Submitted URL: https://carrotcredit.com/
Effective URL: https://www.carrotcredit.com/
Submission: On August 24 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 39 HTTP transactions. The main IP is 2a06:98c1:58::60, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.carrotcredit.com.
TLS certificate: Issued by E5 on July 8th 2024. Valid for: 3 months.
This is the only time www.carrotcredit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.49.23.145 53831 (SQUARESPACE)
20 2a06:98c1:58::60 13335 (CLOUDFLAR...)
4 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.102.106 16509 (AMAZON-02)
2 2600:9000:21f... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.33.187.109 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 54.220.83.225 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
1 34.120.195.249 396982 (GOOGLE-CL...)
39 13
Apex Domain
Subdomains
Transfer
21 carrotcredit.com
carrotcredit.com
www.carrotcredit.com
2 MB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
21 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
161 KB
3 groovehq.com
697d31d3-878e-400c-bd9d-96926e6917f8.widget.cluster.groovehq.com
47 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
178 KB
1 sentry.io
o605468.ingest.sentry.io
339 B
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 8904
171 B
39 9
Domain Requested by
20 www.carrotcredit.com www.carrotcredit.com
4 cdn.jsdelivr.net www.carrotcredit.com
cdn.jsdelivr.net
3 www.google-analytics.com www.googletagmanager.com
www.carrotcredit.com
3 697d31d3-878e-400c-bd9d-96926e6917f8.widget.cluster.groovehq.com www.carrotcredit.com
697d31d3-878e-400c-bd9d-96926e6917f8.widget.cluster.groovehq.com
2 fonts.googleapis.com www.carrotcredit.com
2 www.googletagmanager.com www.carrotcredit.com
www.googletagmanager.com
1 o605468.ingest.sentry.io www.carrotcredit.com
1 content.hotjar.io www.carrotcredit.com
1 region1.google-analytics.com www.carrotcredit.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.carrotcredit.com
1 carrotcredit.com 1 redirects
39 12

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.twitter.com
Subject Issuer Validity Valid
www.carrotcredit.com
E5
2024-07-08 -
2024-10-06
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
*.google-analytics.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
upload.video.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
cluster.groovehq.com
Amazon RSA 2048 M02
2024-04-20 -
2025-05-19
a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02
2024-01-31 -
2025-03-01
a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-02 -
2024-12-02
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.carrotcredit.com/
Frame ID: 8E096B18AD41D4080ECAD70CC9E82118
Requests: 42 HTTP requests in this frame

Frame: https://697d31d3-878e-400c-bd9d-96926e6917f8.widget.cluster.groovehq.com/landing?preferLocal=false
Frame ID: 8BC447EA882E32D8431F363216F2C341
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Carrot

Page URL History Show full URLs

  1. https://carrotcredit.com/ HTTP 301
    https://www.carrotcredit.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

39
Requests

100 %
HTTPS

62 %
IPv6

9
Domains

12
Subdomains

13
IPs

3
Countries

2603 kB
Transfer

5800 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://carrotcredit.com/ HTTP 301
    https://www.carrotcredit.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.carrotcredit.com/
Redirect Chain
  • https://carrotcredit.com/
  • https://www.carrotcredit.com/
6 KB
3 KB
Document
General
Full URL
https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d63f4b754bd36da1a661930ee8415329d5fc1c0fec51b2c0d31a08df6d7bb28

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
562
cache-control
public,max-age=10,s-maxage=86400
cf-cache-status
HIT
cf-ray
8b85b6eacb598c44-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 24 Aug 2024 19:23:02 GMT
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
vary
Accept-Encoding
x-amz-request-id
tx0000067bbe1e4a0e8ec32-0066ca30e4-fa3a17fc-fra1b
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-do-orig-status
200
x-do-static-catchall-document
index.html
x-envoy-upstream-healthchecked-cluster
x-rgw-object-type
Normal

