fix-decoding-user-id.app.challengervault.com Open in urlscan Pro
35.247.96.138  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response fix-decoding-user-id.app.challengervault.com/	6 KB 6 KB	474ms 147ms	Document text/html	35.247.96.138 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.247.96.138 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 138.96.247.35.bc.googleusercontent.com Software / Resource Hash e4d498943f56895c15effe1280c9e1b8e834be195753f34a0c979571b711f398 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 6107 content-type text/html date Wed, 10 May 2023 20:46:23 GMT etag "64529c8b-17db" last-modified Wed, 03 May 2023 17:40:27 GMT strict-transport-security max-age=15724800; includeSubDomains
GET H2	200	styles.css fix-decoding-user-id.app.challengervault.com/assets/fonts/material-outline-icons/	1 KB 1 KB	292ms 290ms	Stylesheet text/css	35.247.96.138 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fix-decoding-user-id.app.challengervault.com/assets/fonts/material-outline-icons/styles.css Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.247.96.138 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 138.96.247.35.bc.googleusercontent.com Software / Resource Hash 1620e798bbdc185b48fab44dc3469b57f2e61a9c8f9daa33fee449ed3ee1aece Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:24 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 03 May 2023 17:39:12 GMT accept-ranges bytes etag "64529c40-4a9" content-length 1193 content-type text/css
GET H2	200	style.css fix-decoding-user-id.app.challengervault.com/assets/fonts/meteocons/	6 KB 6 KB	148ms 145ms	Stylesheet text/html	35.247.96.138 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fix-decoding-user-id.app.challengervault.com/assets/fonts/meteocons/style.css Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.247.96.138 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 138.96.247.35.bc.googleusercontent.com Software / Resource Hash e4d498943f56895c15effe1280c9e1b8e834be195753f34a0c979571b711f398 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:24 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 03 May 2023 17:40:27 GMT accept-ranges bytes etag "64529c8b-17db" content-length 6107 content-type text/html
GET H2	200	all.css pro.fontawesome.com/releases/v5.10.0/css/	153 KB 29 KB	550ms 506ms	Stylesheet text/css	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pro.fontawesome.com/releases/v5.10.0/css/all.css Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec Request headers Referer https://fix-decoding-user-id.app.challengervault.com/ Origin https://fix-decoding-user-id.app.challengervault.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:24 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 28 Jun 2021 16:54:32 GMT server cloudflare x-amz-request-id K83YH02VR9B63NAE etag W/"aa1272633e7e552395d147a499bad186" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET access-control-allow-origin * content-type text/css cache-control max-age=31556926 cf-ray 7c550808681030f4-FRA x-amz-id-2 6bi5uYKUwD1kCbdmsVy3iNv+PfXpPd4HiZQ8dCuaLjikZ/8yLCkf68mkRoe2ZfSwYaVjzBLQM2c=
GET H2	200	splashScreen.css fix-decoding-user-id.app.challengervault.com/assets/styles/	3 KB 3 KB	150ms 149ms	Stylesheet text/css	35.247.96.138 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fix-decoding-user-id.app.challengervault.com/assets/styles/splashScreen.css Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.247.96.138 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 138.96.247.35.bc.googleusercontent.com Software / Resource Hash 93b79441928aab8a77463f0d6461022a7af7bb8facfd78ad6f729a61d8cf6061 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:24 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 03 May 2023 17:39:12 GMT accept-ranges bytes etag "64529c40-c71" content-length 3185 content-type text/css
