Submitted URL: http://app.satismeter.com/
Effective URL: https://app.satismeter.com/
Submission: On July 30 via api from US — Scanned from DE

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 44 HTTP transactions. The main IP is 2606:4700::6812:313, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.satismeter.com. The Cisco Umbrella rank of the primary domain is 77753.
TLS certificate: Issued by GTS CA 1P5 on June 6th 2024. Valid for: 3 months.
This is the only time app.satismeter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 2606:4700::68... 13335 (CLOUDFLAR...)
3 34.120.195.249 396982 (GOOGLE-CL...)
2 216.58.206.36 15169 (GOOGLE)
9 99.86.8.175 16509 (AMAZON-02)
3 104.18.72.113 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.18.70.113 13335 (CLOUDFLAR...)
1 104.16.53.111 13335 (CLOUDFLAR...)
2 54.69.251.6 16509 (AMAZON-02)
1 13.224.189.18 16509 (AMAZON-02)
2 18.245.46.19 16509 (AMAZON-02)
1 3.226.143.229 14618 (AMAZON-AES)
44 12
Apex Domain
Subdomains
Transfer
18 satismeter.com
app.satismeter.com — Cisco Umbrella Rank: 77753
2 MB
9 segment.com
cdn.segment.com — Cisco Umbrella Rank: 3005
71 KB
4 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3854
ekr.zdassets.com — Cisco Umbrella Rank: 4356
290 KB
3 sentry.io
o503008.ingest.sentry.io
484 B
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 7846
283 KB
2 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 5025
api-iam.intercom.io — Cisco Umbrella Rank: 5121
5 KB
2 segment.io
api.segment.io — Cisco Umbrella Rank: 1485
349 B
2 google.com
www.google.com — Cisco Umbrella Rank: 10
1017 B
1 zendesk.com
satismeter.zendesk.com
1 KB
1 gstatic.com
www.gstatic.com
213 KB
44 10
Domain Requested by
18 app.satismeter.com app.satismeter.com
cdn.segment.com
9 cdn.segment.com app.satismeter.com
cdn.segment.com
3 static.zdassets.com app.satismeter.com
static.zdassets.com
3 o503008.ingest.sentry.io app.satismeter.com
2 js.intercomcdn.com widget.intercom.io
2 api.segment.io app.satismeter.com
2 www.google.com app.satismeter.com
www.gstatic.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io cdn.segment.com
1 satismeter.zendesk.com static.zdassets.com
1 ekr.zdassets.com app.satismeter.com
1 www.gstatic.com www.google.com
44 12

This site contains no links.

Subject Issuer Validity Valid
satismeter.com
GTS CA 1P5
2024-06-06 -
2024-09-04
3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-02 -
2024-12-02
a year crt.sh
*.google.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
*.segment.com
Amazon RSA 2048 M03
2023-11-14 -
2024-12-13
a year crt.sh
zdassets.com
E6
2024-06-29 -
2024-09-27
3 months crt.sh
*.gstatic.com
WR2
2024-07-01 -
2024-09-23
3 months crt.sh
satismeter.zendesk.com
E5
2024-06-11 -
2024-09-09
3 months crt.sh
*.segment.io
Amazon RSA 2048 M03
2023-12-13 -
2025-01-11
a year crt.sh
*.intercom.com
Amazon RSA 2048 M03
2024-01-15 -
2025-02-11
a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02
2023-12-01 -
2024-12-29
a year crt.sh

This page contains 4 frames:

Primary Page: https://app.satismeter.com/
Frame ID: 38CA3D716AAC7C7845A3CA69F891307B
Requests: 37 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Leeht8bAAAAAJe7ig9uMOC14XOn6R-Fd1bDcHus&co=aHR0cHM6Ly9hcHAuc2F0aXNtZXRlci5jb206NDQz&hl=de&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&cb=9yasqc8u23lt
Frame ID: D34D79DA5FA2F10223FC6616F18F5B65
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-8a72170.js
Frame ID: E888E78DF6E7AE0FAD1459D2729E8BB6
Requests: 3 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.7cdc8a54.js
Frame ID: F42955D4CA4A6800C9945572BC1D8ECA
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Sign in · SatisMeter

