urlscan.io logo urlscan.io
SecurityTrails logo

app.yield.app Open in urlscan Pro
2606:4700:10::ac43:24c4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.yield.app/
Effective URL: https://app.yield.app/
Submission: On December 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 21 HTTP transactions. The main IP is 2606:4700:10::ac43:24c4, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.yield.app.
TLS certificate: Issued by GTS CA 1P5 on November 19th 2023. Valid for: 3 months.
This is the only time app.yield.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
21 7
15    2606:4700:10::ac43:24c4 (United States)

ASN13335 (CLOUDFLARENET, US)
app.yield.app
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.seondf.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
15 yield.app
app.yield.app
1 MB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5770
11 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
253 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2693
253 B
1 seondf.com
cdn.seondf.com — Cisco Umbrella Rank: 147321
158 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
94 KB
0 google.de Failed
www.google.de Failed
21 7
Domain Requested by
15 app.yield.app app.yield.app
2 challenges.cloudflare.com 1 redirects
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 cdn.seondf.com app.yield.app
1 www.googletagmanager.com app.yield.app
0 www.google.de Failed
21 7

This site contains links to these domains. Also see Links.

Domain
yield.app
haven1.org
support.yield.app
Subject Issuer Validity Valid
yield.app
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
seondf.com
GTS CA 1P5		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.yield.app/
Frame ID: CB911DB0BC33A473778D58BA1044D6A4
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Yield App

Page URL History Show full URLs

  1. http://app.yield.app/ HTTP 307
    https://app.yield.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

90 %
HTTPS

100 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

1797 kB
Transfer

6042 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.yield.app/ HTTP 307
    https://app.yield.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.yield.app/
Redirect Chain
  • http://app.yield.app/
  • https://app.yield.app/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57f27298c6d8e932cffc7c4ff3eff4e92f6df2e55e1bb75b5d579c8dfbf0c9bf
Security Headers
Name Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
83446432ca9b2c57-FRA
content-encoding
gzip
content-security-policy
default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
content-type
text/html
date
Tue, 12 Dec 2023 07:53:03 GMT
last-modified
Mon, 11 Dec 2023 08:40:07 GMT
referrer-policy
strict-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block;

