urlscan.io logo urlscan.io
SecurityTrails logo

app.sharesies.com Open in urlscan Pro
2606:4700::6812:1a55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sharesies.page.link/sharesieslogin?lid%3dcen1me4z3dns
Effective URL: https://app.sharesies.com/login
Submission: On May 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 17 domains to perform 45 HTTP transactions. The main IP is 2606:4700::6812:1a55, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.sharesies.com.
TLS certificate: Issued by E1 on April 4th 2024. Valid for: 3 months.
This is the only time app.sharesies.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
sharesies.page.link
15    2606:4700::6812:1a55 (United States)

ASN13335 (CLOUDFLARENET, US)
app.sharesies.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    151.101.64.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2606:4700::6812:1b55 (United States)

ASN13335 (CLOUDFLARENET, US)
rs.sharesies.com
2    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2606:4700:4400::6812:25a1 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk.iad-05.braze.com
1    151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.growthbook.io
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.192.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
1    54.230.228.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-128.muc50.r.cloudfront.net
widget.intercom.io
2    18.239.94.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-10.ams1.r.cloudfront.net
js.intercomcdn.com
2    54.82.167.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-167-135.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
17 sharesies.com
app.sharesies.com
rs.sharesies.com
2 MB
4 braze.com
sdk.iad-05.braze.com — Cisco Umbrella Rank: 2594
1 KB
3 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1597
api-iam.intercom.io — Cisco Umbrella Rank: 2092
8 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
79 KB
3 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1088
149 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2114
291 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
300 B
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1160
13 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
255 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
102 KB
1 growthbook.io
cdn.growthbook.io — Cisco Umbrella Rank: 8812
1 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 804
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
775 B
1 page.link
sharesies.page.link
1 KB
0 google.de Failed
www.google.de Failed
0 reddit.com Failed
pixel-config.reddit.com Failed
0 uriports.com Failed
157qg4dy.uriports.com Failed
45 17
Domain Requested by
15 app.sharesies.com app.sharesies.com
4 sdk.iad-05.braze.com app.sharesies.com
3 connect.facebook.net app.sharesies.com
connect.facebook.net
3 js.stripe.com app.sharesies.com
js.stripe.com
2 api-iam.intercom.io js.intercomcdn.com
2 js.intercomcdn.com widget.intercom.io
2 region1.analytics.google.com www.googletagmanager.com
2 www.redditstatic.com app.sharesies.com
2 rs.sharesies.com app.sharesies.com
1 widget.intercom.io app.sharesies.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com app.sharesies.com
1 cdn.growthbook.io app.sharesies.com
1 static.cloudflareinsights.com app.sharesies.com
1 fonts.googleapis.com app.sharesies.com
1 sharesies.page.link 1 redirects
0 www.google.de Failed app.sharesies.com
0 pixel-config.reddit.com Failed app.sharesies.com
0 157qg4dy.uriports.com Failed app.sharesies.com
45 19

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
Subject Issuer Validity Valid
sharesies.com
E1		 2024-04-04 -
2024-07-03		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-05-22 -
2024-08-22		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-08 -
2024-06-06		 3 months crt.sh
sdk.iad-05.braze.com
E1		 2024-04-19 -
2024-07-18		 3 months crt.sh
cdn.growthbook.io
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh

This page contains 3 frames:

Primary Page: https://app.sharesies.com/login
Frame ID: DF8D1289361BC34B8F89DA46FABB135D
Requests: 37 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 542EC69B3BBCC0543F08EA4E3F855FCB
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.6777d03b.js
Frame ID: B2C34640C5DC3764682B2C73E1ABD1ED
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in - Sharesies

Page URL History Show full URLs

  1. http://sharesies.page.link/sharesieslogin?lid%3dcen1me4z3dns HTTP 307
    https://sharesies.page.link/sharesieslogin?lid%3dcen1me4z3dns HTTP 302
    https://app.sharesies.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

45
Requests

91 %
HTTPS

61 %
IPv6

17
Domains

19
Subdomains

18
IPs

3
Countries

2430 kB
Transfer

8829 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sharesies.page.link/sharesieslogin?lid%3dcen1me4z3dns HTTP 307
    https://sharesies.page.link/sharesieslogin?lid%3dcen1me4z3dns HTTP 302
    https://app.sharesies.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
app.sharesies.com/
Redirect Chain
  • http://sharesies.page.link/sharesieslogin?lid%3dcen1me4z3dns
  • https://sharesies.page.link/sharesieslogin?lid%3dcen1me4z3dns
  • https://app.sharesies.com/login
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f163f079098b437c60e5d4e11b2b02bda7f66de09fd2bfe1aa096fb4443b0e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache
cf-cache-status
DYNAMIC
cf-ray
88b972e32f4ebbdf-FRA
content-encoding
gzip
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
content-type
text/html; charset=utf-8
date
Wed, 29 May 2024 21:06:33 GMT
last-modified
Wed, 29 May 2024 03:49:27 GMT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
server
cloudflare
vary
Accept-Encoding
x-amz-id-2
ojjQ1Je5hpbCkFkEuz3VFYRZ0o/fm/5hFW+ZCJPG5SVyqPuZZzGryRn1p4zsV3s446BS1CkJ3gA=
x-amz-request-id
QA30MJ49DZPX6RCD
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
x-frame-options
deny
x-sharesies-router
cf
x-xss-protection
1; mode=block

