urlscan.io logo urlscan.io
SecurityTrails logo

trustpair-app-github-actions.herokuapp.com Open in urlscan Pro
35.156.170.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trustpair-app-github-actions.herokuapp.com/
Effective URL: https://trustpair-app-github-actions.herokuapp.com/users/sign_in
Submission: On April 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 23 HTTP transactions. The main IP is 35.156.170.132, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is trustpair-app-github-actions.herokuapp.com.
TLS certificate: Issued by R3 on April 14th 2023. Valid for: 3 months.
This is the only time trustpair-app-github-actions.herokuapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 35.156.170.132 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
8 99.86.8.175 16509 (AMAZON-02)
1 18.66.97.53 16509 (AMAZON-02)
1 13.224.189.18 16509 (AMAZON-02)
1 54.212.217.51 16509 (AMAZON-02)
1 52.222.236.74 16509 (AMAZON-02)
2 18.66.147.3 16509 (AMAZON-02)
23 10
5    35.156.170.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-170-132.eu-central-1.compute.amazonaws.com
trustpair-app-github-actions.herokuapp.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
8    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
1    18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
static.hotjar.com
1    13.224.189.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-18.fra2.r.cloudfront.net
widget.intercom.io
1    54.212.217.51 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-212-217-51.us-west-2.compute.amazonaws.com
api.segment.io
1    52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net
script.hotjar.com
2    18.66.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-3.fra60.r.cloudfront.net
js.intercomcdn.com
Apex Domain
Subdomains		 Transfer
8 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1444
61 KB
5 herokuapp.com
trustpair-app-github-actions.herokuapp.com
328 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2348
206 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 636
script.hotjar.com — Cisco Umbrella Rank: 765
72 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
2 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1081
192 B
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1790
4 KB
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 819
52 KB
23 9
Domain Requested by
8 cdn.segment.com unpkg.com
trustpair-app-github-actions.herokuapp.com
cdn.segment.com
5 trustpair-app-github-actions.herokuapp.com 1 redirects trustpair-app-github-actions.herokuapp.com
2 js.intercomcdn.com widget.intercom.io
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com trustpair-app-github-actions.herokuapp.com
1 script.hotjar.com static.hotjar.com
1 api.segment.io cdn.segment.com
1 widget.intercom.io cdn.segment.com
1 static.hotjar.com cdn.segment.com
1 unpkg.com trustpair-app-github-actions.herokuapp.com
23 10

This site contains no links.

Subject Issuer Validity Valid
trustpair-app-github-actions.herokuapp.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-01 -
2023-06-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-12		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
*.segment.io
Amazon RSA 2048 M01		 2023-02-10 -
2024-02-10		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-29		 a year crt.sh

This page contains 2 frames:

Primary Page: https://trustpair-app-github-actions.herokuapp.com/users/sign_in
Frame ID: 3F18CD4F6DC025F72C272B4FB2BC2749
Requests: 21 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.0bb367c3.js
Frame ID: 06B941C6E8D732A0CBD92BE4374278C2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Trustpair | Intelligent validation of supplier payments

Page URL History Show full URLs

  1. https://trustpair-app-github-actions.herokuapp.com/ HTTP 302
    https://trustpair-app-github-actions.herokuapp.com/users/sign_in Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.herokuapp\.com
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

