security.upflow.io Open in urlscan Pro
2606:4700:20::681a:bb6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://security.upflow.io/
Submission: On July 05 via automatic, source certstream-suspicious (July 5th 2024, 5:12:51 pm UTC) — Scanned from DE

Summary HTTP 27 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 27 HTTP transactions. The main IP is 2606:4700:20::681a:bb6, located in United States and belongs to CLOUDFLARENET, US. The main domain is security.upflow.io.
TLS certificate: Issued by GTS CA 1P5 on June 10th 2024. Valid for: 3 months.

This is the only time security.upflow.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:20:... 2606:4700:20::681a:bb6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700::68... 2606:4700::6812:beb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
27	5

9 2606:4700:20::681a:bb6 (United States)

ASN13335 (CLOUDFLARENET, US)

security.upflow.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:beb (United States)

ASN13335 (CLOUDFLARENET, US)

static.vanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	vanta.com static.vanta.com — Cisco Umbrella Rank: 620618	4 MB
9	upflow.io security.upflow.io	81 KB
3	gstatic.com fonts.gstatic.com	119 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
0	cloudflareinsights.com Failed static.cloudflareinsights.com Failed
0	browser-intake-datadoghq.com Failed csp-report.browser-intake-datadoghq.com Failed
27	6

	Domain	Requested by
12	static.vanta.com	security.upflow.io static.vanta.com
9	security.upflow.io	static.vanta.com
3	fonts.gstatic.com	security.upflow.io fonts.googleapis.com
1	fonts.googleapis.com	security.upflow.io
0	static.cloudflareinsights.com Failed	security.upflow.io
0	csp-report.browser-intake-datadoghq.com Failed	security.upflow.io
27	6

This site contains links to these domains. Also see Links.

Domain
securityscorecard.com
www.vanta.com

Subject Issuer	Validity	Valid
security.upflow.io GTS CA 1P5	`2024-06-10` - `2024-09-08`	3 months	crt.sh
static.vanta.com E1	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://security.upflow.io/
Frame ID: C2237E7823749B1D033412D69C84822C
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trust Center - Upflow

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

27
Requests

93 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

4412 kB
Transfer

13307 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://securityscorecard.com/security-rating/upflow.io
Title: here

Search URL Search Domain Scan URL

URL: https://www.vanta.com/products/trust-center?utm_campaign=&utm_source=trust-center&utm_medium=product

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
security.upflow.io/ 4 KB
3 KB 815ms
760ms Document
text/html 2606:4700:20::681a:bb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://security.upflow.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44961326aae6dd9ff4fd8b19e48aa770a0f66796fc3d4cffa6e8639dd719f6f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 89e8fb5c8cb02baa-FRA
content-encoding: br
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
content-type: text/html; charset=utf-8
date: Fri, 05 Jul 2024 17:12:47 GMT
link: <https://fonts.googleapis.com>; rel="preconnect"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mq%2FLxDSXxI%2FUwDq7Izq%2FcmMSqULB560MgR6caNjZDOzrgPQgKa%2F08Nv%2BIbIovRib1DJQa2IoW67zKz2Qlvsmmka2wEAHQBXB1XSrWwvIsmOvFZpYAm2YypGURwL7%2BYroPCGq8glE31uihfwAhO29"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 index.bb1f20c9.css
static.vanta.com/static/ 330 KB
42 KB 161ms
97ms Stylesheet
text/css 2606:4700::6812:beb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.bb1f20c9.css

Requested by

Host: security.upflow.io
URL: https://security.upflow.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:beb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25fc8b1b02b233b974ce0230085f773fe54368dead0425b51c22f38283595831

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"37a29a33e79e78f136437718334c3f38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O00q%2Fr1yL48m%2Fki62ylzPCKwbzfPlwvHT1BLWw4o6vEAa5BbyNbAxLfWQq6f%2Fcga6bioall9xEI3BAnW6mD8L0Mu22qVf7r%2FCttUVYQN6vITvzDHIFx5HY4zYaDFFNBhqrHr%2BTJp0RPvk%2Bji4zA0"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 89e8fb61bf6290d6-FRA

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v13/ 45 KB
46 KB 63ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: security.upflow.io
URL: https://security.upflow.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Origin: https://security.upflow.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 15:03:18 GMT
x-content-type-options: nosniff
age: 266969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46552
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:46:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Jul 2025 15:03:18 GMT