Page URL History Show full URLs

  1. http://app.satismeter.com/ HTTP 307
    https://app.satismeter.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

44
Requests

100 %
HTTPS

17 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

2455 kB
Transfer

6372 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.satismeter.com/ HTTP 307
    https://app.satismeter.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
app.satismeter.com/
Redirect Chain
  • http://app.satismeter.com/
  • https://app.satismeter.com/
2 KB
2 KB
Document
General
Full URL
https://app.satismeter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b3cd73f3ef159031e659861b88450b8696f7a30395793180eda9cc41da622e36
Security Headers
Name Value
Content-Security-Policy script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8ab52ed4686418f7-FRA
content-encoding
br
content-security-policy
script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 30 Jul 2024 11:59:30 GMT
last-modified
Thu, 25 Jul 2024 10:31:48 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
kong/3.6.0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-kong-proxy-latency
0
x-kong-request-id
f8538c58e3ee150bc2f7061b74743b63
x-kong-upstream-latency
2
x-powered-by
Express
x-request-id
37df842f-3a2c-4ed6-8153-7fbb1da527f5

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://app.satismeter.com/
Non-Authoritative-Reason
HSTS
Inter-UI-Regular.woff2
app.satismeter.com/fonts/
86 KB
87 KB
Font
General
Full URL
https://app.satismeter.com/fonts/Inter-UI-Regular.woff2
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c9ef01b185364553197a5cc05bb23277c95fa78d9f151f3e255676865525f391
Security Headers
Name Value
Content-Security-Policy script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.satismeter.com/
Origin
https://app.satismeter.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
via
kong/3.6.0
cf-cache-status
MISS
cross-origin-embedder-policy
unsafe-none
x-powered-by
Express
x-kong-proxy-latency
0
x-kong-upstream-latency
3
cross-origin-resource-policy
same-origin
content-length
88428
x-kong-request-id
e85fb0132c5a8928c30b6516e70c8e23
x-request-id
248d84ca-fc31-4562-8bff-9369c361a6a2
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Jul 2024 10:32:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"1596c-190e972faa8"
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT,POST
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Location,Auth-Token
cache-control
public, max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8ab52ed539de18f7-FRA
access-control-allow-headers
Content-Type,Auth-Token,Traceparent,Request-Context
expires
Tue, 30 Jul 2024 15:59:30 GMT
Inter-UI-SemiBold.woff2
app.satismeter.com/fonts/
93 KB
93 KB
Font
General
Full URL
https://app.satismeter.com/fonts/Inter-UI-SemiBold.woff2
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3eed263d5651bde05a9009137b05a0c2cf400cbcc33f186e8301bc948b6e6bf8
Security Headers
Name Value
Content-Security-Policy script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.satismeter.com/
Origin
https://app.satismeter.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
via
kong/3.6.0
cf-cache-status
MISS
cross-origin-embedder-policy
unsafe-none
x-powered-by
Express
x-kong-proxy-latency
1
x-kong-upstream-latency
1
cross-origin-resource-policy
same-origin
content-length
94752
x-kong-request-id
0805f81b3edca861e78b2e31289ec548
x-request-id
b671a983-1426-4cd8-9a02-3148d8592f16
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Jul 2024 10:32:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"17220-190e972faa8"
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT,POST
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Location,Auth-Token
cache-control
public, max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8ab52ed539e218f7-FRA
access-control-allow-headers
Content-Type,Auth-Token,Traceparent,Request-Context
expires
Tue, 30 Jul 2024 15:59:30 GMT
Inter-UI-Medium.woff2
app.satismeter.com/fonts/
93 KB
93 KB
Font
General
Full URL
https://app.satismeter.com/fonts/Inter-UI-Medium.woff2
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6a74b41ee40c7b4fc8dd38ac231f8a66d17d853554f7801d983057137d711b05
Security Headers
Name Value
Content-Security-Policy script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.satismeter.com/
Origin
https://app.satismeter.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
via
kong/3.6.0
cf-cache-status
MISS