Redirect headers

age
12474
content-length
0
date
Sat, 24 Aug 2024 10:00:17 GMT
location
https://www.carrotcredit.com/
server
Squarespace
x-contextid
9tvMKtPK/YeUbK0Y8
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/
160 KB
26 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.carrotcredit.com/
Origin
https://www.carrotcredit.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 24 Aug 2024 19:23:02 GMT
x-content-type-options
nosniff
content-encoding
br
age
2116945
x-jsd-version
5.1.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26333
x-served-by
cache-fra-etou8220046-FRA
x-jsd-version-type
version
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/
59 KB
8 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/bootstrap-icons.css
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32cc4a47b370e278072a6440249872e681efa1d992600420c03a9631da885d70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 24 Aug 2024 19:23:02 GMT
x-content-type-options
nosniff
content-encoding
br
age
2549583
x-jsd-version
1.3.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8017
x-served-by
cache-fra-etou8220071-FRA
x-jsd-version-type
version
etag
W/"edbb-Du3MPQ7GnRobCfGvnAP4Uqb5QVI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
2.7a91d27c.chunk.css
www.carrotcredit.com/static/css/
71 KB
6 KB
Stylesheet
General
Full URL
https://www.carrotcredit.com/static/css/2.7a91d27c.chunk.css
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd8013c17310b6cefb74c280c79afdbc31d9fde37d5213e252412b714ccd283e

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
br
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx000006cf120c06177b122-0066c84caa-fa4b2540-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
W/"a72dc944b5d7ede9b3063de8a665ef29"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/css; charset=utf-8
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
cf-ray
8b85b6eafba98c44-FRA
main.ec7b088c.chunk.css
www.carrotcredit.com/static/css/
103 KB
33 KB
Stylesheet
General
Full URL
https://www.carrotcredit.com/static/css/main.ec7b088c.chunk.css
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4b9556b60bef6fe706b77575a91964f8a2e8e613a49facedcf22eac53420d5

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
br
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx000004cd10997ac56a1ae-0066ca30e6-fa3a17fc-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
W/"ec1ef1e2a5a63ea0cb0b0fc63aab422d"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/css; charset=utf-8
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
cf-ray
8b85b6eafbaa8c44-FRA
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/
76 KB
22 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.carrotcredit.com/
Origin
https://www.carrotcredit.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 24 Aug 2024 19:23:02 GMT
x-content-type-options
nosniff
content-encoding
br
age
2397710
x-jsd-version
5.1.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
22075
x-served-by
cache-fra-etou8220046-FRA
x-jsd-version-type
version
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
2.77f9531a.chunk.js
www.carrotcredit.com/static/js/
2 MB
571 KB
Script
General
Full URL
https://www.carrotcredit.com/static/js/2.77f9531a.chunk.js
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14a7794206c3463793c2e80b49286207fc0460bab1f43d88a29c889302746eb

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
br
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx00000cafd367ec017dcc4-0066ca30e6-fa4b2540-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
W/"128c959b5e4a3b3c18941b5053d3625f"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/javascript; charset=utf-8
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
cf-ray
8b85b6eafbac8c44-FRA
main.d13342c6.chunk.js
www.carrotcredit.com/static/js/
382 KB
115 KB
Script
General
Full URL
https://www.carrotcredit.com/static/js/main.d13342c6.chunk.js
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baab0d02689e004ab959573cda33672c5d3bc6b3520ab126e3408cdd320bd28c

