URL: https://spend.cloud/
Submission: On November 18 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 1 countries across 7 domains to perform 27 HTTP transactions. The main IP is 34.102.245.20, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is spend.cloud. The Cisco Umbrella rank of the primary domain is 469853.
TLS certificate: Issued by E5 on September 14th 2024. Valid for: 3 months.
This is the only time spend.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 34.102.245.20 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 34.96.110.71 396982 (GOOGLE-CL...)
1 34.36.140.245 396982 (GOOGLE-CL...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 142.251.35.163 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 34.98.99.61 396982 (GOOGLE-CL...)
27 8
Apex Domain
Subdomains
Transfer
16 spend.cloud
spend.cloud — Cisco Umbrella Rank: 469853
635 KB
3 visma.com
snowplow.visma.com — Cisco Umbrella Rank: 160437
38 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
storage.googleapis.com — Cisco Umbrella Rank: 314
92 KB
2 gstatic.com
fonts.gstatic.com
77 KB
1 iconify.design
api.iconify.design — Cisco Umbrella Rank: 13017
1020 B
1 pendo.io
cdn.eu.pendo.io — Cisco Umbrella Rank: 12660
160 KB
1 wootric.com
cdn.wootric.com — Cisco Umbrella Rank: 8136
63 KB
27 7
Domain Requested by
16 spend.cloud spend.cloud
3 snowplow.visma.com spend.cloud
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com spend.cloud
1 api.iconify.design spend.cloud
1 storage.googleapis.com spend.cloud
1 cdn.eu.pendo.io spend.cloud
1 cdn.wootric.com spend.cloud
27 8

This site contains no links.

Subject Issuer Validity Valid
*.spend.cloud
E5
2024-09-14 -
2024-12-13
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
cdn.wootric.com
WR3
2024-10-19 -
2025-01-17
3 months crt.sh
cdn.eu.pendo.io
WR3
2024-10-26 -
2025-01-24
3 months crt.sh
storage.googleapis.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
iconify.design
WE1
2024-10-10 -
2025-01-09
3 months crt.sh
snowplow.visma.com
WR3
2024-10-04 -
2025-01-02
3 months crt.sh

This page contains 1 frames:

Primary Page: https://spend.cloud/
Frame ID: 3C803170516FC5894051027CD27A1806
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Unknown client - Spend Cloud