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://app.yield.app/
Non-Authoritative-Reason
HSTS
vendor-05afd8e5.js
app.yield.app/assets/ 		2 MB
717 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/assets/vendor-05afd8e5.js
Requested by
Host: app.yield.app
URL: https://app.yield.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47dd731ebca7200b8c73693ad99627c2e4491a68f7e05b6cbceaad0233d90c9e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://app.yield.app/
Origin
https://app.yield.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin
x-content-type-options
nosniff
last-modified
Mon, 11 Dec 2023 08:40:07 GMT
server
cloudflare
content-security-policy
default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
age
6559
etag
W/"6576cae7-265634"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
gzip
cf-cache-status
HIT
cf-ray
834464333b462c57-FRA
x-xss-protection
1; mode=block;
vendor-60567cf2.css
app.yield.app/assets/ 		240 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/assets/vendor-60567cf2.css
Requested by
Host: app.yield.app
URL: https://app.yield.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60567cf2051adab9e8b4d97fe0ba52398d1aa694fd3e09ea21c9890a50e2ed20
Security Headers
Name Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.yield.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin
x-content-type-options
nosniff
last-modified
Mon, 11 Dec 2023 08:40:07 GMT
server
cloudflare
content-security-policy
default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
age
6559
etag
W/"6576cae7-3be91"
vary
Accept-Encoding
content-type
text/css
content-encoding
gzip
cf-cache-status
HIT
cf-ray
834464333b422c57-FRA
x-xss-protection
1; mode=block;
index-04e121b9.css
app.yield.app/assets/ 		984 KB
126 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/assets/index-04e121b9.css
Requested by
Host: app.yield.app
URL: https://app.yield.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e121b9317ebf94d6ab6f2cb28453dabaea9872525e90d75c8eabb0c8a26d77
Security Headers
Name Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.yield.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin
x-content-type-options
nosniff
last-modified
Mon, 11 Dec 2023 08:40:07 GMT
server
cloudflare
content-security-policy
default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
age
6559
etag
W/"6576cae7-f5ea7"
vary
Accept-Encoding
content-type
text/css
content-encoding
gzip
cf-cache-status
HIT
cf-ray
834464333b442c57-FRA
x-xss-protection
1; mode=block;
rocket-loader.min.js
app.yield.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: app.yield.app
URL: https://app.yield.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.yield.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 01 Dec 2023 15:04:24 GMT
server
cloudflare
etag
W/"6569f5f8-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
834464333b472c57-FRA
expires
Thu, 14 Dec 2023 07:53:03 GMT
index-356b80c8.js
app.yield.app/assets/ 		999 KB
268 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/assets/index-356b80c8.js
Requested by
Host: app.yield.app
URL: https://app.yield.app/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
809996f6266e2a189e02cb95e918e4b02f409e76c56d5c7be2f72108a32df8c1
Security Headers
Name Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://app.yield.app/
Origin
https://app.yield.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin
x-content-type-options
nosniff
last-modified
Mon, 11 Dec 2023 08:40:07 GMT
server
cloudflare
content-security-policy
default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
age
6558
etag
W/"6576cae7-f9bc8"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
gzip
cf-cache-status
HIT
cf-ray
83446433fc262c57-FRA
x-xss-protection
1; mode=block;
js
www.googletagmanager.com/gtag/ 		289 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S833X8146J
Requested by
Host: app.yield.app
URL: https://app.yield.app/assets/vendor-05afd8e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed3f5c7d67d86acfdb3b35247c8fe166b657c24d4c9232185e8ea07ab9c59b16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.yield.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95995
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 12 Dec 2023 07:53:03 GMT
meta.json
app.yield.app/ 		19 B
78 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/meta.json
Requested by
Host: app.yield.app
URL: https://app.yield.app/assets/index-356b80c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddf3a65b703bd3f80013ec77249858cc3c3d909e8d73c81953b0b23994b1b671
Security Headers
Name Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.yield.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin
x-content-type-options
nosniff
last-modified
Mon, 11 Dec 2023 08:40:01 GMT
server
cloudflare
content-security-policy