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-security-policy
script-src 'report-sample' 'nonce-IyoLLY4T6mL01vt1WIu_JQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
content-type
application/binary
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Wed, 29 May 2024 21:06:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://app.sharesies.com/login
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 May 2024 21:06:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 May 2024 21:06:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 May 2024 21:06:34 GMT
/
js.stripe.com/v3/ 		605 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
af8da527afb426e5d836a0eb566ac98c6a27dab052575a305394d3dc7979300f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 29 May 2024 21:06:33 GMT
via
1.1 varnish
age
20
x-cache
HIT
content-length
151359
x-request-id
6e50bd17-20e3-4e3c-9749-1092b1717539
x-served-by
cache-fra-etou8220144-FRA
last-modified
Wed, 29 May 2024 20:47:48 GMT
server
Fastly
etag
"090e4541d7e7b81ac35bf55de3e855bb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6
vendors~app-8e5866fb1c02096bce6e.css
app.sharesies.com/s/css/ 		76 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/css/vendors~app-8e5866fb1c02096bce6e.css
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be87a211477f4bd52231081fba13a93de41cf8c580cb4904e94ce3938d3d752e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sharesies-router
cf
date
Wed, 29 May 2024 21:06:33 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
66503
x-amz-request-id
X0X5YPDD54NDW45C
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
PblEVgzIDQ7dUZEc87Dy2/oQgBfcY87tTkB95VYVuqUzIuxqUk2k0eTvBZib8c10saEDNt87lpJgIW0ln3EWlA==
x-xss-protection
1; mode=block
last-modified
Wed, 29 May 2024 02:31:21 GMT
server
cloudflare
etag
W/"a2ba2ce82285e8e443460534d653778c"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/css; charset=utf-8
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
88b972f0bb0cbbdf-FRA
app-f96ab1a2528687057928.css
app.sharesies.com/s/css/ 		470 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/css/app-f96ab1a2528687057928.css
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7227b2afe4c6063592a65d0abe722f4aa7db46dd846f7e6bb7f80ed380e3cd56
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sharesies-router
cf
date
Wed, 29 May 2024 21:06:33 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
59559
x-amz-request-id
RN87707KY2JX2RCC
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
Yp3EBSRAy7G9Xq5S49rBMSb+5JrqB0M8HftIdCmS8NGPaglnn0wzB+G7TXBSkCQ1D4HsQnLO5DA=
x-xss-protection
1; mode=block
last-modified
Wed, 29 May 2024 03:49:23 GMT
server
cloudflare
etag
W/"975c65832b6f4a68d1ceac730af8ae0d"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/css; charset=utf-8
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
88b972f0bb0fbbdf-FRA
vendors~app~error-6bd86cf9cc8135ee86e9.js
app.sharesies.com/s/js/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/js/vendors~app~error-6bd86cf9cc8135ee86e9.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceec390a70a4b10ecd14f47786458bd96705822a4ed94c3e466265f505c79db3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sharesies-router
cf
date
Wed, 29 May 2024 21:06:33 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
69891
x-amz-request-id
T36PN6RTTZVQQTHT
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
BgVQZC1B9hbOCJIL8RYHCqJP1hPzo3wmvaM6obT2StSHAzq9ooexDWiCIHA9rtr9vC1TT3FfGTM=
x-xss-protection
1; mode=block
last-modified
Wed, 29 May 2024 01:39:08 GMT
server
cloudflare
etag
W/"b95ec97b698e18730afecc571bd1a112"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
88b972f0bb10bbdf-FRA
error-546a89bdbbb62074ce58.js
app.sharesies.com/s/js/ 		9 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/js/error-546a89bdbbb62074ce58.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9abd6583215c752e63a3eb0da224c0b8f54d18fa10ead90df4d6bafc4836bffc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sharesies-router
cf
date
Wed, 29 May 2024 21:06:33 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
62125
x-amz-request-id
1NF3M63PY346VPCW
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
Lav3hLCcI2JcOVTVuJmC6UghV1GHFcEkBPRTIyvn8Ln6dCon6avqm9cDqrr56izL7Pm/uajnNTA=
x-xss-protection
1; mode=block
last-modified
Wed, 29 May 2024 03:49:24 GMT
server
cloudflare
etag
W/"34b6ed9a9771b94f27be5a878923cbb7"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
88b972f0bb11bbdf-FRA
vendors~app-8e5866fb1c02096bce6e.js
app.sharesies.com/s/js/ 		3 MB
789 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/js/vendors~app-8e5866fb1c02096bce6e.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3798ead533dbf5c502ddb1f7c69952c82f6b75ea0049cb86d016f59073692e9a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sharesies-router
cf
date
Wed, 29 May 2024 21:06:33 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
66502
x-amz-request-id
X0X6Y7Q1FMVSRWSG
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
ZdNp/Ib7AIY67v4YDow57xB2gevKknAnhr5Gv22nEgO7Qa29M6NO15YiA6CUk87PHadjQNwDOfI=
x-xss-protection
1; mode=block
last-modified
Wed, 29 May 2024 02:31:23 GMT
server
cloudflare
etag
W/"c00d9eca7fec702ada78f483391ee3ae"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
88b972f0bb13bbdf-FRA
app-f96ab1a2528687057928.js
app.sharesies.com/s/js/ 		3 MB
725 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/js/app-f96ab1a2528687057928.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400467db8f376866fb10f4dc4f2bcdfc9c68ac5749414ffc1bc01de33538e433
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sharesies-router
cf
date
Wed, 29 May 2024 21:06:33 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
62124
x-amz-request-id
7K57JNQ0WA069C5E
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
0VSB3d/y5komxdc+hOeh7p7IZPvx/6dFXxRMlkgIR2QMJYS3EXI9vmhIAu7h1pioaaDaAS2S49k=
x-xss-protection
1; mode=block
last-modified
Wed, 29 May 2024 03:49:24 GMT
server
cloudflare
etag
W/"1490e3ff3259b5e20b2ac7b8da063bfe"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