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

27
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

8
IPs

1
Countries

1028 kB
Transfer

3329 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
spend.cloud/
2 KB
1 KB
Document
General
Full URL
https://spend.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6f4e0bd99ac00235bb6b2f0a20c4915e822b0856c035529934ee8ea9892ccb45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 18 Nov 2024 13:14:39 GMT
etag
W/"67375c74-850"
last-modified
Fri, 15 Nov 2024 14:36:36 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 google
x-frame-options
sameorigin
css2
fonts.googleapis.com/
12 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Requested by
Host: spend.cloud
URL: https://spend.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dcb72a8d2478bc448bab6712de33a8370c2b3027d9ae9a079d1f4de5a6600634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spend.cloud/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 13:14:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 18 Nov 2024 12:39:51 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
16 KB
1003 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Requested by
Host: spend.cloud
URL: https://spend.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be3fe55543f758d8432ed5dfa6afbe9b79b226231c1a6ff6dcaefac0b2917bfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spend.cloud/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 13:14:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 18 Nov 2024 13:12:08 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
wootric-sdk.js
cdn.wootric.com/
249 KB
63 KB
Script
General
Full URL
https://cdn.wootric.com/wootric-sdk.js
Requested by
Host: spend.cloud
URL: https://spend.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.110.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.110.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fe7f7a5dc1fb43aa9a22f4b5b1198370b13daddcafa0c9bef3e45d7f16372a31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spend.cloud/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Type
content-encoding
gzip
x-goog-hash
crc32c=vi4YzA==, md5=OwjZzm2PNm6vtELnzLYZxA==
etag
"3b08d9ce6d8f366eafb442e7ccb619c4"
age
302
x-goog-stored-content-encoding
gzip
expires
Mon, 18 Nov 2024 14:09:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
64061
date
Mon, 18 Nov 2024 13:09:37 GMT
last-modified
Wed, 17 Jul 2024 22:40:33 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7Udfrme3hu5-bYeV0np91CsAQq-DxeLQJEGQWcKQ9p4bHL4tUFxrvS24CdM8pMO1BtAy4b9nxAP7Usz_k
cache-control
public, max-age=3600
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1721256033705626
content-length
64061
content-language
en
server
UploadServer
index-C87SqEsl.js
spend.cloud/assets/
2 MB
555 KB
Script
General
Full URL
https://spend.cloud/assets/index-C87SqEsl.js
Requested by
Host: spend.cloud
URL: https://spend.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
609c650ae6e220b2a4c4bf33cc531abf47a09111390f306c6d3988df41d3f8c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spend.cloud
Referer
https://spend.cloud/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"67375c74-1c88f8"
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:40 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 15 Nov 2024 14:36:36 GMT
server
nginx
x-frame-options
sameorigin
index-DEnaqAQj.css
spend.cloud/assets/
539 KB
68 KB
Stylesheet
General
Full URL
https://spend.cloud/assets/index-DEnaqAQj.css
Requested by
Host: spend.cloud
URL: https://spend.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
80ccaffbd0145ec119bb2d785e0d2c0e2f28a321262631f05c3a5ce89e931cc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spend.cloud
Referer
https://spend.cloud/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"67375c74-86d5f"
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:40 GMT
content-type
text/css
last-modified
Fri, 15 Nov 2024 14:36:36 GMT
server
nginx
x-frame-options
sameorigin
pendo.js
cdn.eu.pendo.io/agent/static/339937c9-79bd-42ee-5943-9fad62f62e8d/
487 KB
160 KB
Script
General
Full URL
https://cdn.eu.pendo.io/agent/static/339937c9-79bd-42ee-5943-9fad62f62e8d/pendo.js
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.140.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
245.140.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e4d0114f2daa46f7ca5eb5341321d07fc7fb765080e826b74a20a1bb231d162e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spend.cloud/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=Gy5lzg==, md5=KGso62wLONwddVxC8WwNKw==
etag
"286b28eb6c0b38dc1d755c42f16c0d2b"
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
162259
date
Mon, 18 Nov 2024 13:14:41 GMT
last-modified
Fri, 15 Nov 2024 17:10:13 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-guploader-uploadid
AFiumC6OCPibzYQ00GlvG9RsU9Lc0mdQKmnNY2x8NU43xjo_OzIRJN9-SYVT5vb-m2eOX5ALtoy41KuFhA
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=450
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1731690613870988
content-length
162259
server
UploadServer
environment-variables
spend.cloud/api/
243 B
237 B
XHR
General
Full URL
https://spend.cloud/api/environment-variables
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
495711da10bebe8f450f5f5c198b3360f302547d7b35ecd464f463c893dcfda9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

Referer
https://spend.cloud/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, private
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
x-ratelimit-remaining
599
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:41 GMT
x-ratelimit-limit
600
content-type
application/json
vary
Accept-Encoding, Origin
server
nginx
x-frame-options
deny
sp.js
storage.googleapis.com/snowplow-cto-office-tracker-bucket/3.12.0/
89 KB
89 KB
Script
General
Full URL
https://storage.googleapis.com/snowplow-cto-office-tracker-bucket/3.12.0/sp.js
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9f7ca24d6a67eee6f8a521f8b8bc64ffbd0a3a7df99128ddae3bd81c91efb494