GET
H2 200 L0x8DFMnlVwD4h3hu_qnZypEiw.woff2
fonts.gstatic.com/s/domine/v20/ 27 KB
28 KB 81ms
39ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/domine/v20/L0x8DFMnlVwD4h3hu_qnZypEiw.woff2

Requested by

Host: security.upflow.io
URL: https://security.upflow.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f5e0b9e325758a96240d38bcd1eee56916eada73cb6aa63b6d4f21ad93dc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Origin: https://security.upflow.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 14:30:51 GMT
x-content-type-options: nosniff
age: 96116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28108
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:06:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Jul 2025 14:30:51 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 69ms
27ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Domine:wght@400;600&family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: security.upflow.io
URL: https://security.upflow.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

210276eebb083399ebc3333e6cddff185da4bd1612034dc0da9a122bce8c8217

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 05 Jul 2024 17:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 05 Jul 2024 17:12:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Jul 2024 17:12:47 GMT

GET
H2 200 index.da1cff87.css
static.vanta.com/static/ 156 KB
36 KB 158ms
107ms Stylesheet
text/css 2606:4700::6812:beb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.da1cff87.css

Requested by

Host: security.upflow.io
URL: https://security.upflow.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:beb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1632feb4f44c3db227e170823e0e0820a4a8bc1fcc4294b0d6cde1bbcf276a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"b7607aa9e61cc8fe8eb5800c4572886c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7hOPGeO9%2FiHSA8L49i7js5vO2akUPynimlf26A62H6w%2BER57xEHySp7RyOAkP5Cjp9PHgd5fj47577ibdy8TCYGaUjZlEarFoAlDJb5aNMo8GDlaq05SxMMigcwm1Umto6hrVzNjjOSiXs%2FN9cpG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 89e8fb61bf6190d6-FRA

GET
H2 200 index.35ccda93.css
static.vanta.com/static/ 573 B
670 B 125ms
74ms Stylesheet
text/css 2606:4700::6812:beb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.35ccda93.css

Requested by

Host: security.upflow.io
URL: https://security.upflow.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:beb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

985b6eb75df5bc1ff881a298e757545b990cea861fa8322ed83cf5de48890e9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"7c68e0a85ed912a483a9a879dc76ac3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zjgLDxan%2BudEnVo3qIlgniSXyzTFjMpDrYIiKHdi8aT5fnLX9EIYWwcPE8ADi%2BLcvjIPHVIOEUDpIQTpBQYXWY0tHF0YnnatSPSOQTKwPdF5Zp2MSQL%2B%2FOzU%2Fp%2F9MXSFUea4nw87h0NgXMOAsAJN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 89e8fb61bf5f90d6-FRA

GET
H2 200 index.f38440db.css
static.vanta.com/static/ 581 B
2 KB 118ms
67ms Stylesheet
text/css 2606:4700::6812:beb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.f38440db.css

Requested by

Host: security.upflow.io
URL: https://security.upflow.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:beb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a30a1fd9a0a63b31c289e931a2c67a59b1b04de5a9b271733db7e1e8a341a0be

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"bdf1032f4c4f0e7f547acb316574492e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iCeIVCv262x3r0ku%2BiqY5RJcPByk5pp6Mdt2F8q7akGX2YJulTRK9NYMt%2F3UOOo8i7xvwkEn%2FZIzrKBLEE%2B1NLSqLpYN%2FXHdIVCDkLfA6XlmlFmLF1QrS%2BdxO7qfG%2FZtYOjML%2BSgBWhwBzUCg3PZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 89e8fb61bf5e90d6-FRA

GET
H2 200 index-trust-report.d5af94f0.css
static.vanta.com/static/ 263 B
520 B 135ms
86ms Stylesheet
text/css 2606:4700::6812:beb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index-trust-report.d5af94f0.css

Requested by

Host: security.upflow.io
URL: https://security.upflow.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:beb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2a7ebcdcb7bb18151c6f4348fea4c089d57b79a24ef9f0353a49d49d4803e9a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c2fdb9b23430bd05b923837760605e58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PR050eErRdZlaluOH2hPmVJLjo1XSLpxyEfhOoG8S8P4Bb2SPai1KY98BDYmAv7oWomwO5T0CbUVuVUGJ4V4XUqV3Bqn8oeNMBc0eQRDjMNLgnlQ3euI%2Bth0%2B8QeUrwrepEkfQnaYg9QwAx0I2TZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 89e8fb61bf6090d6-FRA