88b972f0bb15bbdf-FRA
fallback-f87aa6e56b9b28a793d7.js
app.sharesies.com/s/js/ 		2 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/js/fallback-f87aa6e56b9b28a793d7.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0b477209c4dbaf0dc3ba32f31355ee38e14490866e1339f6147a473cf697173
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sharesies-router
cf
date
Wed, 29 May 2024 21:06:33 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
69891
x-amz-request-id
T36TZCFQ147BBECC
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
1OvAcoYCQ4Wp0iW3mtZ+RT75UJakX9xzpRHWFuLbLKVploREQ+kmUSVBjY3ApOMCVKz0AnDdeOU=
x-xss-protection
1; mode=block
last-modified
Wed, 29 May 2024 01:39:08 GMT
server
cloudflare
etag
W/"c031764540a318c127b251b3c77518fd"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
88b972f0bb18bbdf-FRA
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Origin
https://app.sharesies.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:06:34 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 19:01:13 GMT
server
cloudflare
etag
W/"2024.5.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88b972f25d7d4d55-FRA
.deploy_status_henson.json
js.stripe.com/v3/ 		474 B
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d9ea0b87c969c7a0c5948c19568bc80c07adfcf65989a9e6a5e757be0ce8a504
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
application/json
Referer
https://app.sharesies.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:06:34 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
4
x-cache
HIT
content-length
279
x-request-id
ac947309-9aa7-4e55-96ab-0275ecd0af76
x-served-by
cache-fra-etou8220134-FRA
last-modified
Wed, 29 May 2024 20:47:49 GMT
server
Fastly
etag
"f2a65e5e87fa5678432cb62081351557"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
6
/
rs.sharesies.com/sourceConfig/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rs.sharesies.com/sourceConfig/?p=npm&v=2.42.4&writeKey=26RJB2tgq04F90dDrn4cqDgKHn5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://app.sharesies.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-ray
88b972f58ef1912b-FRA
content-length
0
date
Wed, 29 May 2024 21:06:34 GMT
server
cloudflare
vary
Accept-Encoding
/
rs.sharesies.com/sourceConfig/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.sharesies.com/sourceConfig/?p=npm&v=2.42.4&writeKey=26RJB2tgq04F90dDrn4cqDgKHn5
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-8e5866fb1c02096bce6e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34ab6af87a7d7bc52d8f2f061954bcb410fdf054281e23ce00b807ed73b2a041
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
Basic MjZSSkIydGdxMDRGOTBkRHJuNGNxRGdLSG41Og==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:06:34 GMT
content-encoding
gzip
via
1.1 9500c58b11c15528d15f2ca9add5bc00.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
age
230
x-amz-cf-pop
AMS1-P1
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
cb5c3090-1dfe-11ef-b7a6-6b55fd32f3c1
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding,Origin, Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
cf-ray
88b972f5bf4e912b-FRA
x-amz-cf-id
hyotFRWtqmNWhRvi3TvEoQofxovKMgbh_lLQSVqvRIQ8JnwsNoL5pA==
10-d7c6bd4d36057b746b64.js
app.sharesies.com/s/js/ 		8 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/js/10-d7c6bd4d36057b746b64.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/app-f96ab1a2528687057928.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0da1d01349d1c7ecbc792b4c99ee48c668416a19715e63fae159a62906acb02
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sharesies-router
cf
date
Wed, 29 May 2024 21:06:34 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
69875
x-amz-request-id
X8ZHMT93KC3E6KPR
x-amz-server-side-encryption
AES256
content-encoding
gzip
x-amz-id-2
3YU9G3zDkzGHd8Pv7IB9MMGuLFo7/iB8BpmFi8gX6Ca7RC421HjAnlTfpAVpsrsYLhg+Cedr9PU=
x-xss-protection
1; mode=block
last-modified
Wed, 29 May 2024 01:39:08 GMT
server
cloudflare
etag
W/"e0d2f81cddd6c5533061f643ecb1fbe4"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
text/javascript
x-frame-options
deny
cache-control
public, max-age=315360000
cf-ray
88b972f56993bbdf-FRA
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-8e5866fb1c02096bce6e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:06:34 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Wed, 22 May 2024 17:01:28 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"16b7761205515ddc0668c12c434e8f00"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12104
check
app.sharesies.com/api/identity/ 		52 B
351 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/api/identity/check?initialisation_check=true
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/app-f96ab1a2528687057928.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
224aab1317bb73221bfa4d8e714c3a3d54d6b33b66d0623cf665ad4d031daf05
Security Headers
Name Value
Content-Security-Policy default-src 'none'; object-src 'self'; style-src 'unsafe-inline'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-version
26725
x-api-version
33
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
x-known-device-key
1c01de9c-b777-45fb-a878-b674fb52d632
x-git-hash
3e638967f19da851710b02e9aa03dc55434f6416
Referer
https://app.sharesies.com/login
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 29 May 2024 21:06:35 GMT
content-security-policy
default-src 'none'; object-src 'self'; style-src 'unsafe-inline'
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
server
cloudflare
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/json
cache-control
private, no-cache, no-store, must-revalidate
cf-ray
88b972f63b07bbdf-FRA
x-xss-protection
1; mode=block
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-8e5866fb1c02096bce6e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 29 May 2024 21:06:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
nFbU5AveymPyBcgQWVY0iUPqHQOgVC68IgySG11eXZ0VoinmNQxDVQ4eqToFnA9aS0QVnpBJtpm/UtFaBtbrIA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