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spend.cloud/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=mS2VUA==, md5=LM+8Ldbncm5NrpFkymRhEQ==
etag
"2ccfbc2dd6e7726e4dae9164ca646111"
age
501
x-goog-stored-content-encoding
identity
expires
Mon, 18 Nov 2024 14:06:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
90727
date
Mon, 18 Nov 2024 13:06:20 GMT
last-modified
Tue, 13 Jun 2023 11:11:26 GMT
content-type
text/javascript
x-guploader-uploadid
AFiumC6HCLuMjlM_g9BQBFmSycecVXXJbUZ1o55N5u6MS_JX0pEzHZtpwS_BwtvzG3Vf-3qiTA4rnqQgAg
cache-control
public, max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
x-goog-generation
1686654686752418
content-length
90727
server
UploadServer
auth-C3TgNCsh.js
spend.cloud/assets/
4 KB
2 KB
Script
General
Full URL
https://spend.cloud/assets/auth-C3TgNCsh.js
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4359b89a8ba3f867ce9518d43b74fff04ccaf4066018073858ab345391364fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spend.cloud
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"67375c74-ed3"
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 15 Nov 2024 14:36:36 GMT
server
nginx
x-frame-options
sameorigin
sc-logo-i4UbdDGC.js
spend.cloud/assets/
476 B
335 B
Script
General
Full URL
https://spend.cloud/assets/sc-logo-i4UbdDGC.js
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bb2ef47988764f7287cec828255816e85b3a434fe1306ed40c4e1993a349e83e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spend.cloud
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"67375c74-1dc"
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 15 Nov 2024 14:36:36 GMT
server
nginx
x-frame-options
sameorigin
sc-logo-Chmp0GaB.css
spend.cloud/assets/
139 B
131 B
Stylesheet
General
Full URL
https://spend.cloud/assets/sc-logo-Chmp0GaB.css
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
446cdfa803e8b0fb6790e512c087c7d7f2845a768d54808a28fcfe4a01218abb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spend.cloud
Referer
https://spend.cloud/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"67375c74-8b"
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:41 GMT
content-type
text/css
last-modified
Fri, 15 Nov 2024 14:36:36 GMT
server
nginx
x-frame-options
sameorigin
vue2-transitions.m-Cm1FfpKy.js
spend.cloud/assets/
13 KB
2 KB
Script
General
Full URL
https://spend.cloud/assets/vue2-transitions.m-Cm1FfpKy.js
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3592d1ab6343ad8ded93859cb6ce0ca00b08d3ad7a48a260d091ae94ca879ff8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spend.cloud
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"67375c74-35c3"
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 15 Nov 2024 14:36:36 GMT
server
nginx
x-frame-options
sameorigin
auth-DqCc2dYk.css
spend.cloud/assets/
1 KB
492 B
Stylesheet
General
Full URL
https://spend.cloud/assets/auth-DqCc2dYk.css
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d505c50f308b28b9deeba92a758733510784967771010453c5775ca2a4cbfbe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spend.cloud
Referer
https://spend.cloud/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"67375c74-4c5"
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:41 GMT
content-type
text/css
last-modified
Fri, 15 Nov 2024 14:36:36 GMT
server
nginx
x-frame-options
sameorigin
index-C4IxuD85.js
spend.cloud/assets/
3 KB
1 KB
Script
General
Full URL
https://spend.cloud/assets/index-C4IxuD85.js
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6535f1b6070055a2b6722cfcaf7967de3a93e516ad3a58c7c52e0bc094dce75a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spend.cloud
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"67375c74-a4e"
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 15 Nov 2024 14:36:36 GMT
server
nginx
x-frame-options
sameorigin
auth-header-DWAACMOV.js
spend.cloud/assets/
453 B
319 B
Script
General
Full URL
https://spend.cloud/assets/auth-header-DWAACMOV.js
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7adb208e74999c24c7a337d743417c87c02590284a1661cd8ec35b43222d78be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spend.cloud
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"67375c74-1c5"
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 15 Nov 2024 14:36:36 GMT
server
nginx
x-frame-options
sameorigin
before-route-enter-DSQbQa5Y.js
spend.cloud/assets/
669 B
558 B
Script
General
Full URL
https://spend.cloud/assets/before-route-enter-DSQbQa5Y.js
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
717c06565f99f75b209f08e04d388c9756b94435d725805decd00e10a034fd5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spend.cloud
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"67375c74-29d"
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 15 Nov 2024 14:36:36 GMT
server
nginx
x-frame-options
sameorigin
route-block-B_A1xBdJ.js
spend.cloud/assets/
27 B
47 B
Script
General
Full URL
https://spend.cloud/assets/route-block-B_A1xBdJ.js
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f37d93c862ba8958e8a83a2353ce79d1a4ba4220d51c648bc986cf9a7fab8625
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spend.cloud
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
etag
"67375c74-1b"
via
1.1 google
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27
date
Mon, 18 Nov 2024 13:14:41 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 15 Nov 2024 14:36:36 GMT
server
nginx
x-frame-options
sameorigin
4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f3.1e100.net
Software
sffe /
Resource Hash
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spend.cloud
Referer
https://fonts.googleapis.com/

Response headers

age
322027
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 19:47:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 14 Nov 2024 19:47:35 GMT
last-modified
Wed, 27 Apr 2022 16:04:03 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
30480
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.163 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://spend.cloud
Referer
https://fonts.googleapis.com/