GET
H2 200 entry-trust-report.js Show response
static.vanta.com/static/ 548 B
2 KB 57ms
57ms Script
application/javascript 2606:4700::6812:beb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/entry-trust-report.js

Requested by

Host: security.upflow.io
URL: https://security.upflow.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:beb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d7f6962cff0750b9dae0de3d919b44744cd46f032930ffd12d0ac4889d6b104

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:47 GMT
strict-transport-security: max-age=15552000
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
etag: W/"e6c780ea9f2588f1ac6dd697b8a020a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wJ%2BdmZkmaDnbyrvnaXO%2FGsDziJ9fV3aOMCs3O481vDaiXtFOjGQlBDp0KgbjgKA%2B%2BJYh9RE1bBV1dtTNRYVSOzOaoSr2T2GeaHcdEsPf1AIOQOSLBx4I92%2F0ulH8pI7TsJkFcY8C6Xvyc83e9rak"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 89e8fb62782090d6-FRA

POST logs
csp-report.browser-intake-datadoghq.com/api/v2/ 0
0

GET beacon.min.js
static.cloudflareinsights.com/ 0
0

GET
H2 200 index.7a7ded18.js
static.vanta.com/static/ 12 MB
3 MB 162ms
161ms Script
application/javascript 2606:4700::6812:beb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.7a7ded18.js

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/entry-trust-report.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:beb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"b3efcac79583fd852392f640f0f16909"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3aAqZI6VUCNF4IB8H%2BQXyaexvq9%2FgR0xj8dt74Nc%2Fd0AOdrG%2BK9fH5x%2BoLDgioONRsT35Xow%2B1u1DJ1OSfj8EK2pd3VLPWpP344zWf8e2l71%2FJ%2Fft3q4M0Ts3IBIY4UsHlevbeRu7P0PmUJnk39N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 89e8fb62e89190d6-FRA

GET
H2 200 index.runtime.28385cee.js Show response
static.vanta.com/static/ 5 KB
3 KB 66ms
66ms Script
application/javascript 2606:4700::6812:beb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index.runtime.28385cee.js

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/entry-trust-report.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:beb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14e46f02e7c167ec302650b45c90072c1a46915c3ff1572171ec6480dae8616e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"ea91d35ea04f1f3ff400d8b0506f32a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5RedvIQqo2ozIKfLmq7o3zkpKJqnQnGuDPhdconRdj%2FQ2MptEUjjdtvA9xZhwBqKvVzaxd%2BfbrGsSQYFeHUgJCLptNI2N%2BBtLOMUQ6SJAIKH1H%2FUQz6aEnpkNodd7FTaFAL4sURwzhWVRpocB3pW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 89e8fb62e89490d6-FRA

GET
H2 200 index-trust-report.82b90091.js Show response
static.vanta.com/static/ 4 KB
2 KB 74ms
74ms Script
application/javascript 2606:4700::6812:beb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/index-trust-report.82b90091.js

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/entry-trust-report.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:beb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70b383eb6b2eae974d557f381c6adb35411c6e25a21f2a3e78b3d6c337e93a02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:47 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"f01bb26aaeaf1e89848348a6d3e0af14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2FdKbtQumfI%2BMG1dikdUPRts0kYv8QKYjpTGMVW2W83zk3YJ8wg%2Fws5vkRp8Mzk%2BmjyYBdCBAgzGUaQtJvL0PulyEQLK0SH%2Bj7lK1WE5ARxbKAt9hwjghrD7VLG6Jlph4B3hSTfhCl3o8eFwJJhv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 89e8fb62e89790d6-FRA

POST
H2 200 graphql Show response
security.upflow.io/ 164 B
538 B 512ms
512ms Fetch
application/json 2606:4700:20::681a:bb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://security.upflow.io/graphql?operation=linkedTrustCenters

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.7a7ded18.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