sdk.iad-05.braze.com/api/v3/data/ 		1 KB
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-6bd86cf9cc8135ee86e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693d914d2c8c3a8a7871b0f2cf26999f0fbf690f74ffa0bf64a9f69249a0f509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Braze-Api-Key
dec3b92c-8d79-432b-9ff2-d2743d0b8014
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/json
Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://app.sharesies.com/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:06:35 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
a4ceff15-7d58-4e5b-8890-fc7ee9239663
x-runtime
0.804633
server
cloudflare
etag
W/"693d914d2c8c3a8a7871b0f2cf26999f"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1717016796
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
88b972f84b5f9bca-FRA
x-ratelimit-remaining
488.0
key_prod_6ace3c178a54a8a3
cdn.growthbook.io/api/features/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.growthbook.io/api/features/key_prod_6ace3c178a54a8a3
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-6bd86cf9cc8135ee86e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
1b401e33533ffc1aa4a6c34c57b8e0cff23730617f6389ecad4e90472a5b8b5a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:06:34 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1275
x-powered-by
Express
x-cache
HIT, HIT
content-length
808
x-served-by
cache-iad-kiad7000071-IAD, cache-fra-etou8220150-FRA
x-timer
S1717016795.696901,VS0,VE1
etag
W/"865-UztWceddt4aawyB6NUGjHupkJhg"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
accept-ranges
bytes
x-cache-hits
133036, 0
js
www.googletagmanager.com/gtag/ 		310 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TT1S4W5EWQ
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-8e5866fb1c02096bce6e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5531915ec1e3eb83b5581f1405f81af37daf5b0997bd585e7a7984011521dc25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:06:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104475
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 May 2024 21:06:34 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 542E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://app.sharesies.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2297201
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 29 May 2024 21:06:34 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
590001
x-content-type-options
nosniff
x-request-id
d9fdae91-486b-4965-afb5-f7b9239d68b2
x-served-by
cache-fra-etou8220136-FRA
/
sdk.iad-05.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://app.sharesies.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
88b972f6c9729bca-FRA
content-encoding
gzip
date
Wed, 29 May 2024 21:06:34 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
enforce
157qg4dy.uriports.com/reports/ 		0
0
config
pixel-config.reddit.com/pixels/t2_37csa6l/ 		0
0
t2_37csa6l_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_37csa6l_telemetry
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-6bd86cf9cc8135ee86e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:06:34 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
98
1442682735793758
connect.facebook.net/signals/config/ 		65 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1442682735793758?v=2.9.156&r=stable&domain=app.sharesies.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d89e495659ce6720c9aa28950cd44ed07b120ac2a114cff5a4f61d3a0a823f1
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 29 May 2024 21:06:34 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=64, mss=1294, tbw=63379, tp=-1, tpl=-1, uplat=71, ullat=0
pragma
public
x-fb-debug
rX602DXJ7FcvWuF7awd4qr6DfkqW24CR54q2jPqHSZ0Hnm+qvT5kIiMycJN9U6HVvE9j/6Fi9EysK0xasFFpNg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TT1S4W5EWQ&gtm=45je45m0v887819618za200&_p=1717016794802&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=230249816.1717016795&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1717016794&sct=1&seg=0&dl=https%3A%2F%2Fapp.sharesies.com%2Flogin&dt=Sharesies&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.debug_mode=false&tfd=3830
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TT1S4W5EWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 29 May 2024 21:06:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.sharesies.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TT1S4W5EWQ&cid=230249816.1717016795&gtm=45je45m0v887819618za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TT1S4W5EWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 29 May 2024 21:06:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.sharesies.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
enforce
157qg4dy.uriports.com/reports/ 		0
0
ga-audiences
www.google.de/ads/ 		0
0
2484139198546837
connect.facebook.net/signals/config/ 		33 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2484139198546837?v=2.9.156&r=stable&domain=app.sharesies.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C124%2C150%2C179%2C181%2C113%2C135%2C139%2C119%2C174%2C216%2C106%2C180%2C117%2C136%2C159%2C146%2C109%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
ad3755a3d5c308a436540801c6bc7c8da6ed614c5d6d9df8e376be0c4b893a87
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 29 May 2024 21:06:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=23, mss=1232, tbw=4332, tp=9, tpl=0, uplat=140, ullat=0
pragma
public
x-fb-debug
DFHSAluJ2R4Edba9rvSz2BMzNuju1lHMd40SyQ+3U5i7OpBi3VYbi3Cwm6RV1O7S0lwPCTlbo4aT8wxEYRDD+Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
n1goyeo2
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/n1goyeo2
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app-8e5866fb1c02096bce6e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-128.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2bf44b4265f1db73f88a5ce787e28681e07883c547d3793c47ad7c46bb41bbd2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
GtiBuT9ut46WTuu0r7fsJ477PF95qE47
content-encoding
gzip
via