Response headers

age
252668
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 15:03:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 15:03:34 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
mark-blue.svg
spend.cloud/assets/logo/
858 B
540 B
Image
General
Full URL
https://spend.cloud/assets/logo/mark-blue.svg
Requested by
Host: spend.cloud
URL: https://spend.cloud/auth/unknown-client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e47ab43fe2cec0d11607d1ea5e71c497b8347564032a0f005278dc414a69fdbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spend.cloud/auth/unknown-client

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"67375c73-35a"
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:42 GMT
content-type
image/svg+xml
last-modified
Fri, 15 Nov 2024 14:36:35 GMT
server
nginx
x-frame-options
sameorigin
text-dark.svg
spend.cloud/assets/logo/
5 KB
2 KB
Image
General
Full URL
https://spend.cloud/assets/logo/text-dark.svg
Requested by
Host: spend.cloud
URL: https://spend.cloud/auth/unknown-client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
762ef3f0bbae0b19729554b05f9db5f8c276cf48a2c3171a4e5da395e2186f1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spend.cloud/auth/unknown-client

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"67375c73-14e2"
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:42 GMT
content-type
image/svg+xml
last-modified
Fri, 15 Nov 2024 14:36:35 GMT
server
nginx
x-frame-options
sameorigin
fa6-solid.json
api.iconify.design/
325 B
1020 B
Fetch
General
Full URL
https://api.iconify.design/fa6-solid.json?icons=caret-down
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:dcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d8eea22f56cb9049250b9bb6da1102da85717e9e3f01b0833ec1c3e207feebb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spend.cloud/

Response headers

access-control-max-age
86400
cache-control
public, max-age=604800, min-refresh=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
cross-origin-resource-policy
cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chK05GIYwZOF%2BGIne0d509dFh9dYXQwj%2Fuq3mfNwZnYLhvOKkw6D3vLFcIw%2FC%2Ftp35cnklDHLZL6cdRdyK37%2BGKetu%2FfJIq%2FM%2BWHFNwHBwzuIUjr0PpUAAHV0l8LJV%2FHM1QfkABjEyjaSKAx4CYrUA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS
cf-ray
8e4839a21fd7d7a8-LAX
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=71031&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4057&recv_bytes=2186&delivery_rate=54887&cwnd=252&unsent_bytes=0&cid=cb113355cbb7cc07&ts=720&x=0"
date
Mon, 18 Nov 2024 13:14:42 GMT
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Encoding
tp2
snowplow.visma.com/com.snowplowanalytics.snowplow/
2 B
19 B
XHR
General
Full URL
https://snowplow.visma.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.99.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.99.98.34.bc.googleusercontent.com
Software
akka-http/10.2.9 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://spend.cloud/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://spend.cloud
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
2
date
Mon, 18 Nov 2024 13:14:42 GMT
content-type
text/plain; charset=UTF-8
server
akka-http/10.2.9
tp2
snowplow.visma.com/com.snowplowanalytics.snowplow/
0
0
Preflight
General
Full URL
https://snowplow.visma.com/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.99.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.99.98.34.bc.googleusercontent.com
Software
akka-http/10.2.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://spend.cloud
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://spend.cloud
access-control-max-age
7200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 18 Nov 2024 13:14:42 GMT
server
akka-http/10.2.9
via
1.1 google
favicon.ico
spend.cloud/auth/
2 KB
821 B
Other
General
Full URL
https://spend.cloud/auth/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.245.20 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
20.245.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6f4e0bd99ac00235bb6b2f0a20c4915e822b0856c035529934ee8ea9892ccb45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://spend.cloud/auth/unknown-client

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
no-cache
content-encoding
gzip
etag
W/"67375c74-850"
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 18 Nov 2024 13:14:43 GMT
content-type
text/html; charset=utf-8
last-modified
Fri, 15 Nov 2024 14:36:36 GMT
server
nginx
x-frame-options
sameorigin
tp2
snowplow.visma.com/com.snowplowanalytics.snowplow/
2 B
19 B
XHR
General
Full URL
https://snowplow.visma.com/com.snowplowanalytics.snowplow/tp2
Requested by
Host: spend.cloud
URL: https://spend.cloud/assets/index-C87SqEsl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.99.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.99.98.34.bc.googleusercontent.com
Software
akka-http/10.2.9 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://spend.cloud/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://spend.cloud
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
2
date
Mon, 18 Nov 2024 13:14:43 GMT
content-type
text/plain; charset=UTF-8
server
akka-http/10.2.9