23
Requests

100 %
HTTPS

30 %
IPv6

9
Domains

10
Subdomains

10
IPs

2
Countries

756 kB
Transfer

2962 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trustpair-app-github-actions.herokuapp.com/ HTTP 302
    https://trustpair-app-github-actions.herokuapp.com/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
trustpair-app-github-actions.herokuapp.com/users/
Redirect Chain
  • https://trustpair-app-github-actions.herokuapp.com/
  • https://trustpair-app-github-actions.herokuapp.com/users/sign_in
63 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trustpair-app-github-actions.herokuapp.com/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.156.170.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-170-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
24dcc53633ebe7298846ba9c63ad6a8d2fb8010a00fc89e2e3cb28851c6ff44c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; font-src 'self' https: data:; img-src 'self' https: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: 'nonce-4J9BXJNrXEAbTdwR+7gnSw=='; style-src 'self' https: 'unsafe-inline' blob:; frame-src https://vars.hotjar.com https://intercom-sheets.com https://mfe-dashboard-staging.trustpair.vercel.app https://mfe-home-implement-home-page.trustpair.vercel.app https://mfe-task-center-staging.trustpair.vercel.app; child-src https://vars.hotjar.com; manifest-src 'self'; base-uri 'none'; form-action 'self' https://intercom.help/trustpair https://*.okta.com https://mfe-dashboard-staging.trustpair.vercel.app https://mfe-home-implement-home-page.trustpair.vercel.app https://mfe-task-center-staging.trustpair.vercel.app; connect-src 'self' https: wss:; frame-ancestors 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Content-Security-Policy
default-src 'none'; font-src 'self' https: data:; img-src 'self' https: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: 'nonce-4J9BXJNrXEAbTdwR+7gnSw=='; style-src 'self' https: 'unsafe-inline' blob:; frame-src https://vars.hotjar.com https://intercom-sheets.com https://mfe-dashboard-staging.trustpair.vercel.app https://mfe-home-implement-home-page.trustpair.vercel.app https://mfe-task-center-staging.trustpair.vercel.app; child-src https://vars.hotjar.com; manifest-src 'self'; base-uri 'none'; form-action 'self' https://intercom.help/trustpair https://*.okta.com https://mfe-dashboard-staging.trustpair.vercel.app https://mfe-home-implement-home-page.trustpair.vercel.app https://mfe-task-center-staging.trustpair.vercel.app; connect-src 'self' https: wss:; frame-ancestors 'none'
Content-Type
text/html; charset=utf-8
Cross-Origin-Opener-Policy
same-origin
Date
Fri, 14 Apr 2023 12:25:20 GMT
Etag
W/"24dcc53633ebe7298846ba9c63ad6a8d"
Feature-Policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; document-domain 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; sync-xhr 'self'; usb 'none'; vr 'none';
Link
<https://trustpair-app-github-actions.herokuapp.com/packs/css/application-1373e951.css>; rel=preload; as=style; nopush,<https://fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp>; rel=preload; as=style; nopush,<https://trustpair-app-github-actions.herokuapp.com/packs/js/application-43ef8cbd1eac0340d84b.js>; rel=preload; as=script; nopush
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=63072000
Transfer-Encoding
chunked
Vary
Origin
Via
1.1 spaces-router (e46a9e002bdb)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
none
X-Rack-Cors
miss; no-origin
X-Request-Id
23e78dd1-8bef-0af9-9804-82c631e6bc3b
X-Runtime
0.035134
X-Xss-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Content-Length
130
Content-Security-Policy
default-src 'none'; font-src 'self' https: data:; img-src 'self' https: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: 'nonce-n33XxTuAG0UAmsS4Vbdneg=='; style-src 'self' https: 'unsafe-inline' blob:; frame-src https://vars.hotjar.com https://intercom-sheets.com https://mfe-dashboard-staging.trustpair.vercel.app https://mfe-home-implement-home-page.trustpair.vercel.app https://mfe-task-center-staging.trustpair.vercel.app; child-src https://vars.hotjar.com; manifest-src 'self'; base-uri 'none'; form-action 'self' https://intercom.help/trustpair https://*.okta.com https://mfe-dashboard-staging.trustpair.vercel.app https://mfe-home-implement-home-page.trustpair.vercel.app https://mfe-task-center-staging.trustpair.vercel.app; connect-src 'self' https: wss:; frame-ancestors 'none'
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Apr 2023 12:25:20 GMT
Location
https://trustpair-app-github-actions.herokuapp.com/users/sign_in
Strict-Transport-Security
max-age=63072000
Vary
Origin
Via
1.1 spaces-router (e46a9e002bdb)
X-Rack-Cors
miss; no-origin
X-Request-Id
620b6168-3765-8f65-5e45-91249c383864
X-Runtime
0.009016
application-1373e951.css
trustpair-app-github-actions.herokuapp.com/packs/css/ 		381 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://trustpair-app-github-actions.herokuapp.com/packs/css/application-1373e951.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.156.170.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-170-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3b9a8bb782e75df3fdc5eb3e167381213e63cde0f3959314e6bd992c0094a480
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

