytes
CF-RAY
84a40d006b01bb5c-FRA
X-Cache-Hits
251
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
703cc28e737acb7f534f81cbb649d9e790cbb000bc38c67417b19a1f3e3998fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 00:09:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 24 Jan 2024 00:09:59 GMT
/
js.stripe.com/v3/ 		586 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3113bf467de4971f85467af36358ce6000e13b77b4e8991a8a0e746a07eb73f2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 00:09:16 GMT
content-encoding
br
via
1.1 f6d3d027dc70c7291c2f685efb187ab2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
54
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 21:44:00 GMT
server
Cloudfront
etag
W/"a91e0aff9b48ab71024887a3d829f605"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
buwaNybut9Q_frNiacEUEUjd3NiRwgfVmf21lD3ZPJQJtQV2uz6tmw==
element.js
translate.google.com/translate_a/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?2024-01-23-15-13?cb=googleTranslateElementInit
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
454b33cf4c5fbfa575e21b6cf4d9e0d93ea8c1e9bcccfc4f03d084c150b8af83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2024 00:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
marqeta.min.js
widgets-sandbox.marqeta.com/marqetajs/2.0.0/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-sandbox.marqeta.com/marqetajs/2.0.0/marqeta.min.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.81 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0415f82664d910e027fa0696d001712648c8c347c51afeaf42ba4dda8d717e13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
0
date
Wed, 24 Jan 2024 00:09:59 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
97
x-cache
HIT
p3p
CP="CAO PSA OUR"
x_request_id
a996cc6ad38b6974626e3808c34c4c3193d02700
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230022-FRA
pragma
no-cache
x-runtime
0.002709
referrer-policy
no-referrer
surrogate-keys
all 1-1-0 mjs
content-length
13684
x-timer
S1706054999.141025,VS0,VE1
etag
W/"0415f82664d910e027fa0696d0017126"
x-download-options
noopen
vary
Accept
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
x-cache-hits
1
link-initialize.js
cdn.plaid.com/link/v2/stable/ 		143 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plaid.com/link/v2/stable/link-initialize.js
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-33.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43a683f4e5812778aa0caa62d9af43ecfafbeefe42f7f09e76e9839d74d8bd32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:54:01 GMT
x-amz-version-id
aGIDaKm3hGT2aZvoVUVfdf5VNYdG6oGQ
content-encoding
gzip
via
1.1 01c82f5226ffef5f7e654ffdbab24db6.cloudfront.net (CloudFront)
x-amz-request-id
VQKMQ4X26639NQWE
x-amz-cf-pop
ZRH55-P1
x-amz-server-side-encryption
AES256
age
8159
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-id-2
uzQQua1TzqUpdARMW1w+TNLCw0nZVnwBpQcoYE25YQ+l+svAk9aAA2gB2xaZGklezf9oO6nUGpQ=
last-modified
Tue, 23 Jan 2024 21:40:43 GMT
server
AmazonS3
etag
W/"d59f8aca899bfbffdbcea0a4c07504fe"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache,must-revalidate,max-age=0
x-amz-cf-id
mEvBMuCgL3WSJxH-Z8-pjfVs7MLsdlteAC9peAsFGsf7YUSv7lqsxw==
index.js
cdn.prod.espresa.com/static/bower_components/highcharts-border-radius/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/highcharts-border-radius/index.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fefcdd22d0812d88323988c3b4dd173b15177bd251bfdd19095aed6a29848e93
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:05:31 GMT
server
AmazonS3
etag
W/"821ca26435ca7e13c07b4e0c249e1034"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
XUp3p1c0z2YOkXPTyRm-jCebYp3bgXpA4ZirjTuvTDoBlFTmYrF5PA==
highcharts-more.src.js
cdn.prod.espresa.com/static/bower_components/highcharts/ 		174 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/highcharts/highcharts-more.src.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d52f6e6e7ca73faa26ddf6cdab153dfd9a52eada8fac8be009663682a24af5b5
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:07:01 GMT
server
AmazonS3
etag
W/"c06ca00a16fbf25252a90a5d02516db8"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
D77gHo3wOLEytIWm7vtfyx6gx-ppyU_ebSfziyGf4yxPvS3awxEVtg==
exporting.src.js
cdn.prod.espresa.com/static/bower_components/highcharts/modules/ 		56 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/highcharts/modules/exporting.src.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3cebd726b15ac83386e3bdb458dde178fbf2ad79a94bc63c3f4918119da77c8b
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:08 GMT
server
AmazonS3
etag
W/"ffe2ab3bc8dbf621ec34248991b8ac7c"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
HzzStViRYJ9B1aFCl8ZxcuppjWAI3KLrJlEkMk8iEYU1e6gfjurxEg==
export-data.src.js
cdn.prod.espresa.com/static/bower_components/highcharts/modules/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/highcharts/modules/export-data.src.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f99137cbbb0f549bbd54094c3e1ac1203221bd5919cdc827503af8ee90879c8e
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:14 GMT
server
AmazonS3
etag
W/"10cb859d716f542934442f4075642725"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
3J03b6iriQZdGRhDbh3kGz6jShAjxEj6lYqQWkAeCYFSNfuJqeGm7g==
solid-gauge.js
cdn.prod.espresa.com/static/bower_components/highcharts/modules/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/highcharts/modules/solid-gauge.js?2024-01-23-15-13
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d68c260921ca779765e8b69c29b8932c5e63e6240108795909d137464f893edf
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:19 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:08:13 GMT
server
AmazonS3
etag
W/"ed8ab512ccbd3f9dc7408fb12ba8c1db"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
A1BGte4wQAUeSqYK3rhTywVC8Zs5QxFP3rhnI3pkL5vfGFEHspi9eQ==
hotjar-596126.js
static.hotjar.com/c/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-596126.js?2024-01-23-15-13?sv=5
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-121.ams1.r.cloudfront.net
Software
/
Resource Hash
2974bbfc2548645e49207b2eb9714f9c445633a5ca193b57a98d82de553158d0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 00:09:59 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 eda2686dad6c190a4b0f18db47e39f0a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P3
etag
W/d34cc7fae62443cd28c1537d82977317
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
6egP_jbfD09SPsibd7OQelGheZKx9usVR9yD3qIdahxf0kUV2xvwag==
env.json
cdn.prod.espresa.com/static/app/assets/json/ 		117 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/app/assets/json/env.json
Requested by
Host: cdn.prod.espresa.com
URL: https://cdn.prod.espresa.com/static/bower_components/jquery/dist/jquery.min.js?2024-01-23-15-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a104318b0b837e996dc67a85b49cfa098b836ea70bcfe204fc11c1aa9d636df
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:33 GMT
content-encoding
br
via
1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:09:07 GMT
server
AmazonS3
etag
W/"232383251673202937bfe04dc1592b1a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
4ioJ22qzPu0VnnLWj7k6JAjW-hmiWKDjIBTlt9yLzCjD0u9bzqaZkw==
www-widgetapi.js
www.youtube.com/s/player/b31b88f2/www-widgetapi.vflset/ 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b31b88f2/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4d07513670eaa456a8c421f89b78eda11dcecbd5d49456a1e60774f3ef491c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 21:09:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