cross-origin-embedder-policy
unsafe-none
x-powered-by
Express
x-kong-proxy-latency
0
x-kong-upstream-latency
1
cross-origin-resource-policy
same-origin
content-length
95224
x-kong-request-id
26bd6e5475679274137fd966280d1156
x-request-id
5c78f196-87d3-4ed9-9622-ebdaf2582499
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Jul 2024 10:32:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"173f8-190e972faa8"
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT,POST
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Location,Auth-Token
cache-control
public, max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8ab52ed539e518f7-FRA
access-control-allow-headers
Content-Type,Auth-Token,Traceparent,Request-Context
expires
Tue, 30 Jul 2024 15:59:30 GMT
Inter-UI-Bold.woff2
app.satismeter.com/fonts/
93 KB
94 KB
Font
General
Full URL
https://app.satismeter.com/fonts/Inter-UI-Bold.woff2
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fb74fdd4304bf0c59509e8a1e48620bbb4a070b85fc5b7fe035cf7202a5ce39c
Security Headers
Name Value
Content-Security-Policy script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.satismeter.com/
Origin
https://app.satismeter.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
via
kong/3.6.0
cf-cache-status
MISS
cross-origin-embedder-policy
unsafe-none
x-powered-by
Express
x-kong-proxy-latency
0
x-kong-upstream-latency
3
cross-origin-resource-policy
same-origin
content-length
94840
x-kong-request-id
cc3df5356535d1400135a76fd2f22b20
x-request-id
17c9eb13-b861-4355-934d-90cfdc8a394d
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Jul 2024 10:32:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"17278-190e972faa8"
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT,POST
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
Location,Auth-Token
cache-control
public, max-age=14400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8ab52ed539ea18f7-FRA
access-control-allow-headers
Content-Type,Auth-Token,Traceparent,Request-Context
expires
Tue, 30 Jul 2024 15:59:30 GMT
DMSans-Bold.ttf
app.satismeter.com/fonts/
70 KB
37 KB
Font
General
Full URL
https://app.satismeter.com/fonts/DMSans-Bold.ttf
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
35879eb94bef73bd2fab40f0c3391c26d53844b67e7fd4a7c7ba9ef86fb96968
Security Headers
Name Value
Content-Security-Policy script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.satismeter.com/
Origin
https://app.satismeter.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
content-encoding
gzip
cf-cache-status
MISS
via
kong/3.6.0
cross-origin-embedder-policy
unsafe-none
x-powered-by
Express
x-kong-proxy-latency
0
x-kong-upstream-latency
4
cross-origin-resource-policy
same-origin
x-kong-request-id
85840b42cdeec14c63f7313b5611171b
x-request-id
2928d645-306c-45a1-a6a0-9e7aaad29287
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Jul 2024 10:32:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"11854-190e972faa8"
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT,POST
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
Location,Auth-Token
cache-control
public, max-age=14400
vary
Accept-Encoding
cf-ray
8ab52ed539ef18f7-FRA
access-control-allow-headers
Content-Type,Auth-Token,Traceparent,Request-Context
expires
Tue, 30 Jul 2024 15:59:30 GMT
DMSans-Medium.ttf
app.satismeter.com/fonts/
70 KB
38 KB
Font
General
Full URL
https://app.satismeter.com/fonts/DMSans-Medium.ttf
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2f436049344215f77f1ee8d7eb1118b48a38b0d293c2f51b0d305c86ce046836
Security Headers
Name Value
Content-Security-Policy script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.satismeter.com/
Origin
https://app.satismeter.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
content-encoding
gzip
cf-cache-status
MISS
via
kong/3.6.0
cross-origin-embedder-policy
unsafe-none
x-powered-by
Express
x-kong-proxy-latency
0
x-kong-upstream-latency
2
cross-origin-resource-policy
same-origin
x-kong-request-id
59fe790cfc67396672f7c81c253c6f42
x-request-id
9e878d78-cd48-405b-bdca-d9e41d5f9241
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Jul 2024 10:32:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"117fc-190e972faa8"
x-frame-options
SAMEORIGIN
access-control-allow-methods
PUT,POST
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
Location,Auth-Token
cache-control
public, max-age=14400
vary
Accept-Encoding
cf-ray
8ab52ed539f418f7-FRA
access-control-allow-headers