GET H2	200	prizeout-publisher-sdk.js Show response widget.prizeout.com/	19 KB 6 KB	636ms 151ms	Script text/javascript	2606:4700:10::6816:22be CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://widget.prizeout.com/prizeout-publisher-sdk.js Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:22be , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba49b80442cc01338e95237a523654808f590febb0008f59ac20d1f0fe67e17e Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:24 GMT strict-transport-security max-age=2592000; includeSubDomains content-encoding gzip cf-cache-status REVALIDATED x-guploader-uploadid ADPycduuMG444-aPlNBX6BktYmHqSdxbCHnyxNxC7V_A_JNXycZ_T_QG9b-rUn1nM6BIbD_gMb_UuPzgKCFlKguse61v-_r5cF2I x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity last-modified Tue, 11 Apr 2023 15:42:59 GMT server cloudflare etag W/"0dbdd065dbd90f66bb1f24ff643c5982" vary Accept-Encoding x-goog-hash crc32c=7bwOgQ==, md5=Db3QZdvZD2a7HyT/ZDxZgg== x-goog-generation 1681227779337801 content-type text/javascript cache-control public, max-age=3600 x-goog-stored-content-length 19473 cf-ray 7c55080b28555b68-FRA expires Wed, 10 May 2023 21:46:24 GMT
GET H2	200	js Show response www.paypal.com/sdk/	269 KB 75 KB	2127ms 2093ms	Script application/javascript	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/sdk/js?client-id=AYkXEhj_H8Wjz3YvYl_8a2qkQL_dAU90mcRe9KEex1OHQXMvxGR6VHBRjLHd_VJ75SSFHet140Qq2cv7&enable-funding=venmo&currency=USD Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 10bf95c602c4a9754cb9fe091ae1c2dbe71a0a52227430198eb8f3eb090c8143 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-gY42Sa0I48tIiPVZo7UIKo7Sg0j0ZT9qdafXia7fFTkFIkv5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-gY42Sa0I48tIiPVZo7UIKo7Sg0j0ZT9qdafXia7fFTkFIkv5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-gY42Sa0I48tIiPVZo7UIKo7Sg0j0ZT9qdafXia7fFTkFIkv5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-gY42Sa0I48tIiPVZo7UIKo7Sg0j0ZT9qdafXia7fFTkFIkv5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp content-encoding gzip x-content-type-options nosniff date Wed, 10 May 2023 20:46:26 GMT via 1.1 varnish strict-transport-security max-age=63072000; includeSubDomains; preload age 1 x-cache MISS p3p true paypal-debug-id f50148916409c server-timing "traceparent;desc="00-0000000000000000000f50148916409c-19615d18e84cf5bb-01"";content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com content-length 75596 x-xss-protection 1; mode=block x-served-by cache-fra-eddf8230022-FRA traceparent 00-0000000000000000000f50148916409c-2e194b379ff88a76-01 x-timer S1683751584.055647,VS0,VE2086 etag W/"1274c-iJNtdcDGziNSJHsmGQ9m+JF0mHk" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers Server-Timing cache-control public, max-age=3600, s-maxage=10800 accept-ranges bytes x-cache-hits 0
GET H2	200	2.af774a2d.chunk.css fix-decoding-user-id.app.challengervault.com/static/css/	2 KB 2 KB	149ms 148ms	Stylesheet text/css	35.247.96.138 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fix-decoding-user-id.app.challengervault.com/static/css/2.af774a2d.chunk.css Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.247.96.138 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 138.96.247.35.bc.googleusercontent.com Software / Resource Hash 87666ef0d888e5e14be4e4f343147bc7a703bc3c0f832824ad63d6c625d8704d Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:24 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 03 May 2023 17:40:27 GMT accept-ranges bytes etag "64529c8b-66a" content-length 1642 content-type text/css
GET H2	200	main.08f5ab86.chunk.css fix-decoding-user-id.app.challengervault.com/static/css/	8 KB 8 KB	150ms 149ms	Stylesheet text/css	35.247.96.138 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fix-decoding-user-id.app.challengervault.com/static/css/main.08f5ab86.chunk.css Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.247.96.138 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 138.96.247.35.bc.googleusercontent.com Software / Resource Hash 4687f9b081e79749862d4905baa9bdb40240e0cfcfa9e9efc8c896162ebbb2c4 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:24 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 03 May 2023 17:40:27 GMT accept-ranges bytes etag "64529c8b-1eed" content-length 7917 content-type text/css