914edfe546b36c3bd3735352594d4fbb767870f5f0a6afa458e84874f75b1b15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
accept: */*
Referer: https://security.upflow.io/
apollographql-client-version: 9387c4
graphql-schema-version: 9387c4
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
uuid: ce568240-3af1-11ef-9384-9b184b7913bb
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
server: cloudflare
etag: W/"a4-KqTMN7V9WS9HGQ+i+9WsW+ZV57g"
expect-ct: max-age=0
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://security.upflow.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rwIIjsmKiBcHsCRQmtnJlC5uO5l%2FWiy5xS%2FUEc8MRN%2BaaobJfNx2YYCeRM3Z1r7YrL1UD2%2BlLWThQvFFsyHxnZ%2BuVHPqwTwF1xvWKB9faNeLcJWrJyVZjnekdpBkQqyxJWmUqvGzV0yjgekIVScr9w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cache-control: no-store
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 89e8fb6abe1f2baa-FRA

POST
H2 200 graphql Show response
security.upflow.io/ 401 B
878 B 500ms
500ms Fetch
application/json 2606:4700:20::681a:bb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://security.upflow.io/graphql?operation=fetchReportContext

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.7a7ded18.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95cef84d20aa1cdb89782fb701563559da9fda11c671dc7ba95af83272f9f908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
accept: */*
Referer: https://security.upflow.io/
apollographql-client-version: 9387c4
graphql-schema-version: 9387c4
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
uuid: ce523c80-3af1-11ef-99b0-21a577f7874d
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
server: cloudflare
etag: W/"191-5k1dhnXUgXhi/IVAyvCWVXRlPOI"
expect-ct: max-age=0
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://security.upflow.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilWrPLXoggBb4JV3Ky%2F531XnbLeZfnm%2FTYOd%2BmuK0sMY%2B2w8H0mgttc9%2B8pE4H1GNDcYwRzt0JtbODJyvJJxwmTjn1rCJ674wx5hXl5YomrYA7xnZ1RiPMhBEbxurp1UzGGQCfjxACbHSXeNT9SU0g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cache-control: no-store
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 89e8fb6abe272baa-FRA

GET
H2 200 favicon.ico
security.upflow.io/ 549 B
913 B 133ms
132ms Other
image/jpeg 2606:4700:20::681a:bb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://security.upflow.io/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8171b0d6b537ffde0c0d01f042e80b16138c2b19838cf983412977940b6e6167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 05 Jul 2024 17:12:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63DE2D%2B%2Fma6QOsqNXkyvvC%2FP6JPqSpEJj7i4RpJnkwcazkvFZ0eA7UeIKIRO9HYgjNMq6%2F%2FeIi80TMBjDJVuwlTceKSrRgiDm86QXIewkpymp4hRkg%2BVaWlpFINLh5IBPV1Vk%2FBBfW4jNRoLwfCEaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 89e8fb6ace2b2baa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 549

POST
H2 200 graphql Show response
security.upflow.io/ 9 KB
4 KB 807ms
807ms Fetch
application/json 2606:4700:20::681a:bb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://security.upflow.io/graphql?operation=fetchDataForTrustReport

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.7a7ded18.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23d07848525e62a39ef2d9427e784b0e2fe8b5ff9f1292c70c773415ad32330f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
accept: */*
Referer: https://security.upflow.io/
apollographql-client-version: 9387c4
graphql-schema-version: 9387c4
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dns-prefetch-control: off
uuid: cea146e0-3af1-11ef-a6f0-cba7d9f43d3d
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
server: cloudflare
etag: W/"2580-F+8jxl/EUEPV6Wh4Vm2heYKBf5U"
expect-ct: max-age=0
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://security.upflow.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3KPoFV%2Br%2B15U8Ra7SoF577yHLeYpGFi5AAN2c0cBnUW3IkWT%2FXCyYWrZ%2F6QTb0g%2F9pyz9K5OCZcbV9RB4E4XTFMhJdaHRKvnuWzuk4v97lMK9m%2F%2Fr2ZRbG%2FrPc0RlDvwESXhoQoy2YkE9f8lfgQ84Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cache-control: no-store
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 89e8fb6dfa0c2baa-FRA

POST
H2 200 graphql Show response
security.upflow.io/ 21 KB
5 KB 1274ms
1274ms Fetch
application/json 2606:4700:20::681a:bb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://security.upflow.io/graphql?operation=fetchCustomizableControlsDataForExternalTrustCenter