10842
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68592
x-xss-protection
0
last-modified
Mon, 22 Jan 2024 05:13:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 22 Jan 2025 21:09:17 GMT
m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=wA/d=0/rs=AN8SPfq5gedF4FIOWZgYyMCNZA5tU966ig/m=el_main_css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.7fX_OiUrtl8.O/am=wA/d=1/rs=AN8SPfpg-TUZHtqtv5HK2wYW1BpvOKkrpA/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:42:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4144
x-xss-protection
0
last-modified
Sat, 15 Jul 2023 01:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 23:42:09 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.7fX_OiUrtl8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqaXRghOH3HDJ35DAqmErsz449S4g/ 		208 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.7fX_OiUrtl8.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqaXRghOH3HDJ35DAqmErsz449S4g/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.7fX_OiUrtl8.O/am=wA/d=1/rs=AN8SPfpg-TUZHtqtv5HK2wYW1BpvOKkrpA/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e1dbe6f7764b206653feca21226de204e15ec83d9b5a70911b70f98148031f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:31:06 GMT
x-content-type-options
nosniff
age
2333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
212870
x-xss-protection
0
last-modified
Sun, 21 Jan 2024 12:11:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Jan 2025 23:31:06 GMT
modules.ce08ee522ade0bf71af6.js
script.hotjar.com/ 		219 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.ce08ee522ade0bf71af6.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-596126.js?2024-01-23-15-13?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-15.zrh55.r.cloudfront.net
Software
/
Resource Hash
7ca1538681bceac733eae23d5649a22d4d9d1a9d179fb7c02b32a82983a8a5e7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 14:59:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f6d3d027dc70c7291c2f685efb187ab2.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
33053
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55496
last-modified
Tue, 23 Jan 2024 14:58:36 GMT
etag
"baf8b3085bea7d985c4bcc4af6969bd6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
L0UOlpRiOsTlt7x073Uu-14BIXYNShGBAiT-lXS3WXOLdN1ZSL1-lA==
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 7D56 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1959
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 23 Jan 2024 23:38:04 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 19 Jan 2024 21:19:51 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 f6d3d027dc70c7291c2f685efb187ab2.cloudfront.net (CloudFront)
x-amz-cf-id
3sEuYrbCYugnjSEezv9mbkBTu-K5Eap3jjCMEWOJ96-wu8FdAN0AJQ==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
meta
app.espresa.com/api/ 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.espresa.com/api/meta
Requested by
Host: cdn.prod.espresa.com
URL: https://cdn.prod.espresa.com/static/bower_components/angular/angular.min.js?2024-01-23-15-13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.35.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-35-201.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d98448b1dc9204f84ffad52fcab6cdce0029ebc143a1d7b7d2ef1e3fa5401289
Security Headers
Name Value
Content-Security-Policy script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com whatfix.com cdn.whatfix.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate.googleapis.com translate-pa.googleapis.com api.lokalise.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com *.smooch.io *.gstatic.com widget-mediator.zopim.com browser.sentry-cdn.com cdn.plaid.com sandbox.plaid.com development.plaid.com; frame-ancestors http: https: ftp: ftps:; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com www.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com translate.googleapis.com www.gstatic.com; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.espresa.com espresa.com ws://*.espresa.com wss://*.espresa.com wss://*.hotjar.com whatfix.com *.ibytedtos.com translate.googleapis.com api.lokalise.com *.us.qlikcloud.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com wss://*.smooch.io csp.withgoogle.com wss://widget-mediator.zopim.com *.browser-intake-datadoghq.com production.plaid.com sandbox.plaid.com development.plaid.com; base-uri 'none'; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com maps.gstatic.com maps.google.com www.googletagmanager.com whatfix.com cdn.whatfix.com js.stripe.com *.hotjar.io *.hotjar.com translate.googleapis.com app.powerbi.com *.qlikcloud.com *.qlik.com *.loom.com *.zdassets.com *.zendesk.com *.smooch.io *.marqeta.com http://widgets-env.marqeta.com/ cdn.plaid.com sandbox.plaid.com development.plaid.com wss://app.espresa.com; object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.espresa.com/portal/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 00:09:59 GMT
content-security-policy
script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com whatfix.com cdn.whatfix.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate.googleapis.com translate-pa.googleapis.com api.lokalise.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com *.smooch.io *.gstatic.com widget-mediator.zopim.com browser.sentry-cdn.com cdn.plaid.com sandbox.plaid.com development.plaid.com; frame-ancestors http: https: ftp: ftps:; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com www.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com translate.googleapis.com www.gstatic.com; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.espresa.com espresa.com ws://*.espresa.com wss://*.espresa.com wss://*.hotjar.com whatfix.com *.ibytedtos.com translate.googleapis.com api.lokalise.com *.us.qlikcloud.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com wss://*.smooch.io csp.withgoogle.com wss://widget-mediator.zopim.com *.browser-intake-datadoghq.com production.plaid.com sandbox.plaid.com development.plaid.com; base-uri 'none'; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com maps.gstatic.com maps.google.com www.googletagmanager.com whatfix.com cdn.whatfix.com js.stripe.com *.hotjar.io *.hotjar.com translate.googleapis.com app.powerbi.com *.qlikcloud.com *.qlik.com *.loom.com *.zdassets.com *.zendesk.com *.smooch.io *.marqeta.com http://widgets-env.marqeta.com/ cdn.plaid.com sandbox.plaid.com development.plaid.com wss://app.espresa.com; object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
index-hash
87f19e1f66b83bf35fcc1f7cd6fc2367
content-length
296
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
allow
GET, HEAD
vary
Accept-Language, origin, Cookie, Accept-Encoding
content-language
de
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
x-frame-options
DENY
expires
Wed, 24 Jan 2024 00:09:59 GMT
loader-dots.html
cdn.prod.espresa.com/static/app/components/loader-dots/ 		231 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/app/components/loader-dots/loader-dots.html?2024-01-23-15-13
Requested by
Host: cdn.prod.espresa.com
URL: https://cdn.prod.espresa.com/static/bower_components/angular/angular.min.js?2024-01-23-15-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e51d02143c50e29b2ccc65fe243676f49aa2370f9a1d94e6d675941bd2b95a5
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:20 GMT
via
1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14140
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
231
last-modified