GET H2	200	challenger_icon_logo.svg fix-decoding-user-id.app.challengervault.com/assets/images/logos/	600 B 783 B	146ms 146ms	Image image/svg+xml	35.247.96.138 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://fix-decoding-user-id.app.challengervault.com/assets/images/logos/challenger_icon_logo.svg Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.247.96.138 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 138.96.247.35.bc.googleusercontent.com Software / Resource Hash 40a1bef7db3e185c1112c16e946f67e56806674ebe7825c6daf34716ed3985c8 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:25 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 03 May 2023 17:39:12 GMT accept-ranges bytes etag "64529c40-258" content-length 600 content-type image/svg+xml
GET H2	200	2.a12133a9.chunk.js Show response fix-decoding-user-id.app.challengervault.com/static/js/	1 MB 1 MB	148ms 147ms	Script application/javascript	35.247.96.138 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fix-decoding-user-id.app.challengervault.com/static/js/2.a12133a9.chunk.js Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.247.96.138 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 138.96.247.35.bc.googleusercontent.com Software / Resource Hash 3dcc7c05fc19040fda95a990053f1fcc5319365d1b7a14671e0f9a1e46f95fd0 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:24 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 03 May 2023 17:40:27 GMT accept-ranges bytes etag "64529c8b-17d0c7" content-length 1560775 content-type application/javascript
GET H2	200	main.d1fef05f.chunk.js Show response fix-decoding-user-id.app.challengervault.com/static/js/	3 MB 3 MB	149ms 149ms	Script application/javascript	35.247.96.138 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fix-decoding-user-id.app.challengervault.com/static/js/main.d1fef05f.chunk.js Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.247.96.138 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 138.96.247.35.bc.googleusercontent.com Software / Resource Hash bde2405f9fae417795a048aa22db57ebf6d17dd4ea080e3b80f8a85d69d723ee Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:25 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 03 May 2023 17:40:27 GMT accept-ranges bytes etag "64529c8b-2c72c5" content-length 2912965 content-type application/javascript
GET H2	200	gtm.js Show response www.googletagmanager.com/	233 KB 79 KB	141ms 57ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MRZ242G Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 76442034166a6e974bfcc1a448ca1f44ce78ece8b4c8a0271c441c00fc4b5710 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:26 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 80902 x-xss-protection 0 last-modified Wed, 10 May 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 10 May 2023 20:46:26 GMT
GET H2	200	array.js Show response app.posthog.com/static/	98 KB 30 KB	55ms 7ms	Script application/javascript	2600:9000:223f:9800:1d:be94:4b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.posthog.com/static/array.js Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:9800:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a693c99cb837485870887389d162468b815cd39bfb1354224e9a583f1334575e Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers x-amz-version-id d5Rxm9M0Eal9G2aOQXo.YkJSF2VHrdtq content-encoding br via 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront) date Wed, 10 May 2023 11:37:05 GMT last-modified Tue, 09 May 2023 11:32:06 GMT server AmazonS3 x-amz-cf-pop FRA56-P5 age 32961 x-amz-server-side-encryption AES256 etag W/"89de64fdae03bb3579a17192015eff92" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id b6JBRICV9kFHWwq_Gj_eWT4rbf6QIJnHysD-FV4UJ_CCTV289wi07Q==
GET H2	200	css fonts.googleapis.com/	3 KB 1 KB	126ms 44ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/static/css/main.08f5ab86.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 10 May 2023 20:46:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 10 May 2023 20:30:47 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 10 May 2023 20:46:26 GMT
GET H2	200	css fonts.googleapis.com/	16 KB 874 B	127ms 45ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/static/css/main.08f5ab86.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 938867756d681f855032a6de9b1ae7df962cda84bdb3969bfa28c1023072bae0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 10 May 2023 20:46:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 10 May 2023 20:28:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 10 May 2023 20:46:26 GMT