1.1 89855bc668c2d62d2715c482773d5732.cloudfront.net (CloudFront)
date
Wed, 29 May 2024 21:05:32 GMT
x-amz-cf-pop
MUC50-P5
age
121
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2668
last-modified
Wed, 29 May 2024 17:07:25 GMT
server
AmazonS3
etag
"924b5335767c1c0103c7e66dec4d4de1"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
Tb9j-f3euu7Te5mx5-kPwHpKfEBgRAUv5tADSXSaf1qlBC2LCg-GXQ==
rum
app.sharesies.com/cdn-cgi/ 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/cdn-cgi/rum?
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-6bd86cf9cc8135ee86e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://app.sharesies.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Wed, 29 May 2024 21:06:35 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://app.sharesies.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
88b972f97f93bbdf-FRA
pineapple-favicon-03ecb20de8c0f41ab0c1b3c9234be544.png
app.sharesies.com/s/i/ 		4 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/i/pineapple-favicon-03ecb20de8c0f41ab0c1b3c9234be544.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc72f0cd10b1c11c5f9ca55c27166bcc02411112afc2a07c5a04d633bcf21d90
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sharesies-router
cf
date
Wed, 29 May 2024 21:06:35 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
556195
x-amz-request-id
KA15QABRWGDPXECZ
x-amz-server-side-encryption
AES256
content-length
3744
x-amz-id-2
h4I+lxCXdHxDMYtxnNtuxcAhuCPrbyaeZstIpAas0HY3Qb7qtjjE/OBxLAJnwn0B/1ImNfgPftM=
x-xss-protection
1; mode=block
last-modified
Tue, 26 Mar 2024 04:03:47 GMT
server
cloudflare
etag
"03ecb20de8c0f41ab0c1b3c9234be544"
vary
Accept-Encoding
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
content-type
image/png
x-frame-options
deny
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
88b972f98fb4bbdf-FRA
frame-modern.6777d03b.js
js.intercomcdn.com/ Frame B2C3 		460 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.6777d03b.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/n1goyeo2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-10.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d74f5bd49bd07d18ad2a2fd102a9acf68dd4e0465a9343397a10d56b1a3baa27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uf81hVv.yJkowAAnc.h2nkX3vxnLA5L1
content-encoding
gzip
via
1.1 92cfe9224b3a51aff944c5d8ac7bf798.cloudfront.net (CloudFront)
date
Wed, 29 May 2024 19:07:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
AMS1-P3
age
7148
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
140885
last-modified
Wed, 29 May 2024 17:03:39 GMT
server
AmazonS3
etag
"9f36e11aa1d7b80b3faa5654f541b74f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
SOr-M_wcfmG2ubYZkAAzg48W3wPRRfc1Wv3aoqw3U8Qg8zF-EPnLtg==
vendor-modern.1a13b382.js
js.intercomcdn.com/ Frame B2C3 		492 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.1a13b382.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/n1goyeo2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-10.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0994a3d3661344684acec971fc82154a4605c4b2bbd4a95a6c065140dff7811f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
hGPpB_SKzv526rRn19m7yWkZz0GOvn32
content-encoding
gzip
via
1.1 92cfe9224b3a51aff944c5d8ac7bf798.cloudfront.net (CloudFront)
date
Wed, 29 May 2024 20:37:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
AMS1-P3
age
1765
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
155543
last-modified
Wed, 29 May 2024 12:33:53 GMT
server
AmazonS3
etag
"82b135e7f918556124285c160cf4be1e"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
Mfwz9-wDcde8EF0O7ZKy2nhZvVQIRaH2rc3LFN9twdkMO4YBhGfq0w==
ping
api-iam.intercom.io/messenger/web/ Frame B2C3 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6777d03b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.82.167.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-167-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
09b1579949a294a022b78649b5c704a46b88dbe6f5989b36e8c50e7d15bca6f0
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 May 2024 21:06:36 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-09a36a6c62f211f17
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0003vmg4qbllbmgka59g
x-runtime
0.262095
server
nginx
etag
W/"09b1579949a294a022b78649b5c704a4"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.sharesies.com
x-intercom-version
10cb900f4a7c58a1b92af40f43bc40cc473cbfaa
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
sync
sdk.iad-05.braze.com/api/v3/content_cards/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://app.sharesies.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
braze-sync-retry-count,content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
cf-cache-status
DYNAMIC
cf-ray
88b972feab549bca-FRA
content-encoding
gzip
date
Wed, 29 May 2024 21:06:36 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
sync
sdk.iad-05.braze.com/api/v3/content_cards/ 		85 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-05.braze.com/api/v3/content_cards/sync
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/js/vendors~app~error-6bd86cf9cc8135ee86e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:25a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca1303c155c4da02e6b9c8da119a73c047a6d6189001e93621fb2c12df09a274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Braze-Api-Key
dec3b92c-8d79-432b-9ff2-d2743d0b8014
X-Braze-DataRequest
true
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/json
BRAZE-SYNC-RETRY-COUNT
0
Referer
https://app.sharesies.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Braze-ContentCardsRequest
true
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 29 May 2024 21:06:36 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000; includeSubDomains
x-request-id
b7200902-391d-45cd-9d41-d507cb48d0c0
x-runtime
0.077962
server
cloudflare
etag
W/"ca1303c155c4da02e6b9c8da119a73c0"
vary
Origin,Accept-Encoding
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
x-ratelimit-reset
1717016799
access-control-max-age
7200
x-ratelimit-limit
500.0
cf-ray