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
br
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx00000bcabf0a905dcda91-0066ca30e6-fa4b2540-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
W/"19957165b95f493e2239533cb5d18a4b"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
text/javascript; charset=utf-8
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
cf-ray
8b85b6eafbaf8c44-FRA
gtm.js
www.googletagmanager.com/
230 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MXQ8TF2
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dbad107b46ed0f1952211624576d6f8bb1866fd63226b54a4c246e8e4ac35e85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82345
x-xss-protection
0
last-modified
Sat, 24 Aug 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Aug 2024 19:23:02 GMT
css2
fonts.googleapis.com/
431 B
403 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Reenie+Beanie&display=swap
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/static/css/main.ec7b088c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ef483147644133d9b9d4d053df0490ad4095ce96a091f31ca76ef43d31d9331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 24 Aug 2024 19:14:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Aug 2024 19:23:02 GMT
css2
fonts.googleapis.com/
5 KB
956 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;1,100;1,200&display=swap
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/static/css/main.ec7b088c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
774905bad0607cfdb5c2c75fa89f678619ee87b87bc4a93e7d37abff4c580d88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 24 Aug 2024 19:23:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Aug 2024 19:23:02 GMT
hotjar-2570653.js
static.hotjar.com/c/
11 KB
5 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2570653.js?sv=6
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-106.fra56.r.cloudfront.net
Software
/
Resource Hash
49bb82002d6f0c4beea05f34e73fb3934ad10d6ba2577a857c530cddd0df48d2
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 24 Aug 2024 19:23:02 GMT
via
1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/cee2c072e7996668ff516fefe4ff1ef3
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
-eKK9diLwMpOtRmSQSfvL2cuwUajHrBINpBgNVCmiery6OBt1qRGhw==
loader
697d31d3-878e-400c-bd9d-96926e6917f8.widget.cluster.groovehq.com/api/
212 B
488 B
Script
General
Full URL
https://697d31d3-878e-400c-bd9d-96926e6917f8.widget.cluster.groovehq.com/api/loader
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ee00:0:8139:2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8b05919b8913a2ebc62749036f0d34fdfa6846a85395be9e6b017048a4c6ac04

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
gzip
via
1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
no-store, must-revalidate
x-amz-cf-id
xRLB-vrS305ntEWGwifvzisPkY2zdXQILikMT-CyFcPDCNs61OyTsg==
carrot-logo-black.31b58b20.png
www.carrotcredit.com/static/media/
62 KB
62 KB
Image
General
Full URL
https://www.carrotcredit.com/static/media/carrot-logo-black.31b58b20.png
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af349eecb0a33695f2d8a69dd9013f38bae0ed823ec5e38fb9b4d2c5247620c4

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx000005100e0b5dd3f704b-0066ca30e6-fa4b2540-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
content-length
63316
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
"31b58b20b910ecfd2c49c75ad0ed1cdb"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
accept-ranges
bytes
cf-ray
8b85b6ec8dbe8c44-FRA
business.45e4cccb.png
www.carrotcredit.com/static/media/
38 KB
39 KB
Image
General
Full URL
https://www.carrotcredit.com/static/media/business.45e4cccb.png
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b75b842ecc35122be0db8634fafcd603060640e8364d33eec9c1308c87815e7c

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx00000d2c1c8631591fe49-0066ca30e6-fa4b2540-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
content-length
39291
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
"45e4cccb05336f4d0b96a0b39465dc8e"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
accept-ranges
bytes
cf-ray
8b85b6ec8dc18c44-FRA
individual.c3f4f37e.png
www.carrotcredit.com/static/media/
44 KB
44 KB
Image
General
Full URL
https://www.carrotcredit.com/static/media/individual.c3f4f37e.png
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
431119fa586a8c23cf0eb431f4bd047c4eabb2733501a0b837b506ea7bf272f7

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx000007df85b4f8085dcef-0066ca30e6-fa3a17fc-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
content-length
45084
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
"c3f4f37e9a47a7f3eb2eacc777076c69"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
accept-ranges
bytes
cf-ray
8b85b6ec8dc58c44-FRA
about.66fa285a.png
www.carrotcredit.com/static/media/
131 KB
131 KB
Image
General
Full URL
https://www.carrotcredit.com/static/media/about.66fa285a.png
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2c073e2f970ae50afcdc2aed17d4f8e7697674fbeb36a3fd7288be695cef167

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx00000e8d60a53552b35f4-0066ca30e6-fa3a17fc-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
content-length
134327
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
"66fa285a43e0203bf7bb865766592c97"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
accept-ranges
bytes
cf-ray
8b85b6ec8dc68c44-FRA
truncated
/
201 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3148213d0e0a74853dac093a720fc8152f8d57275877397a22996aee1a138420