Tue, 23 Jan 2024 20:09:04 GMT
server
AmazonS3
etag
"fca6560b1711d2029496745a2ec720be"
x-frame-options
DENY
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
QZW0pY7GGHV3gwyqF07utBd_eK5VNCNlsmBtGbRC6J5qyb9px3ENWQ==
login.html
cdn.prod.espresa.com/static/app/login/ 		22 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/app/login/login.html?2024-01-23-15-13
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js?2024-01-23-15-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2406877e0bfc562124770517fd4b8ad76c81e0d8bb172ab8b130dbe0f7cd18d
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
accept-language
de-DE,de;q=0.9
X-CSRFToken
AFe63iPsMBFGIaMCz0PPzv3y8PyxX5jg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:20 GMT
content-encoding
br
via
1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14141
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:10:41 GMT
server
AmazonS3
etag
W/"ed3408a7173c0f4bb048568b1f73772b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
gZuKHymj80ZOMX8zch1Mc1lkdpPCvn2LlgUlqV766AOR1ozSVxg3hg==
login.html
cdn.prod.espresa.com/static/app/login/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/app/login/login.html?2024-01-23-15-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-csrftoken
Access-Control-Request-Method
GET
Origin
https://app.espresa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
600
content-length
0
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
date
Wed, 24 Jan 2024 00:10:00 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
x-amz-cf-id
uOSmxmxPpFQC3ye6YvKmNOO4zjvaSPYj-PjqcRjVACCQPoDTKg9DgQ==
x-amz-cf-pop
ZRH55-P1
x-amz-id-2
n6kWo57jXkss/yK8gg9SmceWqMur67iTuSWa1wk7lxDsdkT2vQjqiLlepK/hdGk+/R454XYqDraBOrU/BEQv7g==
x-amz-request-id
RG73AAM796T96054
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
open-sans-v16-greek_greek-ext_cyrillic_latin_latin-ext_cyrillic-ext-regular.woff2
cdn.prod.espresa.com/static/app/assets/fonts/open-sans/ 		42 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/app/assets/fonts/open-sans/open-sans-v16-greek_greek-ext_cyrillic_latin_latin-ext_cyrillic-ext-regular.woff2
Requested by
Host: cdn.prod.espresa.com
URL: https://cdn.prod.espresa.com/static/app/assets/fonts/fonts.min.css?2024-01-23-15-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e3b1d34ac67763ab50652da19305d4b3694c6b6e6bf35f4b98411ce4af646d2
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cdn.prod.espresa.com/static/app/assets/fonts/fonts.min.css?2024-01-23-15-13
Origin
https://app.espresa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:34 GMT
via
1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
43236
last-modified
Tue, 23 Jan 2024 20:10:36 GMT
server
AmazonS3
etag
"a9557eb451f17dcd8e687327ea9383a0"
x-frame-options
DENY
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
L3bkcSnn2wr3_SQ9QqGvA7xVYRK4xwSjcrzvwRn0gRZYh8d7o1-VMw==
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 7D56 		526 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-38.zrh55.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:38:04 GMT
via
1.1 f6d3d027dc70c7291c2f685efb187ab2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
3478
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
content-length
526
last-modified
Fri, 19 Jan 2024 21:19:50 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
55oF2uIjKiR5xjTwIw0bd7a_B2r3WBXi9LP7Mb9Ua6dkFQJS6UiaHQ==
rum
rum.browser-intake-datadoghq.com/api/v2/ 		53 B
344 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Aweb-app&dd-api-key=pub9e049da54880cdc38a7896671a886b1b&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=6e8534c7-e024-478e-8a7e-f973d05ec712&batch_time=1706054999557
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js?2024-01-23-15-13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:3312:8a39:82c1:5d3c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
8cc67d9ce7f7ab8370a2227b5c92871f600b65f9e75a91591dd39e0f3a64886a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 24 Jan 2024 00:09:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
dd-request-id
6e8534c7-e024-478e-8a7e-f973d05ec712
rum
rum.browser-intake-datadoghq.com/api/v2/ 		53 B
343 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Aweb-app&dd-api-key=pub9e049da54880cdc38a7896671a886b1b&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=7be2b4c7-a7d6-4943-aba1-d68045fc4d81&batch_time=1706054999558
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js?2024-01-23-15-13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:3312:8a39:82c1:5d3c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b86a3a8330502d1d63ec5c03117b4e619e49b51fdc01bac4ab37ed9be09dbaf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 24 Jan 2024 00:10:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
dd-request-id
7be2b4c7-a7d6-4943-aba1-d68045fc4d81
rum
rum.browser-intake-datadoghq.com/api/v2/ 		53 B
343 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Aweb-app&dd-api-key=pub9e049da54880cdc38a7896671a886b1b&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=81999154-521c-4ac4-a731-4d42493089cc&batch_time=1706054999559
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js?2024-01-23-15-13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:3312:8a39:82c1:5d3c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
050c2300b6bc6b67823610aa00f73297bfc991a6926d5ab6cc794534a1438b9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 24 Jan 2024 00:09:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
dd-request-id
81999154-521c-4ac4-a731-4d42493089cc
csp-report
q.stripe.com/ Frame 7D56 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 00:10:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706055000021377
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706055000021044
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 7D56 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 00:10:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706055000021513
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1706055000021247
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
596126
vc.hotjar.io/sessions/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/596126?s=0.25&r=0.07123754898972767
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js?2024-01-23-15-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-79.fra56.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 00:09:59 GMT
via
1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
QWXkocEH8-ne2QFNo7PGmDrjlPvaYDiOjpqfC8KfpMeNkZxKKggNkA==
inner.html
m.stripe.network/ Frame B171 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
41
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 24 Jan 2024 00:09:59 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
9
x-content-type-options
nosniff
x-request-id
d6c8b1e9-4f77-461c-9d45-a8bff9206337
x-served-by
cache-fra-eddf8230091-FRA
x-timer
S1706055000.626016,VS0,VE0
csp-report
q.stripe.com/ Frame B171 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: app.espresa.com
URL: https://app.espresa.com/portal/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 24 Jan 2024 00:10:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706055000021729
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1706055000021091
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame B171 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Wed, 24 Jan 2024 00:09:59 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
218
x-cache
HIT
content-length
15509
x-request-id
d97c3d05-4ee6-4aac-a0cf-176dd686014f