X-Rack-Cors
miss; no-origin
Strict-Transport-Security
max-age=63072000
Content-Encoding
br
Via
1.1 spaces-router (e46a9e002bdb)
Date
Fri, 14 Apr 2023 12:25:21 GMT
Last-Modified
Fri, 14 Apr 2023 12:16:14 GMT
Vary
Accept-Encoding, Origin
Content-Type
text/css
Content-Length
43210
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
80bbd5be45a524bdbb122e6e34df705780ee6ea56655d6ac9ad9e92c1e12362d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Apr 2023 12:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 12:25:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Apr 2023 12:25:21 GMT
application-43ef8cbd1eac0340d84b.js
trustpair-app-github-actions.herokuapp.com/packs/js/ 		1 MB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trustpair-app-github-actions.herokuapp.com/packs/js/application-43ef8cbd1eac0340d84b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.156.170.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-170-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5e830ad5d356e8ae4f40a15ef5d8b81fccd75afd0782263cb249de6344413fc8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

X-Rack-Cors
miss; no-origin
Strict-Transport-Security
max-age=63072000
Content-Encoding
br
Via
1.1 spaces-router (e46a9e002bdb)
Date
Fri, 14 Apr 2023 12:25:21 GMT
Last-Modified
Fri, 14 Apr 2023 12:16:14 GMT
Vary
Accept-Encoding, Origin
Content-Type
application/javascript
Content-Length
214952
consent-manager.js
unpkg.com/@segment/consent-manager@5.6.0/standalone/ 		168 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@segment/consent-manager@5.6.0/standalone/consent-manager.js
Requested by
Host: trustpair-app-github-actions.herokuapp.com
URL: https://trustpair-app-github-actions.herokuapp.com/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9da9cf06e9d4701ff2bc8e8c4619b01982de2d62e18ad504aee96db3e5c56f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 12:25:21 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
22561431
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G8ZFC0EBNVHVABQK3ABQ27S8-fra
server
cloudflare
etag
W/"29fff-7FwyHVjeMFr1krwwI9Pzx15ibQw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7b7bee560e2c693f-FRA
logo-trustpair-3f7caae57175e58b6d550a72dd9793b5.svg
trustpair-app-github-actions.herokuapp.com/packs/media/images/ui/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trustpair-app-github-actions.herokuapp.com/packs/media/images/ui/logo-trustpair-3f7caae57175e58b6d550a72dd9793b5.svg
Requested by
Host: trustpair-app-github-actions.herokuapp.com
URL: https://trustpair-app-github-actions.herokuapp.com/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.156.170.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-170-132.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6833433656b84671f5a8cea0fadb98b25f12ba1588917ad08462fda9de57e4d0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