default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
etag
"6576cae1-13"
content-type
application/json
cf-cache-status
DYNAMIC
accept-ranges
bytes
cf-ray
834464355d882c57-FRA
content-length
19
x-xss-protection
1; mode=block;
meta.json
app.yield.app/ 		19 B
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/meta.json
Requested by
Host: app.yield.app
URL: https://app.yield.app/assets/index-356b80c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddf3a65b703bd3f80013ec77249858cc3c3d909e8d73c81953b0b23994b1b671
Security Headers
Name Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.yield.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin
x-content-type-options
nosniff
last-modified
Mon, 11 Dec 2023 08:40:01 GMT
server
cloudflare
content-security-policy
default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
etag
"6576cae1-13"
content-type
application/json
cf-cache-status
DYNAMIC
accept-ranges
bytes
cf-ray
834464355d8a2c57-FRA
content-length
19
x-xss-protection
1; mode=block;
userInfo
app.yield.app/v1/users/ 		126 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/v1/users/userInfo
Requested by
Host: app.yield.app
URL: https://app.yield.app/assets/vendor-05afd8e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5bbdbd96ebf46e654f6259bac48807d3e47d977f0049b2f4920ea4941e847f3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.yield.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
etag
W/"7e-WEdEQztQiaLDWB+snuZ04b2/Khc"
vary
Origin
content-type
application/json; charset=utf-8
cache-control
no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
834464355d8c2c57-FRA
content-length
126
token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoic2Vzc2lvbiIsImNvb2tpZSI6IjA5YTA3NDhmMWI5YTMyODJhMWNhNzIyNmZlM2JiM2NlIiwiaHR0cE9ubHkiOnRydWUsIm1heEFnZSI6MTcyODAwMDAwLCJpYXQiOjE3MDIzNjc1ODMsImV4cCI6MTg3NTE2NzU4M30.Z9N7c9u78FGhP-xmSFiZEM1KaKMtrEYRNdNKXvdG74k
applicationSettings
app.yield.app/v1/system/ 		2 KB
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/v1/system/applicationSettings
Requested by
Host: app.yield.app
URL: https://app.yield.app/assets/vendor-05afd8e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5afb613c3cf1849c76a8bc4f6579115df34f259c580483e3e0a4d9162136f924
Security Headers
Name Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.yield.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
content-security-policy
default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
content-encoding
gzip
x-powered-by
Express
etag
W/"78f-eDIR2zPVL+/Yu2kPstSpnI2yTEM"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
cf-ray
834464358dab2c57-FRA
x-xss-protection
1; mode=block;
getCachedPrices
app.yield.app/v1/system/ 		3 KB
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/v1/system/getCachedPrices
Requested by
Host: app.yield.app
URL: https://app.yield.app/assets/vendor-05afd8e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0a2552550101d1aa3dba0f085ba896cc4642be9bff17b5140709b0a1d4b0941c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.yield.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
content-security-policy
default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
content-encoding
gzip
x-powered-by
Express
etag
W/"a95-PRLPGceUIcCFxEaZnvRfTk7yfrc"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
cf-ray
834464358dac2c57-FRA
x-xss-protection
1; mode=block;
en-28c6d247.js
app.yield.app/assets/ 		165 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/assets/en-28c6d247.js
Requested by
Host: app.yield.app
URL: https://app.yield.app/assets/index-356b80c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11cb6f78137c92ca19761a76e4b8560c8e04ebbabd2150b7bcf6de57a3789661
Security Headers
Name Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://app.yield.app/
Origin
https://app.yield.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin
x-content-type-options
nosniff
last-modified
Mon, 11 Dec 2023 08:40:07 GMT
server
cloudflare
content-security-policy
default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
age
6556
etag
W/"6576cae7-293a2"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
gzip
cf-cache-status
HIT
cf-ray
834464358dae2c57-FRA
x-xss-protection
1; mode=block;
agent.js
cdn.seondf.com/js/v5/ 		523 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.seondf.com/js/v5/agent.js
Requested by
Host: app.yield.app
URL: https://app.yield.app/assets/index-356b80c8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41a51116d42ac12de97ad20bf747405d397c4a86a977b0da3406b4a3f270f4dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.yield.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
x-amz-version-id
TZkBaDQvbB0IHp8g.DOhH5kVBmdqFzC0
via
1.1 9e5eaf10e1b26eb584408c32359e19b8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MRS52-C1
age
1339