88b973001d4e9bca-FRA
x-ratelimit-remaining
489.0
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TT1S4W5EWQ&gtm=45je45m0v887819618za200&_p=1717016794802&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=230249816.1717016795&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1717016794&sct=1&seg=0&dl=https%3A%2F%2Fapp.sharesies.com%2Flogin&dt=Sharesies&en=scroll&ep.debug_mode=false&epn.percent_scrolled=90&_et=14&tfd=4969
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TT1S4W5EWQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 29 May 2024 21:06:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.sharesies.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CentraNo2-Book-93f91169dbfffe3de8dba837c8c7b438.woff2
app.sharesies.com/s/i/ 		42 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/i/CentraNo2-Book-93f91169dbfffe3de8dba837c8c7b438.woff2
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/css/app-f96ab1a2528687057928.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ce35451f5bbfac933451f8cd59327226244407438768e442708455d94f8842
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/s/css/app-f96ab1a2528687057928.css
Origin
https://app.sharesies.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sharesies-router
cf
date
Wed, 29 May 2024 21:06:36 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
229578
x-amz-request-id
ENNHY2EGNWAXCK7F
x-amz-server-side-encryption
AES256
content-length
43353
x-amz-id-2
PA9+4uIIJ9duuHa452Lzq6Qykgpp3gBgRiWp7b8Xmh/6xKPnKidNrImR+uzlT3aEa5ovZn/rYYw=
x-xss-protection
1; mode=block
last-modified
Mon, 27 May 2024 04:33:50 GMT
server
cloudflare
etag
"93f91169dbfffe3de8dba837c8c7b438"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
font/woff2
access-control-allow-origin
https://app.sharesies.com
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
access-control-max-age
0
accept-ranges
bytes
cf-ray
88b972ff2860bbdf-FRA
x-frame-options
deny
CentraNo2-Medium-366c42832d3249a7110734304ef38236.woff2
app.sharesies.com/s/i/ 		29 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/i/CentraNo2-Medium-366c42832d3249a7110734304ef38236.woff2
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/css/app-f96ab1a2528687057928.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd60d2c48138652ffefd476b2cb07725960d848d32843914c5b3165190e210e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/s/css/app-f96ab1a2528687057928.css
Origin
https://app.sharesies.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sharesies-router
cf
date
Wed, 29 May 2024 21:06:36 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
614178
x-amz-request-id
BZ32XS7WDR5W5CM4
x-amz-server-side-encryption
AES256
content-length
29229
x-amz-id-2
nRJKXV/hLUCyKOPOIV0cHu21wmPwVPcX/lZAbWvyOZZml0PydODCkYbF1sVAYj/86bHKL7gcb54=
x-xss-protection
1; mode=block
last-modified
Mon, 25 Mar 2024 00:17:16 GMT
server
cloudflare
etag
"366c42832d3249a7110734304ef38236"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
font/woff2
access-control-allow-origin
https://app.sharesies.com
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
access-control-max-age
0
accept-ranges
bytes
cf-ray
88b972ff2862bbdf-FRA
x-frame-options
deny
CentraNo2-Extrabold-065b5f69173fd76b95217fc75b0c6199.woff2
app.sharesies.com/s/i/ 		27 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.sharesies.com/s/i/CentraNo2-Extrabold-065b5f69173fd76b95217fc75b0c6199.woff2
Requested by
Host: app.sharesies.com
URL: https://app.sharesies.com/s/css/app-f96ab1a2528687057928.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de485701a5c8a43ab24ef7c58cd7ec15068d1cc35b1b3fe2ebfd8804b7612278
Security Headers
Name Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://app.sharesies.com/s/css/app-f96ab1a2528687057928.css
Origin
https://app.sharesies.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-sharesies-router
cf
date
Wed, 29 May 2024 21:06:36 GMT
content-security-policy
default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"default","max_age":604800,"include_subdomains":true,"failure_fraction":0.1}
age
488264
x-amz-request-id
KT743AD38XSHKX2S
x-amz-server-side-encryption
AES256
content-length
27937
x-amz-id-2
3cqCCABQkrqgqZKcGESSqdzfZzVSLxf5EMPhGYCFl72OWFCbw2qRBWBOTco6TMuc1Y37kdFMUH8=
x-xss-protection
1; mode=block
last-modified
Wed, 13 Mar 2024 03:24:02 GMT
server
cloudflare
etag
"065b5f69173fd76b95217fc75b0c6199"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD
content-type
font/woff2
access-control-allow-origin
https://app.sharesies.com
report-to
{"group":"default","max_age":604800,"endpoints":[{"url":"https://157qg4dy.uriports.com/reports"}],"include_subdomains":true}
cache-control
public, max-age=315360000
access-control-allow-credentials
true
access-control-max-age
0
accept-ranges
bytes
cf-ray
88b972ff2866bbdf-FRA
x-frame-options
deny
ping
api-iam.intercom.io/messenger/web/ Frame B2C3 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6777d03b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.82.167.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-167-135.compute-1.amazonaws.com
Software
nginx /
Resource Hash
25d7339ac42956c07367c0e0548e7de5d354d1e49ae8f8f89cc64de49bd3abcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 May 2024 21:06:36 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-09a36a6c62f211f17
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0003svtok3830b7mvel0
x-runtime
0.277929
server
nginx
etag
W/"25d7339ac42956c07367c0e0548e7de5"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.sharesies.com
x-intercom-version
10cb900f4a7c58a1b92af40f43bc40cc473cbfaa
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
157qg4dy.uriports.com
URL
https://157qg4dy.uriports.com/reports/enforce
Domain
pixel-config.reddit.com
URL
https://pixel-config.reddit.com/pixels/t2_37csa6l/config
Domain
157qg4dy.uriports.com
URL
https://157qg4dy.uriports.com/reports/enforce
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TT1S4W5EWQ&cid=230249816.1717016795&gtm=45je45m0v887819618za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1578118154