X-Rack-Cors
miss; no-origin
Strict-Transport-Security
max-age=63072000
Via
1.1 spaces-router (e46a9e002bdb)
Date
Fri, 14 Apr 2023 12:25:21 GMT
Last-Modified
Fri, 14 Apr 2023 12:16:13 GMT
Vary
Origin
Content-Type
image/svg+xml
Content-Length
9056
css
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i
Requested by
Host: trustpair-app-github-actions.herokuapp.com
URL: https://trustpair-app-github-actions.herokuapp.com/packs/css/application-1373e951.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8fac41d891b9dffac43e3e8073775137dbb68d92f2e02569e8a514687eb35497
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Apr 2023 12:25:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Apr 2023 10:41:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Apr 2023 12:25:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trustpair-app-github-actions.herokuapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:04 GMT
x-content-type-options
nosniff
age
266057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:04 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://trustpair-app-github-actions.herokuapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:11 GMT
x-content-type-options
nosniff
age
266050
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:11 GMT
integrations
cdn.segment.com/v1/projects/YFCmftN8DYSIkjqWIFM40SXmBniKMxwj/ 		846 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YFCmftN8DYSIkjqWIFM40SXmBniKMxwj/integrations
Requested by
Host: unpkg.com
URL: https://unpkg.com/@segment/consent-manager@5.6.0/standalone/consent-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecb5c0b88634cb2d0d9d60faa8b15aa8254decefddaeba2a6782ab9481888479

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 12:25:23 GMT
x-amz-version-id
ZuAjW9lRT_xKRFGjMxlrFQOPVWySIOcL
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
846
last-modified
Tue, 08 Nov 2022 14:07:30 GMT
server
AmazonS3
etag
"2f02cf5c509259d42be2be41a4d0c3bf"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
x-amz-cf-id
5eiYn0nGdG7kyeajOXVwIornvSMJEC4T5j7i2dyWmKhpJRdNV_WkvQ==
analytics.min.js
cdn.segment.com/analytics.js/v1/YFCmftN8DYSIkjqWIFM40SXmBniKMxwj/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YFCmftN8DYSIkjqWIFM40SXmBniKMxwj/analytics.min.js
Requested by
Host: trustpair-app-github-actions.herokuapp.com
URL: https://trustpair-app-github-actions.herokuapp.com/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21ae1c6c18282d8042ea2209b716bd9edfd88e95ae4ac874bb2043688d3b0916