Content-Type,Auth-Token,Traceparent,Request-Context
expires
Tue, 30 Jul 2024 15:59:30 GMT
index-f7c8876f.js
app.satismeter.com/assets/
2 MB
696 KB
Script
General
Full URL
https://app.satismeter.com/assets/index-f7c8876f.js
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
855c6debcc2ae6b908ae6c0f19c93bfcf9dcf876fbb0dadbc4ce03de65074b9c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://app.satismeter.com/
Origin
https://app.satismeter.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
via
kong/3.6.0
age
24212
x-powered-by
Express
x-kong-proxy-latency
0
x-kong-upstream-latency
4
cross-origin-resource-policy
same-origin
x-kong-request-id
b7adf647e264401160828f25db530a20
x-request-id
aa865245-b880-41da-90dc-e21c48d8ba1a
last-modified
Thu, 25 Jul 2024 10:31:48 GMT
server
cloudflare
etag
W/"25dd0a-190e9726a20"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
cf-ray
8ab52ed539f618f7-FRA
expires
Wed, 31 Jul 2024 11:59:30 GMT
index-55a20f82.css
app.satismeter.com/assets/
264 KB
44 KB
Stylesheet
General
Full URL
https://app.satismeter.com/assets/index-55a20f82.css
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
55a20f8266690aee3608b28d34983db2246aeb4a81eab559a458596d3e1e9609
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
via
kong/3.6.0
age
81142
x-powered-by
Express
x-kong-proxy-latency
0
x-kong-upstream-latency
4
cross-origin-resource-policy
same-origin
x-kong-request-id
664e3f43f6ff0e018a7a584d9c6b3257
x-request-id
48d30e88-8171-4ea6-8f2f-401f5abd6c64
last-modified
Thu, 25 Jul 2024 10:31:48 GMT
server
cloudflare
etag
W/"42036-190e9726a20"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
cf-ray
8ab52ed539f118f7-FRA
expires
Wed, 31 Jul 2024 11:59:30 GMT
/
o503008.ingest.sentry.io/api/4503941828968448/security/
0
275 B
Other
General
Full URL
https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
graphql
app.satismeter.com/
761 B
812 B
Fetch
General
Full URL
https://app.satismeter.com/graphql
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
81004270c6003b4d6e5294011d471f0e49ec3aa427ab20e2e2f75e2a5be324fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept
*/*
apollographql-client-name
satismeter-client
Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
kong/3.6.0
cf-cache-status
DYNAMIC
content-encoding
br
x-powered-by
Express
x-kong-proxy-latency
1
x-kong-upstream-latency
3
cross-origin-resource-policy
same-origin
x-kong-request-id
56306e371e35822d9e485211e515a341
x-request-id
45062ec3-8601-496d-ba4d-1563d5b61966
server
cloudflare
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.satismeter.com
access-control-allow-credentials
true
cf-ray
8ab52ed7edf318f7-FRA
satismeter-logo.svg
app.satismeter.com/
18 KB
8 KB
Image
General
Full URL
https://app.satismeter.com/satismeter-logo.svg
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-55a20f82.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7cf5c0c085a46774152ee3e06166e75cc042b7a380ae8102e61ddf54a34612fd
Security Headers
Name Value
Content-Security-Policy script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.satismeter.com/assets/index-55a20f82.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
content-encoding
gzip
cf-cache-status
MISS
via
kong/3.6.0
cross-origin-embedder-policy
unsafe-none
x-powered-by
Express
x-kong-proxy-latency
0
x-kong-upstream-latency
3
cross-origin-resource-policy
same-origin
x-kong-request-id
9d04ef08dd473f1387b08e42d3fad128
x-request-id
ee7c75c7-1faa-4dc3-9bbe-15e4d76e4008
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Jul 2024 10:32:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"4608-190e972faa8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
8ab52ed7fdf918f7-FRA
expires
Tue, 30 Jul 2024 15:59:30 GMT
enterprise.js
www.google.com/recaptcha/
2 KB
1017 B
Script
General
Full URL
https://www.google.com/recaptcha/enterprise.js?onload=satismeterOnRecaptchaLoad&render=explicit
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f4.1e100.net
Software
GSE /
Resource Hash
041bbdd9a7e3b07dffde02fe0c56ade0af24edbc99cda1ba4e4d39f25c7e8ea8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 30 Jul 2024 11:59:30 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/cSsRyGYslgs5sKSJSA9CEDmAD8yeMV5P/
103 KB
28 KB
Script
General
Full URL
https://cdn.segment.com/analytics.js/v1/cSsRyGYslgs5sKSJSA9CEDmAD8yeMV5P/analytics.min.js
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9ea4d8657581fb3b7f3f891e87e9c825f8089e2e9c553f6fc6d8a745ca1a413