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.7a7ded18.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51346d0e72dbd9f4809d39bd234b370f2381b392f47d360e867d07e4c3b2405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
accept: */*
Referer: https://security.upflow.io/
apollographql-client-version: 9387c4
graphql-schema-version: 9387c4
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-dns-prefetch-control: off
uuid: ce9d7650-3af1-11ef-851d-5334fe558564
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
server: cloudflare
etag: W/"52e7-Yc7iewk0Hrj+goW5nulIWEvOpJA"
expect-ct: max-age=0
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://security.upflow.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LVauZwgtAnvEpemKkLmHY5fJpEVFpz5WmtFxvNRJ4snmlFHlu81DugBInSKg%2BomhyvDR9grzcIEDCYVv%2F4nHGksCyzU3%2FmLtTsIIOrasE07JcFjMFeoMVUv%2BcaB4xzEKHV7iMiCUv5ohow4KyeXvHg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cache-control: no-store
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 89e8fb6dfa102baa-FRA

POST
H2 200 graphql Show response
security.upflow.io/ 107 B
455 B 219ms
218ms Fetch
application/json 2606:4700:20::681a:bb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://security.upflow.io/graphql?operation=recordTrustCenterVisit

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.7a7ded18.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3859596ce2f7015d24c0775ddc01140eb6fd83a36f6e7b16ea26ee7b78144991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
accept: */*
Referer: https://security.upflow.io/
apollographql-client-version: 9387c4
graphql-schema-version: 9387c4
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
uuid: ce761830-3af1-11ef-95c3-cb4b67190bd7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
server: cloudflare
etag: W/"6b-tJCMb+yjHcVOi/+AlzKgUx7w2n0"
expect-ct: max-age=0
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://security.upflow.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Op4gO6Pvj3HmufPmrNrlZJAQ0f5CWf20SvGxpKQsB%2Bhtf4qAqRuaM2KnhJVeIQ118nCDQ5NJbGojPvw56n1dyQjKH07keQEv%2FaUkjoaTJ7sXO4mD3TQ3woQ%2FQLRKnUapVZjwNUor2L4ATWkIae8J0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cache-control: no-store
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 89e8fb6dfa142baa-FRA

POST
H2 200 graphql Show response
security.upflow.io/ 113 B
538 B 473ms
473ms Fetch
application/json 2606:4700:20::681a:bb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://security.upflow.io/graphql?operation=recordTrustCenterPageView

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.7a7ded18.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541a4e56b111003d0772cdcb52ac0c3b979aa567c3737dd7c8b93d9648706f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
apollographql-client-name: web-client
x-csrf-token: this_csrf_header_is_constant
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json
accept: */*
Referer: https://security.upflow.io/
apollographql-client-version: 9387c4
graphql-schema-version: 9387c4
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
uuid: ce9f7220-3af1-11ef-a954-5da5c0d0897e
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
server: cloudflare
etag: W/"71-JO8Vd1gesA23+DL+ysFVl1uOrww"
expect-ct: max-age=0
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://security.upflow.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CQ3JRUBSoH4k7B8Sng3uqCmKrRkh0%2B3D6AxpRk6x0kgDFi%2BH2hiohIIcprv4GNaGIF7GvD5GkpdxR%2FbKkacQbw2eC%2Bg%2BrO4k8RDSGRbKlh6qSPCiKgRul27hkLB4%2BDZUrJd9IWI2zYcgsu0LQcPRvw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cache-control: no-store
access-control-allow-credentials: true
x-robots-tag: noindex
cf-ray: 89e8fb6dfa182baa-FRA

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Domine:wght@400;600&family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://security.upflow.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 01:18:40 GMT
x-content-type-options: nosniff
age: 57250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Jul 2025 01:18:40 GMT

GET
H2 200 fa-regular-400.402a2c8b.woff2
static.vanta.com/static/ 411 KB
413 KB 131ms
76ms Font
font/woff2 2606:4700::6812:beb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/fa-regular-400.402a2c8b.woff2

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.f38440db.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:beb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

288604e041d1497968d0f448ae8ad6019d3ee15ab8201fb4c585479490f39692

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.vanta.com/static/index.f38440db.css
Origin: https://security.upflow.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:50 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-length: 421248
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "192113225ec232ccf0d7e6311be6a7c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wt9BV0wcB5XPTF0Zo8%2BwIUAWeuJ%2FEXtCDmmi2%2FSKbYomfKYWSf2yOfiI3NO7zdK0qF5WJr8kypRhkiIL8xE1MEzNCh8gA5LtDxL%2FRL%2F87z2A6sYNxlNPT8FbPcdgs2qanbeZ6tKC9GtAqzBbse1r"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 89e8fb73eb963808-FRA