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 12:25:23 GMT
x-amz-version-id
kr3ykBrAchBmaWLzlgxr.CESYaYnqjK6
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 11 Apr 2023 22:36:57 GMT
server
AmazonS3
etag
W/"a3fe3f10e2a2ad88a3d59f3557429632"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
9quVSTSe4otVitbvlnBU4aj7EYP7g6LInuAtIkrBZcjoi82sdD7JVg==
settings
cdn.segment.com/v1/projects/YFCmftN8DYSIkjqWIFM40SXmBniKMxwj/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YFCmftN8DYSIkjqWIFM40SXmBniKMxwj/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YFCmftN8DYSIkjqWIFM40SXmBniKMxwj/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ba0054a956a01a8868da4ca81766bc7a198162db0c54bee0438110494cd39c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 12:25:24 GMT
x-amz-version-id
nnJld2eOCoBBP5YBbxDBh5oMYw_AQC4P
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Nov 2022 14:07:29 GMT
server
AmazonS3
etag
W/"af000631cdc34337624014c5df4af1a4"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
pxVBVQmVE3FADpW6orMNsYVvn6inzmHm2VvnlglVoefmEe08QohHxA==
ajs-destination.bundle.ccff523783839dc95aac.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ccff523783839dc95aac.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YFCmftN8DYSIkjqWIFM40SXmBniKMxwj/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e28a44f05465881891ed02e04f286084a8fdb361d81e1877ea4f612f05dcddaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 04:55:35 GMT
x-amz-version-id
a142wvWCk5xJExZUb9LpN_387MWS7AEL
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
286190
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 16 Mar 2023 12:05:28 GMT
server
AmazonS3
etag
W/"9bd6c4523feaa1477df0588cd1d6738c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
3U9Lkm3LWH8EfAATZbbFKcYsd59M6C7PDWvunMnXqjIJ3oONUyy-Ug==
schemaFilter.bundle.d0fc84c62e956d168cce.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.d0fc84c62e956d168cce.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YFCmftN8DYSIkjqWIFM40SXmBniKMxwj/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ac404a65bffee85a15718f669a44f5a034c94116661e6e0e48b1609f4a8617a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 02:25:35 GMT
x-amz-version-id
VLQuST3Rg1zoSyN.SWag4b2R93Pv7oyc
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
7639190
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 16 Jan 2023 00:06:36 GMT
server
AmazonS3
etag
W/"d6985af1d6ad9e8c2f97f24f7b27306e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
F_ToKsjpfAbSf7vxpmYWtS00Gr7GgGshRN8czQyOxPu8tCEF-gwoSA==
intercom.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/intercom/3.1.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/intercom/3.1.0/intercom.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YFCmftN8DYSIkjqWIFM40SXmBniKMxwj/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 15:25:30 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-version-id
VupdYQ6qBkXuKuwHCUsJq5XIQSASwbug
x-amz-cf-pop
FRA6-C1
age
3013195
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1878
last-modified
Wed, 08 Feb 2023 17:50:06 GMT
server
AmazonS3
etag
"d20b898e8b1fe44f03e532db7fe5cf4e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
leTvE-cY5oZIBU1b_V6e7VyJc5ew1PleVJDCyVo_m1DZUTDPicwq3w==
hotjar.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/hotjar.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YFCmftN8DYSIkjqWIFM40SXmBniKMxwj/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05cee74e08992e6f58bc28d43ff042c5def119ba66ca7601cdb4b3efce53625f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 14:54:37 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-version-id
ta.cR39SzV86GxTgbdl_oC2qX1O_D.hW
x-amz-cf-pop
FRA6-C1
age
1373448
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1336
last-modified
Thu, 23 Mar 2023 13:55:25 GMT
server
AmazonS3
etag
"4cd7c93a55ce331d264d9a857bd044ed"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
u8RX2MWys4wtc5Cb1PLWtaPVHLUzJ9GEZZaipwbhYADdxIaExzvnxw==
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YFCmftN8DYSIkjqWIFM40SXmBniKMxwj/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:22:22 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-version-id
ael9kqF7zw4BDqQR7KZqyJkiRj3YRmzk
x-amz-cf-pop
FRA6-C1
age
68583
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22177
last-modified
Wed, 12 Apr 2023 08:30:40 GMT
server
AmazonS3
etag
"befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
K2rxzugHLzPRxpNHO1UISLV7_iaKIW7M7yLG-JoUyFjOjbpyh_NhrA==
hotjar-1038414.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1038414.js?sv=6
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/hotjar/1.4.0/hotjar.dynamic.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
f2dcd694f4b3a0b8da3dc26d67eb72f3791bddb033c262ec2acb291ea2c52875
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 14 Apr 2023 12:25:24 GMT
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
10
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/3b701ead89a8f2e993cb81f183cfe23a
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
J01DQm5X4w7hcGD5ikCegOm6tBM3Pd_Y6YG5iIrkYHr1sNZ1_qWQ7g==
x8zsmfst
widget.intercom.io/widget/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/x8zsmfst
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5eb76e613d0d1f455951e961c964facc6d89bc3ba6fd55ef60ada1c91fe9fe75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id
c2r3lTnYWc995GY0gmXHcfpyQ4LOzFp.
content-encoding
gzip
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
date
Fri, 14 Apr 2023 12:10:33 GMT
x-amz-cf-pop
FRA2-C1
age
994
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3268
last-modified
Fri, 14 Apr 2023 11:06:01 GMT
server
AmazonS3
etag
"9bc4abc667af68d46b6d17081c86fcbd"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
Mgt9g6ie5hhk4sKoKRzqUhgn3-oB_3UQA-_B1aKISCeU2J4Zn6movg==
p
api.segment.io/v1/ 		21 B
192 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YFCmftN8DYSIkjqWIFM40SXmBniKMxwj/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.212.217.51 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-217-51.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://trustpair-app-github-actions.herokuapp.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://trustpair-app-github-actions.herokuapp.com
date
Fri, 14 Apr 2023 12:25:24 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
modules.8b26e228a400adf6a3ea.js
script.hotjar.com/ 		263 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8b26e228a400adf6a3ea.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1038414.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-74.fra56.r.cloudfront.net
Software
/
Resource Hash
d2cb92b3554176861fd9374c942515bc913c693a669c695825e7f0d2c5090dac
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://trustpair-app-github-actions.herokuapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 14:00:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
80717
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68968
last-modified
Thu, 13 Apr 2023 13:59:36 GMT
etag
"2da692760d5ec76b723efe12689934ab"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
JUVlw-jI9t1WsbH0jPB5r2f2k0VqwsHGgEUZjNbQ_PSRsyUFM5CgTw==
frame-modern.0bb367c3.js
js.intercomcdn.com/ Frame 06B9 		502 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.0bb367c3.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/x8zsmfst
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ba0958907d8b01c2915a6d9cf6dedd0671ec97859c72df623e2c855278390fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 11:06:05 GMT
content-encoding
gzip
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-version-id
wNtds4hlYLF4TbCQIu4R29brAWwU1FdF
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
4760
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
134972
last-modified
Fri, 14 Apr 2023 11:03:01 GMT
server
AmazonS3
etag
"595fe84ecda8dfe7a837b748930812a8"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
SlXZ5mtakvfknv67dYleCQ_ao70vWOYI1pgz_zo32AuxoTdo2Yr9Pw==
vendor-modern.94ceb524.js
js.intercomcdn.com/ Frame 06B9 		237 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.94ceb524.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/x8zsmfst
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-3.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
346122b7a3362b919bc15f0a65b2b1110240f67fe0fa8b07f460d15388d008ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