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
atm-illustration.cce10bb4.png
www.carrotcredit.com/static/media/
49 KB
50 KB
Image
General
Full URL
https://www.carrotcredit.com/static/media/atm-illustration.cce10bb4.png
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c3b0d8455c9d0661a4851540833cef0ca1c543e641d34106cb6f04c0be18b6d

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx00000dbabd393ecf35698-0066ca30e6-fa4b2540-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
content-length
50331
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
"cce10bb4d7618e9adc3dd5f480b8b95c"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
accept-ranges
bytes
cf-ray
8b85b6ec8dc78c44-FRA
phone-illustration.119cace4.png
www.carrotcredit.com/static/media/
97 KB
98 KB
Image
General
Full URL
https://www.carrotcredit.com/static/media/phone-illustration.119cace4.png
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85726d780aa198b8a092986dec8b29e14bc0d986cd6802e7b3fdccf0d8d4fb24

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx00000adec5491b599a625-0066ca30e6-fa3a17fc-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
content-length
99640
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
"119cace4727c69c2a3349d182da54128"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
accept-ranges
bytes
cf-ray
8b85b6ec8dc88c44-FRA
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c340f0a5773bd44c4a5fe8cb914117974a354fa033ee40e96f2024a816e59198

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78b5cea9135f99b664b545c63193c46110ce0295e77a577f0287857681fe5214

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee8b26b78c00a4f3c0e47dff92d13ac0f2e68e300d2267c5318af7567383b361

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
partners.12b2f267.png
www.carrotcredit.com/static/media/
302 KB
302 KB
Image
General
Full URL
https://www.carrotcredit.com/static/media/partners.12b2f267.png
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb5135dc8ea99fa55d6fff4516dfd035a74a2d616518656ba6c4b7e0cf3b119d

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx00000d9208f6d6cd1ed5b-0066ca30e6-fa4b2540-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
content-length
309080
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
"12b2f267e0163ddbcaecbf0bf948fdf0"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
accept-ranges
bytes
cf-ray
8b85b6ec8dca8c44-FRA
get-started.0af7b209.png
www.carrotcredit.com/static/media/
44 KB
45 KB
Image
General
Full URL
https://www.carrotcredit.com/static/media/get-started.0af7b209.png
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c335e1d6ed5509c83c9441cb8a15a4e81a9433922484641d391339fccd493d

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx00000c490ba0ae10c80a5-0066ca30e6-fa4b2540-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
content-length
45488
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
"0af7b20915f29f9922496f5966da8fea"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
accept-ranges
bytes
cf-ray
8b85b6ec8dcc8c44-FRA
carrot-logo-grey.3354e94c.svg
www.carrotcredit.com/static/media/
83 KB
53 KB
Image
General
Full URL
https://www.carrotcredit.com/static/media/carrot-logo-grey.3354e94c.svg
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5015a4ee49c67999a3a775a21e6a834797ce465efd94ce9f82743a9a2107e458

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
br
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx00000c07176e1b0a51791-0066ca30e6-fa3a17fc-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
W/"3354e94c8480e54d86ac3b26f9ef98d8"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/svg+xml
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
cf-ray
8b85b6ec8dce8c44-FRA
hero-section-banner.190f0c05.png
www.carrotcredit.com/static/media/
342 KB
343 KB
Image
General
Full URL
https://www.carrotcredit.com/static/media/hero-section-banner.190f0c05.png
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/static/css/main.ec7b088c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27def28aeff06efe2fbe3cc01ec9a9054ad1b8eba297d09497a97b98829502db

Request headers

Referer
https://www.carrotcredit.com/static/css/main.ec7b088c.chunk.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx000008bad8829acd8f34f-0066ca30e6-fa3a17fc-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
content-length
350278
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
"190f0c05c61bf09b884dea18e4585245"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
accept-ranges
bytes
cf-ray
8b85b6ec8dd18c44-FRA
Gilroy-SemiBold.a5cf732b.ttf
www.carrotcredit.com/static/media/
137 KB
60 KB
Font
General
Full URL
https://www.carrotcredit.com/static/media/Gilroy-SemiBold.a5cf732b.ttf
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/static/css/main.ec7b088c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b4f5562de072aa2884798b9fdb2329ad4122d972a1bf2f58fe645b9623b0590