x-served-by
cache-fra-eddf8230091-FRA
server
Fastly
x-timer
S1706055000.634466,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
46
6
m.stripe.com/ Frame B171 		156 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.37.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-37-126.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
59fea20923d52c37785eeecebdb6582f6a06408a53f07999af1b5d6b1560e52d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 24 Jan 2024 00:10:00 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1706055000130723
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1706055000130112
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
role
app.espresa.com/api/ 		33 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.espresa.com/api/role
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js?2024-01-23-15-13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.35.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-35-201.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
9f21f9a017e879ddfe548d808e7e4d205bccfc240d679be1be33e720acd26cc5
Security Headers
Name Value
Content-Security-Policy img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com maps.gstatic.com maps.google.com www.googletagmanager.com whatfix.com cdn.whatfix.com js.stripe.com *.hotjar.io *.hotjar.com translate.googleapis.com app.powerbi.com *.qlikcloud.com *.qlik.com *.loom.com *.zdassets.com *.zendesk.com *.smooch.io *.marqeta.com http://widgets-env.marqeta.com/ cdn.plaid.com sandbox.plaid.com development.plaid.com wss://app.espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com whatfix.com cdn.whatfix.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate.googleapis.com translate-pa.googleapis.com api.lokalise.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com *.smooch.io *.gstatic.com widget-mediator.zopim.com browser.sentry-cdn.com cdn.plaid.com sandbox.plaid.com development.plaid.com; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com www.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com translate.googleapis.com www.gstatic.com; object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.espresa.com espresa.com ws://*.espresa.com wss://*.espresa.com wss://*.hotjar.com whatfix.com *.ibytedtos.com translate.googleapis.com api.lokalise.com *.us.qlikcloud.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com wss://*.smooch.io csp.withgoogle.com wss://widget-mediator.zopim.com *.browser-intake-datadoghq.com production.plaid.com sandbox.plaid.com development.plaid.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.espresa.com/portal/
accept-language
de-DE,de;q=0.9
X-CSRFToken
AFe63iPsMBFGIaMCz0PPzv3y8PyxX5jg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 00:10:00 GMT
content-security-policy
img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com maps.gstatic.com maps.google.com www.googletagmanager.com whatfix.com cdn.whatfix.com js.stripe.com *.hotjar.io *.hotjar.com translate.googleapis.com app.powerbi.com *.qlikcloud.com *.qlik.com *.loom.com *.zdassets.com *.zendesk.com *.smooch.io *.marqeta.com http://widgets-env.marqeta.com/ cdn.plaid.com sandbox.plaid.com development.plaid.com wss://app.espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com whatfix.com cdn.whatfix.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate.googleapis.com translate-pa.googleapis.com api.lokalise.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com *.smooch.io *.gstatic.com widget-mediator.zopim.com browser.sentry-cdn.com cdn.plaid.com sandbox.plaid.com development.plaid.com; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com www.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com translate.googleapis.com www.gstatic.com; object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.espresa.com espresa.com ws://*.espresa.com wss://*.espresa.com wss://*.hotjar.com whatfix.com *.ibytedtos.com translate.googleapis.com api.lokalise.com *.us.qlikcloud.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com wss://*.smooch.io csp.withgoogle.com wss://widget-mediator.zopim.com *.browser-intake-datadoghq.com production.plaid.com sandbox.plaid.com development.plaid.com
www-authenticate
Session realm="api"
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
index-hash
87f19e1f66b83bf35fcc1f7cd6fc2367
content-length
33
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
allow
GET, HEAD
vary
Accept-Language, origin, Cookie
content-language
de
content-type
application/json
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
x-frame-options
DENY
expires
Wed, 24 Jan 2024 00:10:00 GMT
logo-portal.svg
cdn.prod.espresa.com/static/app/assets/images/common/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.espresa.com/static/app/assets/images/common/logo-portal.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8c8832e7a212e23d0ca3daa18978064d942793208ee9fc8adfefec05ca28d87
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:34 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:09:59 GMT
server
AmazonS3
etag
W/"42462a0e51a74f5a7022ad2425bc0d1b"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=86400
x-amz-cf-id
65ZYBKYMB3-VJL6ssKezUssWtBxIpC5CGcfX0LJPcBHQWbFoWuRxgw==
Logo.svg
cdn.prod.espresa.com/static/app/assets/images/common/ 		9 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.espresa.com/static/app/assets/images/common/Logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96ccf2c5d172f48edbcfb950175b50ffd3deb1c4bf9a14479fc9524631f561e6
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:34 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:09:58 GMT
server
AmazonS3
etag
W/"f18bb10c0f649bd7b9cb9bee4998ece4"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=86400
x-amz-cf-id
gbE5EIvZTOTZAtRW5shfNnUEirV0lcV0VE1vCUoOz7LLCTqztWXcXA==
signup.svg
cdn.prod.espresa.com/static/app/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.espresa.com/static/app/assets/images/signup.svg
Requested by
Host: cdn.prod.espresa.com
URL: https://cdn.prod.espresa.com/static/app/index.min.css?2024-01-23-15-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7efeafa401ae9c786c88f82562069b78a494115b616a5425e88fdf31fe2a6c47
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.prod.espresa.com/static/app/index.min.css?2024-01-23-15-13
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:34 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:09:43 GMT
server
AmazonS3
etag
W/"ed02184b7ca3ee27bb3acd8369fa03aa"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=86400
x-amz-cf-id
4nJFve2n-jO3yWdkUZWgOaaemZ0wnGKRpttrImIm8xrlBoaoG8iFlQ==
dummy_pattern.png
cdn.prod.espresa.com/static/app/assets/images/ 		185 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.espresa.com/static/app/assets/images/dummy_pattern.png
Requested by
Host: cdn.prod.espresa.com
URL: https://cdn.prod.espresa.com/static/app/index.min.css?2024-01-23-15-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c50d00d8470267888c3bbc1e7db5018e6f98148ef8a44d5bde17db5a0dcf589
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.prod.espresa.com/static/app/index.min.css?2024-01-23-15-13
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:34 GMT
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
185
last-modified
Tue, 23 Jan 2024 20:09:45 GMT
server
AmazonS3
etag
"41a3f4d0a465eb9b5783b49677cfca4b"
x-frame-options
DENY
vary
Origin
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
2Fb1IqqjAR-N4VpmSi8MlUadQ5kZgQmWVkzPK-DTXVDizocGFNHP1Q==
bg.png