x-amz-version-id
ZuE1aWO9gkfFh00NQ.EConKyzQUfqi_Z
content-encoding
gzip
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
date
Fri, 14 Apr 2023 10:38:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA60-P4
age
6428
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
74614
last-modified
Tue, 11 Apr 2023 12:50:08 GMT
server
AmazonS3
etag
"2871d0bf1d51550be0774740ad875657"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
17cDVl7R6_zDtkNyyhS42Ftyc4RmLFXbXbAu0S4sCW4u3nkilMskJg==

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| analytics function| consentManagerConfig function| clearImmediate function| setImmediate function| $ function| jQuery object| regeneratorRuntime object| notifications function| selectpickerRefresher boolean| _rails_loaded object| consentManager object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| intercomDeps function| intercomLoader object| hotjarDeps function| hotjarLoader object| webpackJsonp_name_Integration function| intercomIntegration function| Intercom function| hotjarIntegration object| _hjSelf function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| __intercomAssignLocation function| __intercomReloadLocation

7 Cookies

Domain/Path Name / Value
trustpair-app-github-actions.herokuapp.com/ Name: _trustpair_app_session
Value: 2c0d6463ac3fcf0065a7495058442378
.trustpair-app-github-actions.herokuapp.com/ Name: ajs_anonymous_id
Value: 94c39999-2911-4461-a124-22eac97c0850
.trustpair-app-github-actions.herokuapp.com/ Name: _hjSessionUser_1038414
Value: eyJpZCI6ImFiOGQ1YWQ4LTFlMjAtNWRhNC05MzRlLTY5ODA3MWU3NmQyMiIsImNyZWF0ZWQiOjE2ODE0NzUxMjQzMDgsImV4aXN0aW5nIjpmYWxzZX0=
.trustpair-app-github-actions.herokuapp.com/ Name: _hjFirstSeen
Value: 1
.trustpair-app-github-actions.herokuapp.com/ Name: _hjIncludedInSessionSample_1038414
Value: 0
.trustpair-app-github-actions.herokuapp.com/ Name: _hjSession_1038414
Value: eyJpZCI6IjY4NzRhZDlhLTgxMDYtNDZiOS04YzI1LWI0OTgwY2RkODkwZSIsImNyZWF0ZWQiOjE2ODE0NzUxMjQzMTQsImluU2FtcGxlIjpmYWxzZX0=
.trustpair-app-github-actions.herokuapp.com/ Name: _hjAbsoluteSessionInProgress
Value: 0