POST H2	200	/ Show response app.posthog.com/e/	13 B 451 B	110ms 110ms	XHR application/json	2600:9000:223f:9800:1d:be94:4b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.posthog.com/e/?ip=1&_=1683751586254&ver=1.55.2 Requested by Host: app.posthog.com URL: https://app.posthog.com/static/array.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:9800:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://fix-decoding-user-id.app.challengervault.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 10 May 2023 20:46:26 GMT via 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront) x-content-type-options nosniff referrer-policy same-origin x-amz-cf-pop FRA56-P5 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://fix-decoding-user-id.app.challengervault.com x-cache Miss from cloudfront access-control-allow-credentials true access-control-allow-headers X-Requested-With,Content-Type x-amz-cf-id S4L7kS58Wen8GzwaN0XG0yJsOap9FCnuWBmgihaKKbRQDNpu2_avRw==
POST H2	200	/ Show response app.posthog.com/decide/	332 B 770 B	107ms 107ms	XHR application/json	2600:9000:223f:9800:1d:be94:4b80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.posthog.com/decide/?v=3&ip=1&_=1683751586255&ver=1.55.2 Requested by Host: app.posthog.com URL: https://app.posthog.com/static/array.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:9800:1d:be94:4b80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash ff8545f099c9489d9e38617eb449bbe47e3fd6ac72cdddc235736c11201f9cbd Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://fix-decoding-user-id.app.challengervault.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Wed, 10 May 2023 20:46:26 GMT via 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront) x-content-type-options nosniff referrer-policy same-origin x-amz-cf-pop FRA56-P5 access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://fix-decoding-user-id.app.challengervault.com x-cache Miss from cloudfront access-control-allow-credentials true access-control-allow-headers X-Requested-With,Content-Type x-amz-cf-id ya6TepW_msTc9WoXqaHoQz5q0OLX8olJtS5MAyERkRYbcDnCbzVBlQ==
GET H2	200	uc.js Show response consent.cookiebot.com/	107 KB 33 KB	42ms 11ms	Script application/javascript	2a02:26f0:3500:18::1724:a29a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/uc.js?cbid=cc15e2e3-ebea-49dd-8255-ff55b5067872&consentmode-dataredaction=dynamic&framework=IAB Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRZ242G Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e515f490d944acb1965c38d2fda139282422c6f078c53093fa37bc7b788fcc94 Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers request-context appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef date Wed, 10 May 2023 20:46:26 GMT content-encoding gzip last-modified Wed, 22 Mar 2023 08:35:20 GMT etag "3cf4233d995cd91:0" vary Accept-Encoding content-type application/javascript access-control-expose-headers Request-Context cache-control public, max-age=911 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 33483 expires Wed, 10 May 2023 21:01:37 GMT
GET H2	200	v6.js Show response cdn.stape.io/dtag/	18 KB 7 KB	52ms 17ms	Script application/javascript	2606:4700::6812:130 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.stape.io/dtag/v6.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRZ242G Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:130 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89a723df315fb99d155d16e22d70b523a4cb701d67ed8fe30192d6cba694e658 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br age 1695031 cf-polished origSize=17977 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin cf-bgj minify last-modified Mon, 10 Apr 2023 14:54:36 GMT server cloudflare etag W/"6434232c-4639" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 7c5508167b8a9171-FRA expires Thu, 09 May 2024 20:46:26 GMT
GET H2	200	iJWKBXyIfDnIV7nBrXw.woff2 fonts.gstatic.com/s/rubik/v26/	33 KB 34 KB	116ms 35ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fix-decoding-user-id.app.challengervault.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Sat, 06 May 2023 15:52:08 GMT x-content-type-options nosniff age 363258 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33868 x-xss-protection 0 last-modified Wed, 08 Mar 2023 21:37:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 05 May 2024 15:52:08 GMT