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
zC_0Aw7imvDbEuxfC4GyWFsRuQJR9iX9
content-encoding
br
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
date
Tue, 30 Jul 2024 11:59:32 GMT
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 29 Jul 2024 19:04:24 GMT
server
AmazonS3
etag
W/"2dfd80bc1ff94644b64d3b53828985cf"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
ohUxbkCM4ycRYVqPD_04fuI6ITijGLEKVKoM2V156Rbrr5NkyANl6g==
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=37b7c3e8-a090-4fe3-9eb3-3bed0c73abf4
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
16EJPM9K30XP37FF
age
3
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
z1V/NuijnK7Md6R8xho26aVzAi5YWZpIy2l2KX04qLLf562XDGukX+pnpGWp4oLzz96OIYLMddM=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axsFonoXdVMZtN7jNPJPXa1201kOdqjchgr3RZK1X4LIsV1OBO4kaZWGp1IXWt6dXT4AJZqC%2FuabYVDj%2FkjAVbyI8BjwST18BLUrCQzkPHeJ7KgzQtk1cYKcVu04sO3z1iG5yJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8ab52ed91ae58ebe-FRA
access-control-allow-headers
*
/
o503008.ingest.sentry.io/api/4503941828968448/envelope/
2 B
70 B
Fetch
General
Full URL
https://o503008.ingest.sentry.io/api/4503941828968448/envelope/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_version=7&sentry_client=sentry.javascript.react%2F7.72.0
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
graphql
app.satismeter.com/
41 B
165 B
Fetch
General
Full URL
https://app.satismeter.com/graphql
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
41091d8ec58d14985c477c64a496125deb99fdd099dcc313d12e2afdc95f6b49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept
*/*
apollographql-client-name
satismeter-client
Referer
https://app.satismeter.com/
baggage
sentry-environment=production,sentry-release=dc4e53b5b640c7072ca1d09fb3f82649e74ba0bf,sentry-public_key=3d5733401397498aa18fad57273d994f,sentry-trace_id=57fd8093354f451881eb30730f0ec186,sentry-sample_rate=1,sentry-sampled=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
sentry-trace
57fd8093354f451881eb30730f0ec186-b087ff2c777fb5e0-1
content-type
application/json