cdn.prod.espresa.com/static/app/assets/images/ 		11 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.espresa.com/static/app/assets/images/bg.png
Requested by
Host: cdn.prod.espresa.com
URL: https://cdn.prod.espresa.com/static/app/index.min.css?2024-01-23-15-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3e16611e05a9499192e8b5558c09b1d404c5c26d8a2bc70ae7d1ffa6dc8e922
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.prod.espresa.com/static/app/index.min.css?2024-01-23-15-13
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:34 GMT
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14127
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11716
last-modified
Tue, 23 Jan 2024 20:09:44 GMT
server
AmazonS3
etag
"c764cec88b9bc59497f2dd0b33f1e67a"
x-frame-options
DENY
vary
Origin
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
1loQRce36UwpKcpiNuVH5tcXsJZygl4MNcW4RZ_dW4DWWQ-6nDlmMA==
stars.svg
cdn.prod.espresa.com/static/app/assets/images/login_page/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.espresa.com/static/app/assets/images/login_page/stars.svg
Requested by
Host: cdn.prod.espresa.com
URL: https://cdn.prod.espresa.com/static/app/index.min.css?2024-01-23-15-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8dc6d8334046ed660393ae24a884e2a952271ff05eadc686f252f54f20633f76
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.prod.espresa.com/static/app/index.min.css?2024-01-23-15-13
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:34 GMT
content-encoding
br
via
1.1 3c2af29a416fc74eb3d104df3f808fdc.cloudfront.net (CloudFront)
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 23 Jan 2024 20:10:33 GMT
server
AmazonS3
etag
W/"78ea9fd2f00ab522f3badfd5767a6df2"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
image/svg+xml
cache-control
max-age=86400
x-amz-cf-id
mXuT3DVh7KUglqRs85VpUnfSF4OWGjIzcHaTe_3hKYmWA7DBn59GPw==
fontawesome-webfont.woff2
cdn.prod.espresa.com/static/bower_components/fontawesome/fonts/ 		55 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/bower_components/fontawesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: cdn.prod.espresa.com
URL: https://cdn.prod.espresa.com/static/bower_components/fontawesome/css/font-awesome.min.css?2024-01-23-15-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cdn.prod.espresa.com/static/bower_components/fontawesome/css/font-awesome.min.css?2024-01-23-15-13
Origin
https://app.espresa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:34 GMT
via
1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
56780
last-modified
Tue, 23 Jan 2024 20:05:30 GMT
server
AmazonS3
etag
"97493d3f11c0a3bd5cbd959f5d19b699"
x-frame-options
DENY
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
P60gU_jj9fgFNg-TJo9hjkoEmeNfvQLxt0CJPFFdJVqPQpZYC2Dobw==
open-sans-v16-greek_greek-ext_cyrillic_latin_latin-ext_cyrillic-ext-700.woff2
cdn.prod.espresa.com/static/app/assets/fonts/open-sans/ 		44 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/app/assets/fonts/open-sans/open-sans-v16-greek_greek-ext_cyrillic_latin_latin-ext_cyrillic-ext-700.woff2
Requested by
Host: cdn.prod.espresa.com
URL: https://cdn.prod.espresa.com/static/app/assets/fonts/fonts.min.css?2024-01-23-15-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c22fe8c70c36f1d862903b772eaed864d3a8fa849473c9caff224fdb852428e4
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cdn.prod.espresa.com/static/app/assets/fonts/fonts.min.css?2024-01-23-15-13
Origin
https://app.espresa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:34 GMT
via
1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
44988
last-modified
Tue, 23 Jan 2024 20:10:39 GMT
server
AmazonS3
etag
"17c283b4e785e073ec09dc72acebafac"
x-frame-options
DENY
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
M8qkq4yo9hqQUGu7YSXkiywSuqt6z_62F82Xb2Pex2EmoPC3FjAZ4w==
open-sans-v16-greek_greek-ext_cyrillic_latin_latin-ext_cyrillic-ext-600.woff2
cdn.prod.espresa.com/static/app/assets/fonts/open-sans/ 		44 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.espresa.com/static/app/assets/fonts/open-sans/open-sans-v16-greek_greek-ext_cyrillic_latin_latin-ext_cyrillic-ext-600.woff2
Requested by
Host: cdn.prod.espresa.com
URL: https://cdn.prod.espresa.com/static/app/assets/fonts/fonts.min.css?2024-01-23-15-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-19.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
486c67592731a0b36a89dba1fd0b97aeb73f236bbf60dbf28d7c6b5723c07989
Security Headers
Name Value
Content-Security-Policy object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cdn.prod.espresa.com/static/app/assets/fonts/fonts.min.css?2024-01-23-15-13
Origin
https://app.espresa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 20:14:34 GMT
via
1.1 a1822b92cbf5d3516743d4786d5b6020.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com; script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate-pa.googleapis.com api.lokalise.com *.smooch.io; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com; frame-ancestors http: https: ftp: ftps:; base-uri 'none'; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.mixpanel.com *.espresa.com espresa.com wss://*.espresa.com wss://*.hotjar.com *.ibytedtos.com api.lokalise.com *.us.qlikcloud.com wss://*.smooch.io; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.comwww.googletagmanager.com js.stripe.com *.hotjar.io *.hotjar.com app.powerbi.com *.qlik.com *.smooch.io wss://app.espresa.com wss://espresa.com
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
ZRH55-P1
age
14126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
44936
last-modified
Tue, 23 Jan 2024 20:10:36 GMT
server
AmazonS3
etag
"97593b89e95959c7f41c47cf407d1f63"
x-frame-options
DENY
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
MfeXe5Cy1lnLlHKY9kB7USY2SW3_ecE3FxCjDWvth2nKEjEtjKcfUA==
auth
app.espresa.com/api/ 		0
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.espresa.com/api/auth
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js?2024-01-23-15-13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.35.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-35-201.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com whatfix.com cdn.whatfix.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate.googleapis.com translate-pa.googleapis.com api.lokalise.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com *.smooch.io *.gstatic.com widget-mediator.zopim.com browser.sentry-cdn.com cdn.plaid.com sandbox.plaid.com development.plaid.com; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com maps.gstatic.com maps.google.com www.googletagmanager.com whatfix.com cdn.whatfix.com js.stripe.com *.hotjar.io *.hotjar.com translate.googleapis.com app.powerbi.com *.qlikcloud.com *.qlik.com *.loom.com *.zdassets.com *.zendesk.com *.smooch.io *.marqeta.com http://widgets-env.marqeta.com/ cdn.plaid.com sandbox.plaid.com development.plaid.com wss://app.espresa.com; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.espresa.com espresa.com ws://*.espresa.com wss://*.espresa.com wss://*.hotjar.com whatfix.com *.ibytedtos.com translate.googleapis.com api.lokalise.com *.us.qlikcloud.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com wss://*.smooch.io csp.withgoogle.com wss://widget-mediator.zopim.com *.browser-intake-datadoghq.com production.plaid.com sandbox.plaid.com development.plaid.com; frame-ancestors http: https: ftp: ftps:; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com www.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; base-uri 'none'; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com translate.googleapis.com www.gstatic.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.espresa.com/portal/