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunkStripeJSouter function| noop function| Stripe object| webpackJsonpSharesies number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad function| setImmediate function| clearImmediate object| regeneratorRuntime function| rdt object| nativeAppControls object| platform function| fbq function| _fbq function| _rollbarURH object| sharesiesRollbar function| Intercom object| intercomSettings object| __cfBeacon function| redditNormalizeEmail object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| __ga4React__ object| gaGlobal function| __intercomAssignLocation function| __intercomReloadLocation

16 Cookies

Domain/Path Name / Value
.sharesies.com/ Name: rl_anonymous_id
Value: RudderEncrypt%3AU2FsdGVkX18wopVTUKSmtJzX%2B0bbtyN3jgi02Fy3Mr8TYrOFAl6h%2Fkm4vzGoZiUjT0Vv%2BzgtkIhgCBTvVF%2B9uA%3D%3D
.sharesies.com/ Name: rl_page_init_referrer
Value: RudderEncrypt%3AU2FsdGVkX1%2F56lXkNVRJOFcsMM2xk5%2FjdMBf%2FstVcAE%3D
.sharesies.com/ Name: rl_page_init_referring_domain
Value: RudderEncrypt%3AU2FsdGVkX19EBhQ49VZ3gk5uqKgPrwRsrT%2Fgi0QVJjE%3D
.sharesies.com/ Name: ab.storage.sessionId.dec3b92c-8d79-432b-9ff2-d2743d0b8014
Value: %7B%22g%22%3A%220a6a4ab1-87da-e507-930f-ee3dd463f381%22%2C%22e%22%3A1717018594451%2C%22c%22%3A1717016794451%2C%22l%22%3A1717016794451%7D
.sharesies.com/ Name: ab.storage.deviceId.dec3b92c-8d79-432b-9ff2-d2743d0b8014
Value: %7B%22g%22%3A%2241e8ba0d-c99f-34b8-e00f-30d0b447dd3b%22%2C%22c%22%3A1717016794452%2C%22l%22%3A1717016794452%7D
.sharesies.com/ Name: _rdt_uuid
Value: 1717016794697.829975db-62ab-4791-adb9-bc5882e0598d
.sharesies.com/ Name: _ga
Value: GA1.1.230249816.1717016795
m.stripe.com/ Name: m
Value: 19aaa63b-a233-4bbe-9a7f-cd6ae852aefd653e95
.app.sharesies.com/ Name: __stripe_mid
Value: d0f20cde-13cc-4d82-a8cd-beeeddd0e4086d70e9
.app.sharesies.com/ Name: __stripe_sid
Value: b6fbb09c-8302-4b83-80b9-75757571c01672dab9
.sharesies.com/ Name: _ga_TT1S4W5EWQ
Value: GS1.1.1717016794.1.1.1717016795.59.0.0
.sharesies.com/ Name: rl_session
Value: RudderEncrypt%3AU2FsdGVkX1%2BieCGc6aG1LG7%2BEfrYMTZQFX0UcMftDau3II%2B0fFgHTCOUmfo4kaFsIaSOuGMeRX9eUdzsAYDcpbkAYtw4QFxRx3GZsZDmcTaQLJ0qcYvGMtCn9x8vz%2BPo%2FOT4NhTlV%2FFrNbi8yRlycw%3D%3D
.sharesies.com/ Name: intercom-id-n1goyeo2
Value: 54bb5582-7dfa-40e8-ac40-1ac060598e25
.sharesies.com/ Name: intercom-session-n1goyeo2
Value:
.sharesies.com/ Name: intercom-device-id-n1goyeo2
Value: 74ae23ba-2f47-42a3-bf12-3c5cef8bbfbb
.sharesies.com/ Name: _cfuvid
Value: QrrfdedK9UBjTOzoKDmcyxQPznYp6iM2jvryTjdiqaI-1717016797213-0.0.1.1-604800000

5 Console Messages

Source Level URL
Text
security error URL: https://app.sharesies.com/s/js/vendors~app~error-6bd86cf9cc8135ee86e9.js
Message:
Refused to connect to 'https://pixel-config.reddit.com/pixels/t2_37csa6l/config' because it violates the following Content Security Policy directive: "connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/".
security error URL: https://app.sharesies.com/login
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TT1S4W5EWQ&cid=230249816.1717016795&gtm=45je45m0v887819618za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1578118154' because it violates the following Content Security Policy directive: "img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com".
network error URL: https://157qg4dy.uriports.com/reports/enforce
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://157qg4dy.uriports.com/reports/enforce
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://app.sharesies.com/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; connect-src 'self' https://js.stripe.com https://api.rollbar.com https://*.intercom.io wss://*.intercom.io https://*.intercomcdn.com https://*.intercomusercontent.com https://www.google-analytics.com https://stats.g.doubleclick.net https://cloudflareinsights.com https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://sdk.iad-05.braze.com https://*.google-analytics.com https://*.googleapis.com https://*.analytics.google.com https://analytics.google.com https://rs.sharesies.com https://sharesies-dataplane.rudderstack.com https://api.rudderlabs.com https://cdn.growthbook.io https://cdn.contentful.com https://preview.contentful.com https://www.redditstatic.com https://api-nonprod.coveinsurance.co.nz https://api.coveinsurance.co.nz/prod/; script-src 'self' 'unsafe-inline' https://js.stripe.com https://api.stripe.com https://maps.googleapis.com https://www.google-analytics.com https://*.intercom.io https://js.intercomcdn.com https://www.googletagmanager.com https://www.googleadservices.com https://www.google.com https://tagmanager.google.com 'report-sample' https://connect.facebook.net https://static.cloudflareinsights.com https://js.appboycdn.com https://www.redditstatic.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://hello.myfonts.net https://tagmanager.google.com https://use.fontawesome.com; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com https://fonts.intercomcdn.com https://use.fontawesome.com/; img-src 'self' data: https://*.sharesies.nz https://*.sharesies.com https://*.uat.opsies.net.nz https://*.gstatic.com https://maps.googleapis.com https://q.stripe.com https://www.google-analytics.com https://*.intercomcdn.com https://*.intercomassets.com https://*.intercomcdn.com https://fairfax.demdex.net https://*.doubleclick.net https://*.google.com https://www.googletagmanager.com https://adservice.google.co.nz https://adservice.google.com.au https://www.googleadservices.com https://www.google.co.nz https://www.google.ca https://www.google.com.au https://www.google.co.uk https://www.google.com.sg https://www.facebook.com https://connect.facebook.net https://9748890.fls.doubleclick.net https://10744377.fls.doubleclick.net https://ad.doubleclick.net https://ade.googlesyndication.com https://googleads.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://appboy-images.com https://braze-images.com https://cdn.braze.eu https://d388vpyfrt4zrj.cloudfront.net/ https://sharesies-misc-retail-production.s3.amazonaws.com/customer-images/ https://sharesies.imgix.net https://images.ctfassets.net https://alb.reddit.com; media-src 'self' https://*.intercomcdn.com https://videos.ctfassets.net https://assets.ctfassets.net; frame-src https://js.stripe.com https://drive.google.com https://intercom-sheets.com https://accounts.google.com https://app-jungle.coveinsurance.co.nz/ https://app-jungle.coveinsurance.co.nz/partner/quote-referral/ https://app-jungle.coveinsurance.co.nz/user/dashboard/ https://app-jungle.coveinsurance.co.nz/user/policy https://app-jungle.coveinsurance.co.nz/user/change-payment https://app.coveinsurance.co.nz/ https://app.coveinsurance.co.nz/partner/quote-referral/ https://app.coveinsurance.co.nz/user/dashboard/ https://app.coveinsurance.co.nz/user/policy https://app.coveinsurance.co.nz/user/change-payment; manifest-src 'self'; worker-src 'self' https://*.sharesies.nz https://*.sharesies.com; frame-ancestors 'none'; report-uri https://157qg4dy.uriports.com/reports/enforce;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