GET H2	200	challenger.png fix-decoding-user-id.app.challengervault.com/assets/images/logos/	5 KB 5 KB	146ms 146ms	Image image/png	35.247.96.138 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://fix-decoding-user-id.app.challengervault.com/assets/images/logos/challenger.png Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.247.96.138 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 138.96.247.35.bc.googleusercontent.com Software / Resource Hash 626ecdc03c5061d7f220226f8981b5d58fed9e3279f807743d22989c483b4479 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:26 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 03 May 2023 17:39:12 GMT accept-ranges bytes etag "64529c40-1314" content-length 4884 content-type image/png
GET H2	200	material-outline-icons.ttf fix-decoding-user-id.app.challengervault.com/assets/fonts/material-outline-icons/	195 KB 195 KB	147ms 146ms	Font application/octet-stream	35.247.96.138 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://fix-decoding-user-id.app.challengervault.com/assets/fonts/material-outline-icons/material-outline-icons.ttf?8ot508 Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/assets/fonts/material-outline-icons/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.247.96.138 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 138.96.247.35.bc.googleusercontent.com Software / Resource Hash 4e41e4b02e977497eff2533451f81e3b0419b4c1c16a0d696f0a6d9481d5395f Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://fix-decoding-user-id.app.challengervault.com/assets/fonts/material-outline-icons/styles.css Origin https://fix-decoding-user-id.app.challengervault.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:26 GMT strict-transport-security max-age=15724800; includeSubDomains last-modified Wed, 03 May 2023 17:39:12 GMT accept-ranges bytes etag "64529c40-30af8" content-length 199416 content-type application/octet-stream
GET H2	200	bc-v4.min.html Show response consentcdn.cookiebot.com/sdk/ Frame 3A08	627 B 810 B	62ms 19ms	Document text/html	2a02:26f0:480:5a0::f09 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consentcdn.cookiebot.com/sdk/bc-v4.min.html Requested by Host: consent.cookiebot.com URL: https://consent.cookiebot.com/uc.js?cbid=cc15e2e3-ebea-49dd-8255-ff55b5067872&consentmode-dataredaction=dynamic&framework=IAB Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:5a0::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104 Request headers Referer https://fix-decoding-user-id.app.challengervault.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=31536000 content-encoding gzip content-length 392 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 10 May 2023 20:46:26 GMT etag "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163" expires Thu, 09 May 2024 20:46:26 GMT last-modified Mon, 04 Apr 2022 07:23:49 GMT server AkamaiNetStorage server-timing cdn-cache; desc=HIT edge; dur=1 ak_p; desc="467708_35115176_6676250_35_1032_5_0";dur=1 vary Accept-Encoding x-akamai-transformed 9 - 0 pmb=mRUM,1
GET H2	200	consent-sdk-2.0.js Show response consent.cookiebot.com/Framework/IAB/	345 KB 104 KB	10ms 10ms	Script application/javascript	2a02:26f0:3500:18::1724:a29a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/Framework/IAB/consent-sdk-2.0.js Requested by Host: consent.cookiebot.com URL: https://consent.cookiebot.com/uc.js?cbid=cc15e2e3-ebea-49dd-8255-ff55b5067872&consentmode-dataredaction=dynamic&framework=IAB Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash d51b76c67bb6be33ba19c2ff03895fde29cd3a2a65e81ae4ea0d8dae527eeca9 Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers request-context appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef date Wed, 10 May 2023 20:46:26 GMT content-encoding gzip last-modified Wed, 22 Mar 2023 08:35:20 GMT etag "dcd1c3d995cd91:0" vary Accept-Encoding content-type application/javascript access-control-expose-headers Request-Context cache-control public, max-age=627 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 106131 expires Wed, 10 May 2023 20:56:53 GMT