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 22 Nov 2023 15:07:10 GMT
server
cloudflare
etag
W/"1ff42cb10464e542534564208ea9b1f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0X%2FHO8Mu5YGpMiEAnR7BTtfQAY16n2eDLlLXCPjPp0Jli7jrf5t%2BN1MT3qLQjD0ClJ%2BreO26ChnoYW7rND9XJqI0a5u7z7f0%2BWk751HzA7kaDz8EAvk%2BCUmPsHyhkwaZWTOjDjgdyWXMc0Srow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
834464363bc90e65-MXP
x-amz-cf-id
EWuF856FhKN-Yv7y9lilvcBB9AQ4o1uIr7UBVlsctKv1KNvCcKMqaA==
SuisseIntl-Normal-d4acd1a9.otf
app.yield.app/assets/ 		127 KB
127 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/assets/SuisseIntl-Normal-d4acd1a9.otf
Requested by
Host: app.yield.app
URL: https://app.yield.app/assets/index-04e121b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4acd1a90984282531994fee8542e25cc1de087d47fd583726a0b256fc43eea7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://app.yield.app/
Origin
https://app.yield.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
cf-cache-status
HIT
age
6556
content-length
130136
x-xss-protection
1; mode=block;
referrer-policy
strict-origin
last-modified
Mon, 11 Dec 2023 08:40:06 GMT
server
cloudflare
etag
"6576cae6-1fc58"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
834464360e2e2c57-FRA
SuisseIntl-Bold-d3f03033.otf
app.yield.app/assets/ 		134 KB
136 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/assets/SuisseIntl-Bold-d3f03033.otf
Requested by
Host: app.yield.app
URL: https://app.yield.app/assets/index-04e121b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f03033718c9f5955906525e85a503bfbd78c04352b294533594104d23bec9b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://app.yield.app/
Origin
https://app.yield.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
cf-cache-status
HIT
age
6556
content-length
137524
x-xss-protection
1; mode=block;
referrer-policy
strict-origin
last-modified
Mon, 11 Dec 2023 08:40:06 GMT
server
cloudflare
etag
"6576cae6-21934"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
834464360e2f2c57-FRA
collect
region1.analytics.google.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-S833X8146J&gtm=45je3bt0v9103502782&_p=1702367583572&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1145470513.1702367584&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fapp.yield.app%2F&dr=https%3A%2F%2Fapp.yield.app%2F&sid=1702367583&sct=1&seg=0&dt=Yield%20App&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&ep.form_destination=https%3A%2F%2Fapp.yield.app%2F&tfd=623
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S833X8146J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.yield.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 07:53:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.yield.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S833X8146J&cid=1145470513.1702367584&gtm=45je3bt0v9103502782&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S833X8146J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.yield.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Dec 2023 07:53:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.yield.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/b/56d3063b/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js
33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js
Protocol
H2
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acbe221d9bb71e85d0a3b52a7a9d44ee4669ab664186b32d0c737a2be62681e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.yield.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
834464369efb362d-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 12 Dec 2023 07:53:03 GMT
server
cloudflare
vary
accept-encoding
location
/turnstile/v0/b/56d3063b/api.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
834464366ec9362d-FRA
alt-svc
h3=":443"; ma=86400
SourceSansPro-Bold-9853e7ee.woff2
app.yield.app/assets/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.yield.app/assets/SourceSansPro-Bold-9853e7ee.woff2
Requested by
Host: app.yield.app
URL: https://app.yield.app/assets/index-04e121b9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9853e7ee2f1807d61ea20cd49da857438509e4097c8e46cc417a79cd7ccb1885
Security Headers
Name Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://app.yield.app/
Origin
https://app.yield.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 07:53:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
cf-cache-status
HIT
age
6555
content-length
78284
x-xss-protection
1; mode=block;
referrer-policy
strict-origin
last-modified
Mon, 11 Dec 2023 08:40:06 GMT
server
cloudflare
etag
"6576cae6-131cc"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
834464366e822c57-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S833X8146J&cid=1145470513.1702367584&gtm=45je3bt0v9103502782&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=834009772