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
kong/3.6.0
cf-cache-status
DYNAMIC
x-powered-by
Express
x-kong-proxy-latency
3
x-kong-upstream-latency
4
cross-origin-resource-policy
same-origin
content-length
41
x-kong-request-id
82a884730b98fb5340fe3c303e0a3914
x-request-id
cc310296-4f54-452f-ada5-2ac9f58228fa
server
cloudflare
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.satismeter.com
access-control-allow-credentials
true
cf-ray
8ab52ed8cfd318f7-FRA
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/
533 KB
213 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?onload=satismeterOnRecaptchaLoad&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19df4102c07ecfc86052b3ba527e800df1b34fff4b23a7cde8268f6de0729e03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.satismeter.com/
Origin
https://app.satismeter.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 10:06:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216982
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 21:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Jul 2025 10:06:17 GMT
37b7c3e8-a090-4fe3-9eb3-3bed0c73abf4
ekr.zdassets.com/compose/
952 B
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/37b7c3e8-a090-4fe3-9eb3-3bed0c73abf4
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e5acb4994bf1527de6f208e71f27242a227753535a4ef06b8118d36467c09a6
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
age
34
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8ab4283679a44b9a-SEA, 8ab4283679a44b9a-SEA, 8ab4283679a44b9a-SEA
x-runtime
0.012328
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"6e5acb4994bf1527de6f208e71f27242"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UzX2XcpVLVba8ONZWBlOtls3Qavp1J0t%2FxgdB8nFVjRXliNcH1IWhyQMgYVczdpAh7WavoUUv6haHcqO46oOrBx4z0fw1CsiJPUn3Mt20Ak6SJBR60vTdxj%2FkA1YZkfqR0c%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes, yes
cf-ray
8ab52ed99c9035fc-FRA
anchor
www.google.com/recaptcha/enterprise/ Frame D34D
0
0
Document
General
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Leeht8bAAAAAJe7ig9uMOC14XOn6R-Fd1bDcHus&co=aHR0cHM6Ly9hcHAuc2F0aXNtZXRlci5jb206NDQz&hl=de&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&cb=9yasqc8u23lt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dOU68BELVR_bUhBoaco4og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.satismeter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dOU68BELVR_bUhBoaco4og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jul 2024 11:59:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
o503008.ingest.sentry.io/api/4503941828968448/envelope/
198 B
139 B
Fetch
General
Full URL
https://o503008.ingest.sentry.io/api/4503941828968448/envelope/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_version=7&sentry_client=sentry.javascript.react%2F7.72.0
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
content-encoding
br
via
1.1 google
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-sentry-rate-limits
60:transaction;profile:organization:transaction_usage_exceeded
retry-after
60
google-logo.png
app.satismeter.com/
17 KB
17 KB
Image
General
Full URL
https://app.satismeter.com/google-logo.png
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
64c8e826cfe178492b569db31b936dbea25851768bc23192ffd944793442377b
Security Headers
Name Value
Content-Security-Policy script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.satismeter.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
via
kong/3.6.0
cf-cache-status
MISS
cross-origin-embedder-policy
unsafe-none
x-powered-by
Express
x-kong-proxy-latency
0
x-kong-upstream-latency
4
cross-origin-resource-policy
same-origin
content-length
17550
x-kong-request-id
f4ad9275b9c6960d8a23f157e53fda5b
x-request-id
9b496a52-fa8b-457d-92e5-e3c87045068b
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Jul 2024 10:32:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"448e-190e972faa8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8ab52ed9b94218f7-FRA
expires
Tue, 30 Jul 2024 15:59:31 GMT
customer-photo-sujan.png
app.satismeter.com/
340 KB
340 KB
Image
General
Full URL
https://app.satismeter.com/customer-photo-sujan.png
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