GET
H2 200 fa-solid-900.a6efde67.woff2
static.vanta.com/static/ 342 KB
343 KB 152ms
97ms Font
font/woff2 2606:4700::6812:beb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.vanta.com/static/fa-solid-900.a6efde67.woff2

Requested by

Host: static.vanta.com
URL: https://static.vanta.com/static/index.35ccda93.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:beb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c1249ac344ac2ba5266d08460e9a083aecca1b96b592eafc4a7b4c754e2e928

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.vanta.com/static/index.35ccda93.css
Origin: https://security.upflow.io
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:50 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-length: 350540
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "857a838d44ac6405de29aa829f40ad57"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lZCPUSClmfWU%2BNd1ANnid0T%2F2QTIISBEsT2fImyOxFIoijMYUlz41mVF%2B0UzDEZDUPf7cuXCSF1%2B8VwIdHtHQ3Gwyh7qk73g9JpCPw65SNYYT0XbbHnvnb%2BPimx7MDoX36F2r6xGFkT3%2Fmja2se9"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 89e8fb73eb973808-FRA

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a75977b1f0d47d0017aee8a2730a694aff027ef5df56c70c89f3cd73c433196c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 doc
security.upflow.io/ 65 KB
65 KB 690ms
690ms Image
image/png 2606:4700:20::681a:bb6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://security.upflow.io/doc?s=qftk4textkd5h2r545cu60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bb6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85e9c7be88b34fa5e7cbe80fbcc08d4c1a22283c0830c8dc7fa23be23d33eb34

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'
x-dns-prefetch-control: off
content-disposition: filename=dark_duo-tone-large.png
uuid: cf285130-3af1-11ef-8d6d-1b57b3a5cd6c
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://security.upflow.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wU%2BDhN7Ysex1ZySN51CSghE5HLuG5G9E06ODEU%2BPCSQfNWMTbcj7LWeNkMzjYPes6%2BrF3sz3swEJ%2BTNeNjYrCUMtj9Eqg2Tv67kMfUag1NXMGPDOtDlI2Cp26AmjsXv1BeObQc%2BRd8Xnq89RBy0vZg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
x-robots-tag: noindex
cf-ray: 89e8fb7388b22baa-FRA

GET
H2 200 soc2_badge.ac7ad1ad.webp
static.vanta.com/static/ 30 KB
30 KB 57ms
57ms Image
image/webp 2606:4700::6812:beb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.vanta.com/static/soc2_badge.ac7ad1ad.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:beb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c57f5d01b86a361f27961e3e7acc276e19ab8f7a82ac585ab1083b6931b62252

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://security.upflow.io/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 17:12:50 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-security-policy: default-src 'self' vanta.com *.vanta.com;font-src 'self' data: fast.fonts.net vanta.com *.vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com *.vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com *.vanta.com 'self' *.oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: *;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
content-length: 30744
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "382e5e182d33c8b1f2e0d99eba84783a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dnWDD%2ByPblC7o%2FEuPUUcZbEOI%2F3RSFXGfK0cEVP%2BYhoUvV08mxPeKPrpDZYPTBFgzNEDXGjVh5BB8PVIQ8tbXwvbHhQdMaFuGCbEFnPaWbBMJwzWVKnlZqHC7QdSMRoPFE1ee8QIT0zkQSdxAH5I"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 89e8fb738a3e90d6-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csp-report.browser-intake-datadoghq.com
URL: https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined