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __cfQR boolean| __cfRLUnblockHandlers object| __SENTRY__ object| regeneratorRuntime object| __REACT_INTL_CONTEXT__ object| FontAwesomeConfig object| ___FONT_AWESOME___ string| appVersion object| dataLayer function| gtag object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| turnstile function| a0_0x57fb function| a0_0x1ac9 object| webpackChunkseon_javascript_sdk function| Minhash function| LshIndex object| seon

5 Cookies

Domain/Path Name / Value
.app.yield.app/ Name: lang
Value: en-US
.app.yield.app/ Name: colorScheme
Value: light
.yield.app/ Name: _ga
Value: GA1.1.1145470513.1702367584
.yield.app/ Name: _ga_S833X8146J
Value: GS1.1.1702367583.1.0.1702367583.60.0.0
app.yield.app/ Name: session
Value: 09a0748f1b9a3282a1ca7226fe3bb3ce

2 Console Messages

Source Level URL
Text
security error URL: https://app.yield.app/login
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S833X8146J&cid=1145470513.1702367584&gtm=45je3bt0v9103502782&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=834009772' because it violates the following Content Security Policy directive: "img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com".
network error URL: https://app.yield.app/v1/users/userInfo
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; child-src *.utorg.pro calendly.com global.transak.com *.sumsub.com *.onramper.com onramper.tech *.itez.com *.transak.com *.moonpay.com *.mercuryo.io *.coinify.com *.sendwyre.com; connect-src 'self' https://*.g.doubleclick.net https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com *.sentry.io *.sumsub.com onramper.tech https://assets.calendly.com wss://app.yield.app https://*.seondfresolver.com https://*.seondnsresolve.com https://*.deviceinfresolver.com https://*.getdeviceinfresolver.com; font-src 'self' *.googleapis.com *.gstatic.com https://cdn.widget.xanpool.com; img-src 'self' data: https://*.google-analytics.com https://*.googletagmanager.com https://assets.calendly.com; object-src 'none'; style-src 'self' https://hcaptcha.com *.hcaptcha.com *.googleapis.com 'unsafe-inline'; script-src 'self' https://*.googletagmanager.com https://hcaptcha.com *.hcaptcha.com https://challenges.cloudflare.com https://cdn.seondf.com/js/v5/agent.js 'unsafe-inline'; upgrade-insecure-requests; frame-ancestors 'none'; frame-src 'self' https://hcaptcha.com *.hcaptcha.com global.transak.com calendly.com *.sumsub.com https://widget.xanpool.com https://challenges.cloudflare.com *.cloudflare.com https://buy.onramper.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.yield.app
cdn.seondf.com
challenges.cloudflare.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
www.google.de
2001:4860:4802:32::36
2606:4700:10::ac43:24c4
2606:4700::6811:3b8
2a00:1450:4001:80f::2008
2a00:1450:400c:c00::9b
2a06:98c1:3121::3
04e121b9317ebf94d6ab6f2cb28453dabaea9872525e90d75c8eabb0c8a26d77
0a2552550101d1aa3dba0f085ba896cc4642be9bff17b5140709b0a1d4b0941c
11cb6f78137c92ca19761a76e4b8560c8e04ebbabd2150b7bcf6de57a3789661
41a51116d42ac12de97ad20bf747405d397c4a86a977b0da3406b4a3f270f4dd
47dd731ebca7200b8c73693ad99627c2e4491a68f7e05b6cbceaad0233d90c9e
57f27298c6d8e932cffc7c4ff3eff4e92f6df2e55e1bb75b5d579c8dfbf0c9bf
5afb613c3cf1849c76a8bc4f6579115df34f259c580483e3e0a4d9162136f924
5bbdbd96ebf46e654f6259bac48807d3e47d977f0049b2f4920ea4941e847f3c
60567cf2051adab9e8b4d97fe0ba52398d1aa694fd3e09ea21c9890a50e2ed20
809996f6266e2a189e02cb95e918e4b02f409e76c56d5c7be2f72108a32df8c1
9853e7ee2f1807d61ea20cd49da857438509e4097c8e46cc417a79cd7ccb1885
acbe221d9bb71e85d0a3b52a7a9d44ee4669ab664186b32d0c737a2be62681e7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d3f03033718c9f5955906525e85a503bfbd78c04352b294533594104d23bec9b
d4acd1a90984282531994fee8542e25cc1de087d47fd583726a0b256fc43eea7
ddf3a65b703bd3f80013ec77249858cc3c3d909e8d73c81953b0b23994b1b671
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed3f5c7d67d86acfdb3b35247c8fe166b657c24d4c9232185e8ea07ab9c59b16