Request headers

Referer
https://www.carrotcredit.com/static/css/main.ec7b088c.chunk.css
Origin
https://www.carrotcredit.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
br
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx000002ac10960239984e6-0066ca30e6-fa3a17fc-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
W/"a5cf732b15078843b237bd58f3ed44cd"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
font/ttf
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
cf-ray
8b85b6ec9de58c44-FRA
Gilroy-Bold.b381c2ab.ttf
www.carrotcredit.com/static/media/
134 KB
59 KB
Font
General
Full URL
https://www.carrotcredit.com/static/media/Gilroy-Bold.b381c2ab.ttf
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/static/css/main.ec7b088c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7083c93170c7b949d1dd453f0c8692385215943d076a5dc6c49e5db1d73f28b9

Request headers

Referer
https://www.carrotcredit.com/static/css/main.ec7b088c.chunk.css
Origin
https://www.carrotcredit.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
br
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx00000aaa2bde49a398dc4-0066ca30e6-fa4b2540-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
W/"b381c2abd2972024a6a7e3d882208d9b"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
font/ttf
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
cf-ray
8b85b6ec9de88c44-FRA
Gilroy-Medium.c83281ae.ttf
www.carrotcredit.com/static/media/
140 KB
61 KB
Font
General
Full URL
https://www.carrotcredit.com/static/media/Gilroy-Medium.c83281ae.ttf
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/static/css/main.ec7b088c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b3c84352c6a0d8a3479b528b8d8336ddb1cef0da8b81dea0e41a930d56523fe

Request headers

Referer
https://www.carrotcredit.com/static/css/main.ec7b088c.chunk.css
Origin
https://www.carrotcredit.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
br
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx000007007ec7b704f495b-0066ca30e6-fa3a17fc-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
W/"c83281ae1ca703d0741a770ee7e7c091"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
font/ttf
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
cf-ray
8b85b6ec9deb8c44-FRA
Gilroy-Regular.31ff7c1a.ttf
www.carrotcredit.com/static/media/
142 KB
59 KB
Font
General
Full URL
https://www.carrotcredit.com/static/media/Gilroy-Regular.31ff7c1a.ttf
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/static/css/main.ec7b088c.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29d02f71307e5f9b4c1a0117d2716e810e411c3083daa7322d2caaf0536a0e87

Request headers

Referer
https://www.carrotcredit.com/static/css/main.ec7b088c.chunk.css
Origin
https://www.carrotcredit.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
br
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx0000060c20fc3c62b4480-0066c84cae-fa3a17fc-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
W/"31ff7c1a62a300dbbf9656b4ba14a0d5"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
font/ttf
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
cf-ray
8b85b6ec9dee8c44-FRA
bootstrap-icons.woff
cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/fonts/
104 KB
104 KB
Font
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/fonts/bootstrap-icons.woff?4601c71fb26c9277391ec80789bfde9c
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/bootstrap-icons.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
011ae1fe8e56c310d82ec3795cb8f86b9dea521dd0bc560a0ae0c2e87baedd4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.3.0/font/bootstrap-icons.css
Origin
https://www.carrotcredit.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 24 Aug 2024 19:23:02 GMT
x-content-type-options
nosniff
age
830466
x-jsd-version
1.3.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
106812
x-served-by
cache-fra-etou8220046-FRA
x-jsd-version-type
version
etag
W/"1a13c-GxDOCA4lYqi36DlQRNPKg9wRKZk"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/
288 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KTVFYXE1E8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXQ8TF2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4843f19a7719e11d0cf0beac3af5a57c1b87ea3b5010829bc1690ad82037f085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99782
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 24 Aug 2024 19:23:02 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MXQ8TF2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Aug 2024 19:15:05 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
477
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 24 Aug 2024 21:15:05 GMT
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/
223 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2570653.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-109.fra60.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 840e16b680c94fee8c48b15e01dda782.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
2177996
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
4SSp0RO-aRJ6zM5q2aqMlbThnQKPy_Sc8KQHbiS-NuswmHbJ5g38Cw==
c4332c486a0a1288113096725d5f61da
697d31d3-878e-400c-bd9d-96926e6917f8.widget.cluster.groovehq.com/api/shim/
167 KB
47 KB
Script
General
Full URL
https://697d31d3-878e-400c-bd9d-96926e6917f8.widget.cluster.groovehq.com/api/shim/c4332c486a0a1288113096725d5f61da
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ee00:0:8139:2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ff08723dee96b4440839f811c4493271f02c070ff4f0b2def57df0288226b1c0