accept-language
de-DE,de;q=0.9
X-CSRFToken
AFe63iPsMBFGIaMCz0PPzv3y8PyxX5jg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 00:10:00 GMT
content-security-policy
script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com whatfix.com cdn.whatfix.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate.googleapis.com translate-pa.googleapis.com api.lokalise.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com *.smooch.io *.gstatic.com widget-mediator.zopim.com browser.sentry-cdn.com cdn.plaid.com sandbox.plaid.com development.plaid.com; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com maps.gstatic.com maps.google.com www.googletagmanager.com whatfix.com cdn.whatfix.com js.stripe.com *.hotjar.io *.hotjar.com translate.googleapis.com app.powerbi.com *.qlikcloud.com *.qlik.com *.loom.com *.zdassets.com *.zendesk.com *.smooch.io *.marqeta.com http://widgets-env.marqeta.com/ cdn.plaid.com sandbox.plaid.com development.plaid.com wss://app.espresa.com; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.espresa.com espresa.com ws://*.espresa.com wss://*.espresa.com wss://*.hotjar.com whatfix.com *.ibytedtos.com translate.googleapis.com api.lokalise.com *.us.qlikcloud.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com wss://*.smooch.io csp.withgoogle.com wss://widget-mediator.zopim.com *.browser-intake-datadoghq.com production.plaid.com sandbox.plaid.com development.plaid.com; frame-ancestors http: https: ftp: ftps:; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com www.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; base-uri 'none'; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com translate.googleapis.com www.gstatic.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
index-hash
87f19e1f66b83bf35fcc1f7cd6fc2367
content-length
0
referrer-policy
same-origin
cross-origin-opener-policy
same-origin
allow
POST, DELETE
vary
Accept-Language, origin, Cookie
content-language
de
content-type
application/json; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials
true
x-frame-options
DENY
expires
Wed, 24 Jan 2024 00:10:00 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		53 B
343 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Aweb-app&dd-api-key=pub9e049da54880cdc38a7896671a886b1b&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=8f9b1e92-2630-4a09-a0f2-f0aa8a1687bf&batch_time=1706055002551
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js?2024-01-23-15-13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:3312:8a39:82c1:5d3c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
3ef98a985580f95c83fd64bd326b687607d318ddd6ea9c982e9cade260ae9de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 24 Jan 2024 00:10:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53
dd-request-id
8f9b1e92-2630-4a09-a0f2-f0aa8a1687bf

Verdicts & Comments Add Verdict or Comment

354 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| hj object| _hjSettings object| DD_RUM object| service object| BrowserDetect object| Sentry function| $ function| jQuery object| angular function| _ function| moment object| FullCalendar object| angular-file-upload object| Highcharts function| Quill function| readMore function| Cropper function| accessibilityCalendarCtrl function| accomplishmentCardListCtrl function| anniversariesCtrl function| apiTokenCtrl function| attachmentErrorCtrl function| autodeployDetailsCtrl function| availabilityServiceMapping function| breadcrumbsPointsCtrl function| browserTabCustomizationBlockCtrl function| businessItemCtrl function| campusItemCtrl function| campusesSelectCtrl function| cardDonateInfoCtrl function| cardsCarouselCtrl function| cardsCustomizationBlockCtrl function| challengeSearchCardCtrl function| circleProgressBarCtrl function| commonLogDetailsCtrl function| customGrowlNotificationCtrl function| customProgressBarCtrl function| customizableRecognitionLeaderboardCtrl function| dashboardRewardsInfoCard function| debitCardCtrl function| directReportsInfoCtrl function| charts function| createElement function| resetElement function| donationInfoCtrl function| dotsPaginationCtrl function| embedAccessErrorCtrl function| embedFeedCtrl function| embedRewardsCtrl function| emojiCtrl function| employeeBudgetsListCtrl function| employeeCommentItemCtrl function| employeePaymentSummary function| EmptyStateCircleCtrl function| espresaEmptyStateCtrl function| externalTargetBlockCtrl function| feedFiltrationLabelCtrl function| googleTranslateCtrl function| groupFromToFillCtrl function| groupsLinkedToEventCtrl function| groupsSearchListCtrl function| guidelinesPointsLink function| headerPortalLogoBranding function| hintTextCtrl function| imageCropperCtrl function| individualItemCtrl function| infoTooltipCtrl function| informPopupWithOptionsCtrl function| inputCounterLimitCtrl function| itemsPerPageSelector function| linkedinShareButtonCtrl function| localizationSelectLanguageCtrl function| mobileBackgroundSelectorCtrl function| modalListCtrl function| nextPaymentDateCtrl function| notificationListCtrl function| paginationCtrl function| panelsNavigationCtrl function| PhoneSettingsCtrl function| pointsConverterCtrl function| popoverCampusesListCtrl function| popoverCompaniesListCtrl function| profileAttachmentsListCtrl function| profileManagersListCtrl function| programsDeleteModalCtrl function| rateCardCtrl function| ratesTableCtrl function| recipientsListLinkController function| rewardForLevelCtrl function| searchByFilterCtrl function| selectedRecognitionCardCtrl function| selectedSlotsPopoverCtrl function| serviceItemsSliderCtrl function| dateWithTimezone function| sessionDevicesCtrl function| sftpSetupCtrl function| passwordCtrl function| simpleLabelItemCtrl function| sleepEditorCtrl function| standardRewardCardCtrl function| stepBulkUploadFileCtrl function| subscribeSlotsPopoverCtrl function| teamRecognitionLogoCtrl function| twoTablesListCtrl function| updateNotificationCtrl function| uploadGroupMembersCtrl function| uploadRewardsPageCtrl function| userTimezonePopoverCtrl function| vendorMappingListCtrl function| localizationSettingsModalCtrl function| accomplishmentsListModalCtrl function| addCardToLevelCtrl function| addEmojiCtrl function| addLsaMerchantsCtrl function| amazonAddressCtrl function| amazonOffersListCtrl function| anniversariesModalCtrl function| appliedFiltersModalCtrl function| applyCampusCustomizationCtrl function| bulkChangeCategoryCtrl function| cardMerchantsListCtrl function| cardSuccessModalCtrl function| challengeCampusesListCtrl function| challengeSettingsCtrl function| cloneCompanyModalCtrl function| cloneCompanyNotificationModalCtrl function| cloneTasksModalCtrl function| currenciesSettingsController function| editExpenseTypeCtrl function| expenseTypeDetailsCtrl function| groupsBulkPostCtrl function| groupsReportWindowCtrl function| moneyDistributionSuccessCtrl function| notificationDetailsCtrl function| plaidSuccessModalCtrl function| provideCardModalCtrl function| qlikModalController function| recipientsListController function| reimbursementTagsModal function| reimbursementsCheckEmptyCommentModalCtrl function| relatedGroupsModalCtrl function| removeMembersCtrl function| requestDebitCardModalCtrl function| notificationSendCtrl function| sendToVerificationCtrl function| sftpGenerateKeyCtrl function| sftpSettingsController function| signUpMembersModalCtrl function| sortLevelsOrderController