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| wootric_event_queue boolean| wootric_show_logs object| WootricSurvey function| wootric object| __SENTRY__ object| core object| __core-js_shared__ object| pendo object| VueProgressBarEventBus object| GlobalSnowplowNamespace function| snowplow

3 Cookies

Domain/Path Name / Value
spend.cloud/ Name: _sp_ses.490d
Value: *
spend.cloud/ Name: _sp_id.490d
Value: 2eaee300-075f-40fa-82d6-63d0195f06b5.1731935682.1.1731935682..f98c1a92-9cfc-416e-9bcf-c3140f47da9d..a066cf83-4bea-47b7-86c8-d36a975fce30.1731935682355.2
snowplow.visma.com/ Name: _sp_cookie
Value: 47c946a5-65a7-4284-adde-be524c801a1b

2 Console Messages

Source Level URL
Text
security error URL: https://spend.cloud/assets/index-C87SqEsl.js(Line 147)
Message:
Refused to connect to 'https://api.simplesvg.com/fa6-solid.json?icons=caret-down' because it violates the following Content Security Policy directive: "connect-src 'self' https://*.googletagmanager.com https://*.googleapis.com https://*.gstatic.com https://*.google-analytics.com https://*.sentry.io https://*.wootric.com https://*.wootric.eu https://*.launchdarkly.com https://*.eu.pendo.io https://snowplow.visma.com https://api.iconify.design https://snowplow-test.visma.com".
javascript error URL: https://spend.cloud/assets/index-C87SqEsl.js(Line 147)
Message:
Refused to connect to 'https://api.simplesvg.com/fa6-solid.json?icons=caret-down' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.iconify.design
cdn.eu.pendo.io
cdn.wootric.com
fonts.googleapis.com
fonts.gstatic.com
snowplow.visma.com
spend.cloud
storage.googleapis.com
142.251.35.163
2606:4700:20::681a:dcc
2607:f8b0:4006:81e::200a
2607:f8b0:4006:822::201b
34.102.245.20
34.36.140.245
34.96.110.71
34.98.99.61
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3592d1ab6343ad8ded93859cb6ce0ca00b08d3ad7a48a260d091ae94ca879ff8
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
446cdfa803e8b0fb6790e512c087c7d7f2845a768d54808a28fcfe4a01218abb
495711da10bebe8f450f5f5c198b3360f302547d7b35ecd464f463c893dcfda9
609c650ae6e220b2a4c4bf33cc531abf47a09111390f306c6d3988df41d3f8c6
6535f1b6070055a2b6722cfcaf7967de3a93e516ad3a58c7c52e0bc094dce75a
6f4e0bd99ac00235bb6b2f0a20c4915e822b0856c035529934ee8ea9892ccb45
717c06565f99f75b209f08e04d388c9756b94435d725805decd00e10a034fd5f
762ef3f0bbae0b19729554b05f9db5f8c276cf48a2c3171a4e5da395e2186f1f
7adb208e74999c24c7a337d743417c87c02590284a1661cd8ec35b43222d78be
80ccaffbd0145ec119bb2d785e0d2c0e2f28a321262631f05c3a5ce89e931cc1
9d8eea22f56cb9049250b9bb6da1102da85717e9e3f01b0833ec1c3e207feebb
9f7ca24d6a67eee6f8a521f8b8bc64ffbd0a3a7df99128ddae3bd81c91efb494
bb2ef47988764f7287cec828255816e85b3a434fe1306ed40c4e1993a349e83e
be3fe55543f758d8432ed5dfa6afbe9b79b226231c1a6ff6dcaefac0b2917bfb
c4359b89a8ba3f867ce9518d43b74fff04ccaf4066018073858ab345391364fd
d505c50f308b28b9deeba92a758733510784967771010453c5775ca2a4cbfbe5
dcb72a8d2478bc448bab6712de33a8370c2b3027d9ae9a079d1f4de5a6600634
e47ab43fe2cec0d11607d1ea5e71c497b8347564032a0f005278dc414a69fdbe
e4d0114f2daa46f7ca5eb5341321d07fc7fb765080e826b74a20a1bb231d162e
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
f37d93c862ba8958e8a83a2353ce79d1a4ba4220d51c648bc986cf9a7fab8625
fe7f7a5dc1fb43aa9a22f4b5b1198370b13daddcafa0c9bef3e45d7f16372a31