GET H2	200	cc.js Show response consent.cookiebot.com/cc15e2e3-ebea-49dd-8255-ff55b5067872/	400 B 636 B	111ms 111ms	Script application/x-javascript	2a02:26f0:3500:18::1724:a29a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/cc15e2e3-ebea-49dd-8255-ff55b5067872/cc.js?renew=false&referer=fix-decoding-user-id.app.challengervault.com&dnt=false&init=false&framework=IABv2 Requested by Host: consent.cookiebot.com URL: https://consent.cookiebot.com/uc.js?cbid=cc15e2e3-ebea-49dd-8255-ff55b5067872&consentmode-dataredaction=dynamic&framework=IAB Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:18::1724:a29a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e480b187a6d6b90ad79e4f70b49ad4041a4a768538e9784dd3682b587ce41e2c Request headers accept-language de-DE,de;q=0.9 Referer https://fix-decoding-user-id.app.challengervault.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 20:46:26 GMT content-encoding gzip vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-expose-headers Request-Context cache-control private, max-age=60 cross-origin-resource-policy cross-origin content-length 390 request-context appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
POST H2	200	data Show response gtm-wpmgnm9-mdq3o.uc.r.appspot.com/	68 B 617 B	277ms 165ms	XHR application/json	2a00:1450:4001:831::2014 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://gtm-wpmgnm9-mdq3o.uc.r.appspot.com/data?v=2&event_name=page_view Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/static/js/2.a12133a9.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash d4e8375f17e80cc69887d8c0d5ff331b0c06e2b39dbd5ebff9ad67bdcc731994 Request headers Referer https://fix-decoding-user-id.app.challengervault.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Content-type text/plain Response headers date Wed, 10 May 2023 20:46:26 GMT content-encoding gzip server Google Frontend vary Accept-Encoding access-control-allow-methods GET,POST,PUT,DELETE,OPTIONS content-type application/json access-control-allow-origin https://fix-decoding-user-id.app.challengervault.com x-cloud-trace-context c9b7437a852471b9eb4415f4514777ac;o=1 access-control-max-age 600 access-control-allow-credentials true cache-control private access-control-allow-headers content-type,set-cookie,x-robots-tag,x-gtm-server-preview,x-stape-preview content-length 87 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 10 May 2023 20:46:26 GMT
OPTIONS H2	200	logger www.sandbox.paypal.com/xoplatform/logger/api/ Frame	0 0	209ms 179ms	Preflight	151.101.129.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.sandbox.paypal.com/xoplatform/logger/api/logger Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://fix-decoding-user-id.app.challengervault.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers accept-ch Sec-CH-UA-Full accept-ranges none access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://fix-decoding-user-id.app.challengervault.com cache-control max-age=0, no-cache, no-store, must-revalidate content-encoding br date Wed, 10 May 2023 20:46:26 GMT origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== paypal-debug-id f576953ec70ef strict-transport-security max-age=63072000; includeSubDomains; preload vary accept-encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-content-type-options nosniff x-served-by cache-fra-eddf8230113-FRA x-timer S1683751587.763672,VS0,VE171
POST H2	200	logger Show response www.sandbox.paypal.com/xoplatform/logger/api/	1002 B 1 KB	209ms 208ms	XHR application/json	151.101.129.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.sandbox.paypal.com/xoplatform/logger/api/logger Requested by Host: fix-decoding-user-id.app.challengervault.com URL: https://fix-decoding-user-id.app.challengervault.com/static/js/2.a12133a9.chunk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 228d2e270d2102f9f97a146de2b47e74a312e6eccde86e534c986c02439569aa Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept application/json Referer https://fix-decoding-user-id.app.challengervault.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 content-type application/json Response headers date Wed, 10 May 2023 20:46:27 GMT via 1.1 varnish x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-cache MISS paypal-debug-id f576953fe3c4b x-served-by cache-fra-eddf8230113-FRA accept-ch Sec-CH-UA-Full x-timer S1683751587.955999,VS0,VE192 etag W/"3ea-uGA3mcfj1pCGMIHIuaFRSywshJQ" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://fix-decoding-user-id.app.challengervault.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true origin-trial AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ== accept-ranges none x-cache-hits 0