function| transferManagerEventsModalCtrl function| logoutSessionModalCtrl function| automaticTranslationSelectCtrl function| translationItemCtrl function| translationItemFormCtrl function| translationItemJsonCtrl function| translationListCtrl function| backgroundImagesBlockCtrl function| programsBlockCtrl function| customDashboardFeedCard function| monthServiceCardCtrl function| myFeedCtrl function| joinWithFormCtrl function| calculatePriceWithOptions function| budgetUtilizationChartCtrl function| byCategoryQuarterCtrl function| byCategoryYearChartCtrl function| editConditionsModalCtrl function| participationAndClaimsChartCtrl function| perRegionChartCtrl function| descriptionModalCtrl function| apiLogsCtrl function| securityLogsCtrl function| advancedCustomizationPageCtrl function| emojiCustomizationCtrl function| sftpExportKeyCtrl function| combinedBulkServicesCtrl function| customizeRequestDetailsCtrl function| proposeActionCtrl function| reimbursementsPaymentsListCtrl function| reimbursementsPlansPaymentSummaryCtrl function| transferResponsibilityConfirmCtrl function| transferResponsibleAdminCtrl function| BulkGenerateCtrl function| editColumnModalCtrl function| ReportOperationsCtrl function| reportTemplateColumnsCtrl function| reportTemplateHeaderCtrl function| reportTemplatesCtrl function| ReportToSftpCtrl function| ReportsHistoryCtrl function| automaticLabelsCtrl function| dynamicLabelWarningCtrl function| challengesInfoTabCtrl function| challengeActivityFeedCtrl function| challengeActivityItemCtrl function| challengesCardCtrl function| challengeCardLeaderboardCtrl function| challengesCardSmallCtrl function| challengesDetailsCtrl function| challengeLeaderboardItemCtrl function| challengeLevelsProgressCtrl function| challengeParticipantsLogoCtrl function| selectTeamCtrl function| challengeTeamItemCtrl function| challengesList function| challengesPage function| healthDataBlockCtrl function| leaderboardListItemCtrl function| leaderboardRewardItemCtrl function| taskIconCtrl function| taskItemCtrl function| tasksListCtrl function| challengeLevelsInfoCtrl function| completedChallengesModalCtrl function| editSyncDataCtrl function| leaderboardDetailsModalCtrl function| selectChallengeTimezoneModalCtrl function| submitTaskProgressModalCtrl function| teamMembersContributionModalCtrl function| greetingActivityItemCtrl function| recipientReactionCtrl function| rewardLevelCardCtrl function| activityOperatingSystemsCtrl function| challengeGoalItemCtrl function| challengeGoalsDetailsCtrl function| joinEmployeesToChallengeCtrl function| notifyParticipantsSectionCtrl function| recognitionCardModalCtrl function| challengeGoalsCtrl function| guidelineCtrl function| attributeValuesCtrl function| createAttributeCtrl function| historyLogVersionCtrl function| historyLogsCtrl function| customizationViewBlockCtrl function| GlobalSubcategoriesListCtrl function| SubcategoriesMappingCtrl function| vendorCardCtrl function| rewardBackgroundCtrl function| anniversarySettingsCtrl function| anniversarySettingsModalCtrl function| greetingCardsItemCtrl function| greetingCardsListCtrl function| setRecognizerModalCtrl object| sentryInfo function| reportController object| rewardsStatusesList object| youtubeRegExp object| vimeoRegExp object| microsoftStreamRegExp object| loomRegExp function| getAdditionalInfoFormFieldTypes function| isUsedForEmployeesSelection object| staticFile function| teamsServices object| __SENTRY__ object| Vimeo boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| webpackChunkStripeJSouter function| noop function| Stripe function| _DumpException object| default_tr object| _F_toggles string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| marqeta object| Plaid object| webpackJsonpPlaid object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_

12 Cookies

Domain/Path Name / Value
.app.link/ Name: _s
Value: THKtUN6Z7NcQ02PlWu96V%2Fvmugj8MlFy62FuFQQS8tiJYkmJ8yOPyiMf7jjGSYGJ
app.espresa.com/ Name: csrftoken
Value: AFe63iPsMBFGIaMCz0PPzv3y8PyxX5jg
.vimeo.com/ Name: __cf_bm
Value: QRQM4Dc4BCDT.P6qHK3owiGg0_swGzicFnc8WCn..uw-1706054999-1-AW7TP3+o49Ags0O0XMm0Xqa+bnDE0wYoHFhjYMc+qYFTobp6VpER+qkG2j0ltd0NrqIVs6OGNcldbBnA0U0bcNs=
.youtube.com/ Name: YSC
Value: GAnkYT-h94c
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: nYyMFzY_ItI
.espresa.com/ Name: _hjSessionUser_596126
Value: eyJpZCI6ImM1YmJiMDNkLTYxNzktNWFhMS05NjkzLWRhNzRkMDc0OGU0OSIsImNyZWF0ZWQiOjE3MDYwNTQ5OTk1ODksImV4aXN0aW5nIjpmYWxzZX0=
.espresa.com/ Name: _hjSession_596126
Value: eyJpZCI6ImI4ZWY3NGQ5LTIyYWYtNDc0OS1iNWFhLTZjYmUxZmUwZGU1ZiIsImMiOjE3MDYwNTQ5OTk1OTAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
m.stripe.com/ Name: m
Value: 2253975e-0b0e-4760-a8a0-c6edd28bab40311590
.app.espresa.com/ Name: __stripe_mid
Value: 36bf17f7-835b-483f-a475-e043b149d83a601e2d
.app.espresa.com/ Name: __stripe_sid
Value: 5db01d48-ab73-4ef8-b409-2de1818deb34328ae2
.espresa.com/ Name: sessionid
Value: 6lozo0odmdo3iy2gi32mh3syxmt7fllp
app.espresa.com/ Name: _dd_s
Value: rum=2&id=fa4ac32a-fcb8-4a4a-a900-b0eee917af7c&created=1706054999546&expire=1706055899546

4 Console Messages

Source Level URL
Text
network error URL: https://cdn.prod.espresa.com/static/https://cdn.prod.espresa.com/static/app/fix-blinking.min.css?2024-01-23-15-13
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.prod.espresa.com/static/https://cdn.prod.espresa.com/static/app/assets/fonts/fonts.min.css?2024-01-23-15-13
Message:
Failed to load resource: the server responded with a status of 403 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://app.espresa.com/api/role
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' 'unsafe-inline' 'unsafe-eval' blob: cdn.mxpnl.com js.stripe.com *.hotjar.io *.hotjar.com *.espresa.com espresa.com whatfix.com cdn.whatfix.com *.vimeo.com cdnjs.cloudflare.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.tiktokcdn.com *.tiktok.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com translate.googleapis.com translate-pa.googleapis.com api.lokalise.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com *.smooch.io *.gstatic.com widget-mediator.zopim.com browser.sentry-cdn.com cdn.plaid.com sandbox.plaid.com development.plaid.com 'nonce-HffQdKPNEVdsWjumfRmGRg=='; default-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' csi.gstatic.com www.gstatic.com www.google-analytics.com cdn.jsdelivr.net sentry.espresa.com *.espresa.com espresa.com *.youtube.com *.qlikcloud.com *.microsoftstream.com *.vimeo.com *.tiktok.com *.tiktokcdn.com *.twitter.com *.ibytedtos.com *.facebook.com *.instagram.com maps.gstatic.com maps.google.com www.googletagmanager.com whatfix.com cdn.whatfix.com js.stripe.com *.hotjar.io *.hotjar.com translate.googleapis.com app.powerbi.com *.qlikcloud.com *.qlik.com *.loom.com *.zdassets.com *.zendesk.com *.smooch.io *.marqeta.com http://widgets-env.marqeta.com/ cdn.plaid.com sandbox.plaid.com development.plaid.com wss://app.espresa.com; connect-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com data: 'self' *.hotjar.io *.hotjar.com *.espresa.com espresa.com ws://*.espresa.com wss://*.espresa.com wss://*.hotjar.com whatfix.com *.ibytedtos.com translate.googleapis.com api.lokalise.com *.us.qlikcloud.com https://eu.backendlessappcontent.com *.zdassets.com *.zendesk.com wss://*.smooch.io csp.withgoogle.com wss://widget-mediator.zopim.com *.browser-intake-datadoghq.com production.plaid.com sandbox.plaid.com development.plaid.com; frame-ancestors http: https: ftp: ftps:; font-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: fonts.googleapis.com fonts.gstatic.com www.gstatic.com *.hotjar.com *.espresa.com espresa.com *.hotjar.io; object-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com; base-uri 'none'; style-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'unsafe-inline' 'self' cdnjs.cloudflare.com s16.tiktokcdn.com *.espresa.com espresa.com translate.googleapis.com www.gstatic.com; img-src espresa-prod-app-store.s3.amazonaws.com cdn.prod.espresa.com 'self' data: www.google-analytics.com script.hotjar.com http: https: *.espresa.com espresa.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.espresa.com