157qg4dy.uriports.com
api-iam.intercom.io
app.sharesies.com
cdn.growthbook.io
connect.facebook.net
fonts.googleapis.com
js.intercomcdn.com
js.stripe.com
pixel-config.reddit.com
region1.analytics.google.com
rs.sharesies.com
sdk.iad-05.braze.com
sharesies.page.link
static.cloudflareinsights.com
stats.g.doubleclick.net
widget.intercom.io
www.google.de
www.googletagmanager.com
www.redditstatic.com
157qg4dy.uriports.com
pixel-config.reddit.com
www.google.de
151.101.192.176
151.101.64.176
151.101.65.91
157.240.252.13
18.239.94.10
2001:4860:4802:32::36
2606:4700:4400::6812:25a1
2606:4700::6810:4f49
2606:4700::6812:1a55
2606:4700::6812:1b55
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:400c:c06::9d
2a03:2880:f084:d:face:b00c:0:3
2a04:4e42:600::396
54.230.228.128
54.82.167.135
06f163f079098b437c60e5d4e11b2b02bda7f66de09fd2bfe1aa096fb4443b0e
0994a3d3661344684acec971fc82154a4605c4b2bbd4a95a6c065140dff7811f
09b1579949a294a022b78649b5c704a46b88dbe6f5989b36e8c50e7d15bca6f0
1b401e33533ffc1aa4a6c34c57b8e0cff23730617f6389ecad4e90472a5b8b5a
224aab1317bb73221bfa4d8e714c3a3d54d6b33b66d0623cf665ad4d031daf05
25d7339ac42956c07367c0e0548e7de5d354d1e49ae8f8f89cc64de49bd3abcd
2bf44b4265f1db73f88a5ce787e28681e07883c547d3793c47ad7c46bb41bbd2
34ab6af87a7d7bc52d8f2f061954bcb410fdf054281e23ce00b807ed73b2a041
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3798ead533dbf5c502ddb1f7c69952c82f6b75ea0049cb86d016f59073692e9a
400467db8f376866fb10f4dc4f2bcdfc9c68ac5749414ffc1bc01de33538e433
4fd60d2c48138652ffefd476b2cb07725960d848d32843914c5b3165190e210e
5531915ec1e3eb83b5581f1405f81af37daf5b0997bd585e7a7984011521dc25
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495
693d914d2c8c3a8a7871b0f2cf26999f0fbf690f74ffa0bf64a9f69249a0f509
7227b2afe4c6063592a65d0abe722f4aa7db46dd846f7e6bb7f80ed380e3cd56
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
91ce35451f5bbfac933451f8cd59327226244407438768e442708455d94f8842
9abd6583215c752e63a3eb0da224c0b8f54d18fa10ead90df4d6bafc4836bffc
9d89e495659ce6720c9aa28950cd44ed07b120ac2a114cff5a4f61d3a0a823f1
ad3755a3d5c308a436540801c6bc7c8da6ed614c5d6d9df8e376be0c4b893a87
af8da527afb426e5d836a0eb566ac98c6a27dab052575a305394d3dc7979300f
be87a211477f4bd52231081fba13a93de41cf8c580cb4904e94ce3938d3d752e
c0b477209c4dbaf0dc3ba32f31355ee38e14490866e1339f6147a473cf697173
c0da1d01349d1c7ecbc792b4c99ee48c668416a19715e63fae159a62906acb02
ca1303c155c4da02e6b9c8da119a73c047a6d6189001e93621fb2c12df09a274
ceec390a70a4b10ecd14f47786458bd96705822a4ed94c3e466265f505c79db3
d74f5bd49bd07d18ad2a2fd102a9acf68dd4e0465a9343397a10d56b1a3baa27
d9ea0b87c969c7a0c5948c19568bc80c07adfcf65989a9e6a5e757be0ce8a504
de485701a5c8a43ab24ef7c58cd7ec15068d1cc35b1b3fe2ebfd8804b7612278
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7
fc72f0cd10b1c11c5f9ca55c27166bcc02411112afc2a07c5a04d633bcf21d90