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:02 GMT
content-encoding
gzip
via
1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-amz-cf-id
-Zdk2qu92iQvNLT4kImbcIbUFyxM5Orn_58Ni6OxNgCRtGzNFKNROg==
collect
www.google-analytics.com/j/
3 B
211 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1383519024&t=pageview&_s=1&dl=https%3A%2F%2Fwww.carrotcredit.com%2F&ul=de-de&de=UTF-8&dt=Carrot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=145419127&gjid=116255928&cid=790693067.1724527383&tid=UA-3070461-69&_gid=1698733953.1724527383&_r=1&_slc=1&gtm=45He48l0n81MXQ8TF2v860663117za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=406644799
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/static/js/2.77f9531a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Aug 2024 19:23:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.carrotcredit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
68 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1383519024&t=pageview&_s=1&dl=https%3A%2F%2Fwww.carrotcredit.com%2F&ul=de-de&de=UTF-8&dt=Carrot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=190718156&gjid=823867744&cid=790693067.1724527383&tid=UA-33781771-94&_gid=1698733953.1724527383&_r=1&_slc=1&gtm=45He48l0n81MXQ8TF2v860663117za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=694943865
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/static/js/2.77f9531a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Aug 2024 19:23:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.carrotcredit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KTVFYXE1E8&gtm=45je48l0v870323075z8860663117za200zb860663117&_p=1724527382284&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=790693067.1724527383&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724527382&sct=1&seg=0&dl=https%3A%2F%2Fwww.carrotcredit.com%2F&dt=Carrot&en=page_view&_fv=1&_ss=1&tfd=724
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/static/js/2.77f9531a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Aug 2024 19:23:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.carrotcredit.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
content.hotjar.io/
56 B
171 B
XHR
General
Full URL
https://content.hotjar.io/?site_id=2570653&gzip=1
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/static/js/2.77f9531a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.220.83.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-83-225.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
339f97dd34eec0c869dc3e4479d567a3e3663ef0404978b07eb9a86829289136

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Aug 2024 19:23:03 GMT
content-length
56
access-control-max-age
86400
content-type
application/json
landing
697d31d3-878e-400c-bd9d-96926e6917f8.widget.cluster.groovehq.com/ Frame 8BC4
0
0
Document
General
Full URL
https://697d31d3-878e-400c-bd9d-96926e6917f8.widget.cluster.groovehq.com/landing?preferLocal=false
Requested by
Host: 697d31d3-878e-400c-bd9d-96926e6917f8.widget.cluster.groovehq.com
URL: https://697d31d3-878e-400c-bd9d-96926e6917f8.widget.cluster.groovehq.com/api/shim/c4332c486a0a1288113096725d5f61da
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6a00:0:8139:2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Next.js
Resource Hash

Request headers

Referer
https://www.carrotcredit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 24 Aug 2024 19:23:03 GMT
etag
"168e-KJE/baGmNIIFeFe9n+QNikERZvg"
vary
Accept-Encoding
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
x-amz-cf-id
h3azFVq-6Vueepl_1csDd0Uuxu9-eNZSCsqynaaHOR7FU-h0yGX2SA==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
x-powered-by
Next.js
favicon-32x32.png
www.carrotcredit.com/
1 KB
1 KB
Other
General
Full URL
https://www.carrotcredit.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db70175ee5c7bc39202884f4b035c014a53f809a7c8deae58d759592ae50e7