Domain: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://security.upflow.io/ Message: Refused to load the script 'https://static.cloudflareinsights.com/beacon.min.js' because it violates the following Content Security Policy directive: "script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:". Note that 'strict-dynamic' is present, so host-based allowlisting is disabled. Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' vanta.com .vanta.com;font-src 'self' data: fast.fonts.net vanta.com .vanta.com fast.ssqt.io fonts.gstatic.com use.typekit.net https://d1rgrqddsml65q.cloudfront.net;media-src 'self' vanta.com .vanta.com static.zdassets.com d1s1h6icvugosb.cloudfront.net dzas9mj7ubt6.cloudfront.net data:;frame-ancestors 'self';frame-src cdn.merge.dev embedly-cdn.trychameleon.com fast.trychameleon.com vanta.chilipiper.com vanta.com .vanta.com 'self' .oneschema.co blob: https://duploservices-prod01-exports2-415703579972.s3.amazonaws.com www.youtube-nocookie.com www.youtube.com player.vimeo.com www.loom.com https://js.stripe.com https://decagon.ai https://apply.vouch.us https://uat-apply.vouch-stg.us;img-src 'self' blob: data: ;script-src 'report-sample' 'sha256-Ine/Ce2Xi6o1qJ9GSF4klg+kN287L+y5/fIgql4A7EI=' 'sha256-Z0bKlgxCeq39CcBglG4oWnWRv1qDPQ+x6bKBhsEn0Xc=' 'strict-dynamic' 'unsafe-inline' 'unsafe-eval' https:;style-src 'self' https: 'unsafe-inline' https://fonts.googleapis.com https://fonts.google.com cdn.jsdelivr.net fast.fonts.net;object-src 'none';connect-src * data:;child-src blob: 'self' vanta.com *.vanta.com;report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub043e3a57772658a58a4bb910ce747aa1&dd-evp-origin=content-security-policy&ddsource=csp-report&ddtags=env:prod%2cservice:web%2cversion:undefined;base-uri 'self';block-all-mixed-content;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csp-report.browser-intake-datadoghq.com
fonts.googleapis.com
fonts.gstatic.com
security.upflow.io
static.cloudflareinsights.com
static.vanta.com
csp-report.browser-intake-datadoghq.com
static.cloudflareinsights.com
2606:4700:20::681a:bb6
2606:4700::6812:beb
2a00:1450:4001:80f::2003
2a00:1450:4001:82f::200a
14e46f02e7c167ec302650b45c90072c1a46915c3ff1572171ec6480dae8616e
210276eebb083399ebc3333e6cddff185da4bd1612034dc0da9a122bce8c8217
23d07848525e62a39ef2d9427e784b0e2fe8b5ff9f1292c70c773415ad32330f
25fc8b1b02b233b974ce0230085f773fe54368dead0425b51c22f38283595831
288604e041d1497968d0f448ae8ad6019d3ee15ab8201fb4c585479490f39692
3859596ce2f7015d24c0775ddc01140eb6fd83a36f6e7b16ea26ee7b78144991
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3d7f6962cff0750b9dae0de3d919b44744cd46f032930ffd12d0ac4889d6b104
44961326aae6dd9ff4fd8b19e48aa770a0f66796fc3d4cffa6e8639dd719f6f8
541a4e56b111003d0772cdcb52ac0c3b979aa567c3737dd7c8b93d9648706f04
70b383eb6b2eae974d557f381c6adb35411c6e25a21f2a3e78b3d6c337e93a02
8171b0d6b537ffde0c0d01f042e80b16138c2b19838cf983412977940b6e6167
85e9c7be88b34fa5e7cbe80fbcc08d4c1a22283c0830c8dc7fa23be23d33eb34
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
914edfe546b36c3bd3735352594d4fbb767870f5f0a6afa458e84874f75b1b15
95cef84d20aa1cdb89782fb701563559da9fda11c671dc7ba95af83272f9f908
985b6eb75df5bc1ff881a298e757545b990cea861fa8322ed83cf5de48890e9f
9c1249ac344ac2ba5266d08460e9a083aecca1b96b592eafc4a7b4c754e2e928
a30a1fd9a0a63b31c289e931a2c67a59b1b04de5a9b271733db7e1e8a341a0be
a51346d0e72dbd9f4809d39bd234b370f2381b392f47d360e867d07e4c3b2405
a75977b1f0d47d0017aee8a2730a694aff027ef5df56c70c89f3cd73c433196c
c57f5d01b86a361f27961e3e7acc276e19ab8f7a82ac585ab1083b6931b62252
d1632feb4f44c3db227e170823e0e0820a4a8bc1fcc4294b0d6cde1bbcf276a6
e2a7ebcdcb7bb18151c6f4348fea4c089d57b79a24ef9f0353a49d49d4803e9a
e2f5e0b9e325758a96240d38bcd1eee56916eada73cb6aa63b6d4f21ad93dc55

security.upflow.io Open in urlscan Pro 2606:4700:20::681a:bb6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

27 Requests

93 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

4412 kBTransfer

13307 kBSize

0 Cookies

2 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

security.upflow.io Open in urlscan Pro
2606:4700:20::681a:bb6 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

93 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

4412 kB
Transfer

13307 kB
Size

0
Cookies

27 HTTP transactions
1 data transactions