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vr'.
security error URL: https://trustpair-app-github-actions.herokuapp.com/users/sign_in(Line 5)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: 'nonce-4J9BXJNrXEAbTdwR+7gnSw=='". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security error URL: https://trustpair-app-github-actions.herokuapp.com/users/sign_in(Line 6)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: 'nonce-4J9BXJNrXEAbTdwR+7gnSw=='". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; font-src 'self' https: data:; img-src 'self' https: data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: 'nonce-4J9BXJNrXEAbTdwR+7gnSw=='; style-src 'self' https: 'unsafe-inline' blob:; frame-src https://vars.hotjar.com https://intercom-sheets.com https://mfe-dashboard-staging.trustpair.vercel.app https://mfe-home-implement-home-page.trustpair.vercel.app https://mfe-task-center-staging.trustpair.vercel.app; child-src https://vars.hotjar.com; manifest-src 'self'; base-uri 'none'; form-action 'self' https://intercom.help/trustpair https://*.okta.com https://mfe-dashboard-staging.trustpair.vercel.app https://mfe-home-implement-home-page.trustpair.vercel.app https://mfe-task-center-staging.trustpair.vercel.app; connect-src 'self' https: wss:; frame-ancestors 'none'
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
cdn.segment.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
script.hotjar.com
static.hotjar.com
trustpair-app-github-actions.herokuapp.com
unpkg.com
widget.intercom.io
13.224.189.18
18.66.147.3
18.66.97.53
2606:4700::6810:7daf
2a00:1450:4001:80b::200a
2a00:1450:4001:82f::2003
35.156.170.132
52.222.236.74
54.212.217.51
99.86.8.175
05cee74e08992e6f58bc28d43ff042c5def119ba66ca7601cdb4b3efce53625f
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
21ae1c6c18282d8042ea2209b716bd9edfd88e95ae4ac874bb2043688d3b0916
24dcc53633ebe7298846ba9c63ad6a8d2fb8010a00fc89e2e3cb28851c6ff44c
346122b7a3362b919bc15f0a65b2b1110240f67fe0fa8b07f460d15388d008ff
3b9a8bb782e75df3fdc5eb3e167381213e63cde0f3959314e6bd992c0094a480
5e830ad5d356e8ae4f40a15ef5d8b81fccd75afd0782263cb249de6344413fc8
5eb76e613d0d1f455951e961c964facc6d89bc3ba6fd55ef60ada1c91fe9fe75
6833433656b84671f5a8cea0fadb98b25f12ba1588917ad08462fda9de57e4d0
6ac404a65bffee85a15718f669a44f5a034c94116661e6e0e48b1609f4a8617a
7ba0958907d8b01c2915a6d9cf6dedd0671ec97859c72df623e2c855278390fe
80bbd5be45a524bdbb122e6e34df705780ee6ea56655d6ac9ad9e92c1e12362d
8ba0054a956a01a8868da4ca81766bc7a198162db0c54bee0438110494cd39c5
8fac41d891b9dffac43e3e8073775137dbb68d92f2e02569e8a514687eb35497
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b9da9cf06e9d4701ff2bc8e8c4619b01982de2d62e18ad504aee96db3e5c56f1
d2cb92b3554176861fd9374c942515bc913c693a669c695825e7f0d2c5090dac
e28a44f05465881891ed02e04f286084a8fdb361d81e1877ea4f612f05dcddaf
ecb5c0b88634cb2d0d9d60faa8b15aa8254decefddaeba2a6782ab9481888479
f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3
f2dcd694f4b3a0b8da3dc26d67eb72f3791bddb033c262ec2acb291ea2c52875
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615