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 19:23:03 GMT
cf-cache-status
HIT
x-do-app-origin
127fc4cf-e6a6-11ec-b1dc-0c42a19a82a7
x-amz-request-id
tx00000151faabbcf85e5a9-0066ca30e7-fa4b2540-fra1b
x-do-orig-status
200
x-envoy-upstream-healthchecked-cluster
age
560
content-length
1291
last-modified
Thu, 04 Jul 2024 06:13:52 GMT
server
cloudflare
etag
"960d32f0feb63336330fa30f0943c4dd"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
image/png
x-rgw-object-type
Normal
cache-control
public,max-age=10,s-maxage=86400
x-do-static-catchall-document
index.html
accept-ranges
bytes
cf-ray
8b85b6f1eca68c44-FRA
/
o605468.ingest.sentry.io/api/5923744/envelope/
41 B
339 B
Fetch
General
Full URL
https://o605468.ingest.sentry.io/api/5923744/envelope/?sentry_key=2e454b1e87a147faaa6578872e6271e3&sentry_version=7
Requested by
Host: www.carrotcredit.com
URL: https://www.carrotcredit.com/static/js/2.77f9531a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c8fe7473af1b33979dbdb67e7814865cd02f99e3a777d92d0858175ef9460b50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.carrotcredit.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 24 Aug 2024 19:23:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer function| hj object| _hjSettings object| groove number| uidEvent object| bootstrap object| webpackJsonpcarrot-web object| notification number| 2f1acc6c3a606b082e5eef5e54414ffb object| __SENTRY__ function| setImmediate function| clearImmediate object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| gaplugins object| gaGlobal object| gaData

9 Cookies

Domain/Path Name / Value
carrotcredit.com/ Name: crumb
Value: BeJRHUQDAYjxZDEwNzM2MWNhZDMzMWQ5MmNhYzA0ODc5ZGQ1YmY3
.www.carrotcredit.com/ Name: __cf_bm
Value: pmeGO.hi5pk6yD_3_.iqkKXycXzRF9uy2di._CuRmxM-1724527382-1.0.1.1-tqMujyMlwLyWapkK9BoHMWzsyT.HBr3LobHJCojVWWd6lKopjz4tE6SE5Z_jvI4Pq6joNTTcJ2zMW_IPjNYm7w
.carrotcredit.com/ Name: _gid
Value: GA1.2.1698733953.1724527383
.carrotcredit.com/ Name: _gat_UA-3070461-69
Value: 1
.carrotcredit.com/ Name: _gat_UA-33781771-94
Value: 1
.carrotcredit.com/ Name: _ga_KTVFYXE1E8
Value: GS1.1.1724527382.1.0.1724527382.0.0.0
.carrotcredit.com/ Name: _ga
Value: GA1.1.790693067.1724527383
.carrotcredit.com/ Name: _hjSessionUser_2570653
Value: eyJpZCI6Ijc2MTYwNjQwLWYxZGQtNWQzMC05ODgxLTk4ODJmZmY4MzVkZCIsImNyZWF0ZWQiOjE3MjQ1MjczODI4NzAsImV4aXN0aW5nIjp0cnVlfQ==
.carrotcredit.com/ Name: _hjSession_2570653
Value: eyJpZCI6IjE5YzE2MTY1LWUyZjgtNDYzZi1iNmQzLTRkYjk3MmE2NTBiZSIsImMiOjE3MjQ1MjczODI4NzAsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