browser.sentry-cdn.com
cdn.plaid.com
cdn.prod.espresa.com
espresa.app.link
js.stripe.com
m.stripe.com
m.stripe.network
player.vimeo.com
q.stripe.com
rum.browser-intake-datadoghq.com
script.hotjar.com
static.hotjar.com
translate.google.com
translate.googleapis.com
vc.hotjar.io
widgets-sandbox.marqeta.com
www.datadoghq-browser-agent.com
www.gstatic.com
www.youtube.com
151.101.1.81
151.101.128.176
162.159.128.61
18.165.183.15
18.165.183.19
18.165.183.33
18.165.183.38
18.239.94.121
18.66.112.79
2600:1f18:24e6:b900:3312:8a39:82c1:5d3c
2600:9000:25a2:1a00:19:9934:6a80:93a1
2a00:1450:4001:829::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::200e
2a04:4e42:400::729
34.213.37.126
52.222.165.229
54.187.159.182
54.244.35.201
0415f82664d910e027fa0696d001712648c8c347c51afeaf42ba4dda8d717e13
050c2300b6bc6b67823610aa00f73297bfc991a6926d5ab6cc794534a1438b9b
0a3e677a1295c85f2fcd11375c50518aa50875a9f8f490a172d1836e8f8b5a07
0c50d00d8470267888c3bbc1e7db5018e6f98148ef8a44d5bde17db5a0dcf589
14dd592e11b348118b490883a60bdaccb4b049c9a8e9f1b79f933d61e3cafd75
19228a5d25317a57df6e4faa04f7a75719d167f10cc7a53cb491713f16c1ced2
1a104318b0b837e996dc67a85b49cfa098b836ea70bcfe204fc11c1aa9d636df
1d43fc95f84364c007fa49c61fcac91b8c269e477e336a998a4246bff00eda1f
22832a4e8d3de68ac14cccedb599f8a97d036739b8e491b2479e6317c182749c
22b404d34700979e4c9746c855a72f38d926d317ca16336e1e24614664a6ff2e
24103af48b9ee0409c9178cd92eba5dc3cdf0c76827b7c265c4f6f681b4dc176
272cb08ecf2c8522966e1b85e037c34b4e2573ba9b214968100acee2851ed916
290bae938eed0d4ca021e6af31c5b861e74b5f1d240c74ce21e1e46991634b2b
2974bbfc2548645e49207b2eb9714f9c445633a5ca193b57a98d82de553158d0
29bb97518fad77c095e12b38fab4e2d7feaa2f5a4898385a0439dbbef21fbf52
29f4fbefad4b5ec62b509f075a7fe116e9c6471d331c110b9d17c0ad5ec80436
2aa6e1e303225202e848b6613e71c0d9c973b8fa80ca112bc42943fd5cfd9ef4
2c2213b64fbf14d006d891972ff12062a72aea19d4d303d646555c626394bf16
2e3b1d34ac67763ab50652da19305d4b3694c6b6e6bf35f4b98411ce4af646d2
3113bf467de4971f85467af36358ce6000e13b77b4e8991a8a0e746a07eb73f2
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
396c4ad3d6c4a78e47b29a1d8e526bc83a72b61ead1b14b297752af2e8ab1005
3cebd726b15ac83386e3bdb458dde178fbf2ad79a94bc63c3f4918119da77c8b
3e8d479b61e09797aa910a2de2d84cb0bdd8d1e26acd061ec713082ddd57839a
3ef98a985580f95c83fd64bd326b687607d318ddd6ea9c982e9cade260ae9de1
3f81a19995a675cf01b6b3f8191ebd840fb17b6623f4da7ef897a0de3eaf9fec
40ced4e99411a77f3b98712e1b340a28ba33160eca965a8453eb07984220a02d
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d
43a683f4e5812778aa0caa62d9af43ecfafbeefe42f7f09e76e9839d74d8bd32
444611bad2c8c4639ee043176072752fa3bf673968c86e27cde0f5d36875ccd5
454b33cf4c5fbfa575e21b6cf4d9e0d93ea8c1e9bcccfc4f03d084c150b8af83
486c67592731a0b36a89dba1fd0b97aeb73f236bbf60dbf28d7c6b5723c07989
4d4fa78c606eed3d43adf2a0381107ee408ab25ed412f50dce965a79434d1a2f
4e51d02143c50e29b2ccc65fe243676f49aa2370f9a1d94e6d675941bd2b95a5
4ec3b0c61c05f634d980caa7b68751a65bf6fcaa03ffe807014782b701a97022
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
59fea20923d52c37785eeecebdb6582f6a06408a53f07999af1b5d6b1560e52d
5c0cb07ac75e2a1911086758d4af52caffe90755f367517226e64e1cfd2041af
5f76f83f75befd2e33f03cf321c125633b076b17bd5725f2090d30175b995a57
66e122958469a428aa3ab3aacd3f6009ba04da0681bc59336410b028161b67e9
6ba797956f6d29b650d458897e48a190cddf0a6ba374350c0bb565fa04f80d65
6e1dbe6f7764b206653feca21226de204e15ec83d9b5a70911b70f98148031f4
703cc28e737acb7f534f81cbb649d9e790cbb000bc38c67417b19a1f3e3998fa
7049fe681fcb9ab0b698cb386df97d09c06604016d36f6ee0888abe9aa566cdb
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7ca1538681bceac733eae23d5649a22d4d9d1a9d179fb7c02b32a82983a8a5e7
7d6fdb61164573916c572333cbda31efc42942e21e0b75cdf12c814bcd5fe6ac
7dc0a51c32dae143f2eade235145dfd6a7756388c0f0bf409fa373dd6c233629
7efeafa401ae9c786c88f82562069b78a494115b616a5425e88fdf31fe2a6c47
88973ad5cefa421a85874182a1c273f8bdcdf6ab17a78e5894e72c6f5231ce55
8971fe0a892f03a0f0ba568b545194578eaf62dcafabc254e2677c7af64200c3
8cc67d9ce7f7ab8370a2227b5c92871f600b65f9e75a91591dd39e0f3a64886a
8dc6d8334046ed660393ae24a884e2a952271ff05eadc686f252f54f20633f76
91dd61cff58efd54434d6bbea42fe6c0eed1af42968e9c592fb516736395c22a
93f5c7d2340d52a0817cd821cdf0fb03bd9336f142b6921187df087bd5ef302d
942fa7650b6e188058809b8a95074df6874108ae6ef036f64ff81e003ff4bc91
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9565c2844335c6d78993d7d037fd6a93b722ca0bfe0b1094e32e2f792238c29f
96ccf2c5d172f48edbcfb950175b50ffd3deb1c4bf9a14479fc9524631f561e6
99a1f89d54f46e1897a07f69de9140bd6ea8146b665fa26052da6075626b061d
9f21f9a017e879ddfe548d808e7e4d205bccfc240d679be1be33e720acd26cc5
a7f376d187614b8774414b045caea55331a22f21bc9a22e78f2ac67a73f0f8e2
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ab63704a79519f09815b1693aa7bc0221234d9049cb40f5ab110fd3221caec49
b2406877e0bfc562124770517fd4b8ad76c81e0d8bb172ab8b130dbe0f7cd18d
b50388552d0e7e936b83cf21a2633f39215e57cb044e5c5f4e8028059bcecb2d
b727d65b62ed250348fa5dc5d21eb10d5fe28fa31f9fc97048a1d63ac9848173
b86a3a8330502d1d63ec5c03117b4e619e49b51fdc01bac4ab37ed9be09dbaf6
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bf63c4491140de87027557a7c15c741f65c83d98274347b105a06a20e05ce78d
c22fe8c70c36f1d862903b772eaed864d3a8fa849473c9caff224fdb852428e4
c34f2aef7baa04ca110899ca685207323346266b7740deaa1f077aafb75ee4cb
c35ba42e1dcbca7027adf7a7ba1b3b65f9ed37ef580c6063af06afb4257b8288
c3efdbe3b5dc306b14ed939f54b6a286c5e851bfeb3a14c4aa54b788b5dda4d6
c44cf84e3ecde30b60aae7f3c71e97daab38da884b88fb1b7cafd9f45a4b854f
c4d07513670eaa456a8c421f89b78eda11dcecbd5d49456a1e60774f3ef491c0
cbcfa062bb4ebadff034e84427512a1452e4a5303fccdd67abe84d402511b4c0
cca95184a5b43a18e52c39192baf2371518daa621ebd1a8b13af75c50de084cc
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
d12543ca3ea45141d6dddb3bca50f46a0c3edaf58099638d1f726cd3ff277440
d52f6e6e7ca73faa26ddf6cdab153dfd9a52eada8fac8be009663682a24af5b5
d68c260921ca779765e8b69c29b8932c5e63e6240108795909d137464f893edf
d8a3498b987a36d13115fc555204f13000a6872b74c84dadcf6d0888f34b36bd
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
d98448b1dc9204f84ffad52fcab6cdce0029ebc143a1d7b7d2ef1e3fa5401289
d9eef3861f5cedfb286eb1e52ded1f813bacf11082ddcfc23e7c896164b08039
dc6ffe00ea357a0f8ce9d0104243cd52ed4a09e4c4594d27dbe5b44c3af92c4d
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e16611e05a9499192e8b5558c09b1d404c5c26d8a2bc70ae7d1ffa6dc8e922
e4bd11692e04ce20e8db6d96249a94dc2ccf02c49c3d8409c44396d641e52a72
e6e797fdd37f20f47b0150c3287d7cc0745533bc839426ae0d47532fd2703be5
e8c8832e7a212e23d0ca3daa18978064d942793208ee9fc8adfefec05ca28d87
f53d5fd2b3769b28325693a7dd6804fb5209b9bf843096d6b116dab97d12091d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f913921ac2e4d43fcb79e8f87d3c69df3a8c3c9a5ded30d8610b4f3ca6063d3a
f99137cbbb0f549bbd54094c3e1ac1203221bd5919cdc827503af8ee90879c8e
fefcdd22d0812d88323988c3b4dd173b15177bd251bfdd19095aed6a29848e93