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless object| dataLayer object| prizeoutSDK object| __post_robot_11_0_0___uid_psirfoioejrzfqiiskmmkldkgkqxxe object| paypal object| __zoid_10_2_3___uid_psirfoioejrzfqiiskmmkldkgkqxxe object| posthog object| google_tag_manager object| google_tag_data object| webpackJsonpchallenger-web-app object| __SENTRY__ number| 2f1acc6c3a606b082e5eef5e54414ffb function| clearImmediate function| setImmediate object| regeneratorRuntime function| dataTagParseResponse function| dataTagSendData function| dataTagGetData function| dataTagMD5 function| dataTag256 function| dataTagJsSHA object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot function| __tcfapi object| CookieConsent object| dataTagData object| CookieConsentIABCMP object| CookiebotCMPControl object| iabbundle string| cookiedomainwarning

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.challengervault.com/	1970-01-20 20:28:07	Name: ph_phc_8D8TwDvTDiMCkbXDVxDxwEEAEydFRdEm8ZYLfCPtuFn_posthog Value: %7B%22distinct_id%22%3A%22188076a49c328a-06fece45208591-13313170-1d4c00-188076a49c416ec%22%2C%22%24device_id%22%3A%22188076a49c328a-06fece45208591-13313170-1d4c00-188076a49c416ec%22%2C%22%24user_state%22%3A%22anonymous%22%2C%22%24sesid%22%3A%5B1683751586247%2C%22188076a49c7239-07bd0872867e6b-13313170-1d4c00-188076a49c8338%22%2C1683751586247%5D%2C%22%24session_recording_enabled_server_side%22%3Afalse%2C%22%24autocapture_disabled_server_side%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%2C%22%24feature_flag_payloads%22%3A%7B%7D%7D
			.gtm-wpmgnm9-mdq3o.uc.r.appspot.com/	1970-01-20 21:18:31	Name: _dcid Value: dcid.1.1683751586760.221218460

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.posthog.com
cdn.stape.io
consent.cookiebot.com
consentcdn.cookiebot.com
fix-decoding-user-id.app.challengervault.com
fonts.googleapis.com
fonts.gstatic.com
gtm-wpmgnm9-mdq3o.uc.r.appspot.com
pro.fontawesome.com
widget.prizeout.com
www.googletagmanager.com
www.paypal.com
www.sandbox.paypal.com
151.101.129.21
151.101.193.21
2600:9000:223f:9800:1d:be94:4b80:93a1
2606:4700:10::6816:22be
2606:4700::6812:130
2606:4700::6812:1634
2a00:1450:4001:806::2008
2a00:1450:4001:827::200a
2a00:1450:4001:829::2003
2a00:1450:4001:831::2014
2a02:26f0:3500:18::1724:a29a
2a02:26f0:480:5a0::f09
35.247.96.138
10bf95c602c4a9754cb9fe091ae1c2dbe71a0a52227430198eb8f3eb090c8143
1620e798bbdc185b48fab44dc3469b57f2e61a9c8f9daa33fee449ed3ee1aece
228d2e270d2102f9f97a146de2b47e74a312e6eccde86e534c986c02439569aa
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
3dcc7c05fc19040fda95a990053f1fcc5319365d1b7a14671e0f9a1e46f95fd0
40a1bef7db3e185c1112c16e946f67e56806674ebe7825c6daf34716ed3985c8
4687f9b081e79749862d4905baa9bdb40240e0cfcfa9e9efc8c896162ebbb2c4
4e41e4b02e977497eff2533451f81e3b0419b4c1c16a0d696f0a6d9481d5395f
626ecdc03c5061d7f220226f8981b5d58fed9e3279f807743d22989c483b4479
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
76442034166a6e974bfcc1a448ca1f44ce78ece8b4c8a0271c441c00fc4b5710
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
87666ef0d888e5e14be4e4f343147bc7a703bc3c0f832824ad63d6c625d8704d
89a723df315fb99d155d16e22d70b523a4cb701d67ed8fe30192d6cba694e658
938867756d681f855032a6de9b1ae7df962cda84bdb3969bfa28c1023072bae0
93b79441928aab8a77463f0d6461022a7af7bb8facfd78ad6f729a61d8cf6061
a693c99cb837485870887389d162468b815cd39bfb1354224e9a583f1334575e
ba49b80442cc01338e95237a523654808f590febb0008f59ac20d1f0fe67e17e
bde2405f9fae417795a048aa22db57ebf6d17dd4ea080e3b80f8a85d69d723ee
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
d4e8375f17e80cc69887d8c0d5ff331b0c06e2b39dbd5ebff9ad67bdcc731994
d51b76c67bb6be33ba19c2ff03895fde29cd3a2a65e81ae4ea0d8dae527eeca9
e480b187a6d6b90ad79e4f70b49ad4041a4a768538e9784dd3682b587ce41e2c
e4d498943f56895c15effe1280c9e1b8e834be195753f34a0c979571b711f398
e515f490d944acb1965c38d2fda139282422c6f078c53093fa37bc7b788fcc94
e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc
ff8545f099c9489d9e38617eb449bbe47e3fd6ac72cdddc235736c11201f9cbd