697d31d3-878e-400c-bd9d-96926e6917f8.widget.cluster.groovehq.com
carrotcredit.com
cdn.jsdelivr.net
content.hotjar.io
fonts.googleapis.com
o605468.ingest.sentry.io
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
www.carrotcredit.com
www.google-analytics.com
www.googletagmanager.com
13.33.187.109
18.66.102.106
198.49.23.145
2001:4860:4802:34::36
2600:9000:21f3:6a00:0:8139:2c0:93a1
2600:9000:21f3:ee00:0:8139:2c0:93a1
2a00:1450:4001:81c::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2008
2a04:4e42:400::485
2a06:98c1:58::60
34.120.195.249
54.220.83.225
011ae1fe8e56c310d82ec3795cb8f86b9dea521dd0bc560a0ae0c2e87baedd4b
0ef483147644133d9b9d4d053df0490ad4095ce96a091f31ca76ef43d31d9331
19db70175ee5c7bc39202884f4b035c014a53f809a7c8deae58d759592ae50e7
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
27c335e1d6ed5509c83c9441cb8a15a4e81a9433922484641d391339fccd493d
27def28aeff06efe2fbe3cc01ec9a9054ad1b8eba297d09497a97b98829502db
29d02f71307e5f9b4c1a0117d2716e810e411c3083daa7322d2caaf0536a0e87
3148213d0e0a74853dac093a720fc8152f8d57275877397a22996aee1a138420
32cc4a47b370e278072a6440249872e681efa1d992600420c03a9631da885d70
339f97dd34eec0c869dc3e4479d567a3e3663ef0404978b07eb9a86829289136
3d63f4b754bd36da1a661930ee8415329d5fc1c0fec51b2c0d31a08df6d7bb28
431119fa586a8c23cf0eb431f4bd047c4eabb2733501a0b837b506ea7bf272f7
4843f19a7719e11d0cf0beac3af5a57c1b87ea3b5010829bc1690ad82037f085
49bb82002d6f0c4beea05f34e73fb3934ad10d6ba2577a857c530cddd0df48d2
4c3b0d8455c9d0661a4851540833cef0ca1c543e641d34106cb6f04c0be18b6d
5015a4ee49c67999a3a775a21e6a834797ce465efd94ce9f82743a9a2107e458
5c4b9556b60bef6fe706b77575a91964f8a2e8e613a49facedcf22eac53420d5
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
7083c93170c7b949d1dd453f0c8692385215943d076a5dc6c49e5db1d73f28b9
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
774905bad0607cfdb5c2c75fa89f678619ee87b87bc4a93e7d37abff4c580d88
78b5cea9135f99b664b545c63193c46110ce0295e77a577f0287857681fe5214
7b3c84352c6a0d8a3479b528b8d8336ddb1cef0da8b81dea0e41a930d56523fe
85726d780aa198b8a092986dec8b29e14bc0d986cd6802e7b3fdccf0d8d4fb24
8b05919b8913a2ebc62749036f0d34fdfa6846a85395be9e6b017048a4c6ac04
8b4f5562de072aa2884798b9fdb2329ad4122d972a1bf2f58fe645b9623b0590
af349eecb0a33695f2d8a69dd9013f38bae0ed823ec5e38fb9b4d2c5247620c4
b2c073e2f970ae50afcdc2aed17d4f8e7697674fbeb36a3fd7288be695cef167
b75b842ecc35122be0db8634fafcd603060640e8364d33eec9c1308c87815e7c
baab0d02689e004ab959573cda33672c5d3bc6b3520ab126e3408cdd320bd28c
bb5135dc8ea99fa55d6fff4516dfd035a74a2d616518656ba6c4b7e0cf3b119d
bd8013c17310b6cefb74c280c79afdbc31d9fde37d5213e252412b714ccd283e
c14a7794206c3463793c2e80b49286207fc0460bab1f43d88a29c889302746eb
c340f0a5773bd44c4a5fe8cb914117974a354fa033ee40e96f2024a816e59198
c8fe7473af1b33979dbdb67e7814865cd02f99e3a777d92d0858175ef9460b50
dbad107b46ed0f1952211624576d6f8bb1866fd63226b54a4c246e8e4ac35e85
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
ee8b26b78c00a4f3c0e47dff92d13ac0f2e68e300d2267c5318af7567383b361
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
ff08723dee96b4440839f811c4493271f02c070ff4f0b2def57df0288226b1c0