530fc7230668460821b7bf5bf939423175937b2501786cf0a5095af82b445b5d
Security Headers
Name Value
Content-Security-Policy script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.satismeter.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
via
kong/3.6.0
cf-cache-status
MISS
cross-origin-embedder-policy
unsafe-none
x-powered-by
Express
x-kong-proxy-latency
0
x-kong-upstream-latency
3
cross-origin-resource-policy
same-origin
content-length
347895
x-kong-request-id
7a4c386446c37a3aada661305077b70c
x-request-id
2388e9c6-3740-4212-99af-995e259ccca1
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Jul 2024 10:32:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"54ef7-190e972faa8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8ab52ed9b94b18f7-FRA
expires
Tue, 30 Jul 2024 15:59:31 GMT
web-widget-main-8a72170.js
static.zdassets.com/web_widget/classic/latest/ Frame E888
972 KB
278 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-8a72170.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=37b7c3e8-a090-4fe3-9eb3-3bed0c73abf4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40402711695d1065be0ab3605ad3e6725ea10e1f481d202905698bbe404ad6d0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:30 GMT
x-amz-version-id
p7J3i.TAB7qYyZQLrvLxg9M1dcnu_gsX
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
B0NPS4WHAFSFXJK7
age
123
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
T+18l1G67/H5LyQWIp6BgskeFw/TPLNSH5LwIuVid4/iPjxfGQBdDMEOH4oIk/erfw7EMqxN43WbIn7IvLRtBw==
last-modified
Tue, 23 Jul 2024 07:37:08 GMT
server
cloudflare
etag
W/"70c432e114868ef3fdd2df8d38139a27"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OBE4nV4GibH6sBHFUB9WBRn%2BIh9dLrDV%2BK61KHHy0tGh0vE8JFRDU2ucs1BOgslo5DEoB4X%2BBwKaRY0L6M4hH7TU%2BdLhID70TnvZVd8T5jQO9yWzlUIR3mbcVtxHvaLEds1gci8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8ab52ed9dc0a8ebe-FRA
access-control-allow-headers
*
expires
Wed, 23 Jul 2025 07:37:07 GMT
en-us-json-8a72170.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame E888
25 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-8a72170.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-8a72170.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:31 GMT
x-amz-version-id
fnJ16ABSJXkbrlpygc2gNDvkwACdTriG
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
B0NR5K1JJG3DNZZE
age
10986
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
SZdES4KhR2aOUXLRIjHmxnItxr+OAPOP2HJXbrYiAyqQBS2Xo+R3MQFGp2Nh7r+Mz8c2b4Gw0370xy2G6oUKvsRfLsSHote0
last-modified
Tue, 23 Jul 2024 07:37:09 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDs00DywnjHu33TE5uwQer4S0nCBSkNkAt3dpISqHCkjAmy6qgJOPCLrI66jYDGeZ7xi6Pbie9lcLbE5XBptpsSqKHSdlO68jXvUqK7Je3qOz3whn1CGD6iwq%2F2Ro4gT8mODES4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8ab52edaad488ebe-FRA
access-control-allow-headers
*
expires
Wed, 23 Jul 2025 07:37:08 GMT
config
satismeter.zendesk.com/embeddable/ Frame E888
578 B
1 KB
Fetch
General
Full URL
https://satismeter.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-8a72170.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38c5c27802ffb19236c4987d5e78deb7bc6cb49eb2e0c2e71d423bed6a6e65d0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
34
x-zendesk-origin-server
embeddable-app-server-5cbdccd84c-sglxf
x-cached
MISS
x-request-id
8ab52e0a4b199c07-FRA
x-runtime
0.002099
last-modified
Tue, 30 Jul 2024 11:58:57 GMT
server
cloudflare
x-zendesk-zorg
yes
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ucMJX3vmvSIiIu3Z0Cm%2FipQLsd%2BVe4Af9kyDDh8ejyND7djYy%2FA21n83Um8CvVJ5BN%2B76JoAZZuu3wF4uClKtOQxfb%2FQRkB1uOUIRJVZaIH%2FV1rGxz540sHbcja%2BA1VL2giBsJnzWo%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
8ab52edafa255c98-FRA
settings
cdn.segment.com/v1/projects/cSsRyGYslgs5sKSJSA9CEDmAD8yeMV5P/
3 KB
2 KB
Fetch
General
Full URL
https://cdn.segment.com/v1/projects/cSsRyGYslgs5sKSJSA9CEDmAD8yeMV5P/settings
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e51e5e8cfddde5b6e98edcd8a6ce325d87aecdd8ee3c03b6bc3fac68d48882d2

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
dPQz_c39qkYoPWh9IQHypGO3gXczyv59
content-encoding
br
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
date
Tue, 30 Jul 2024 09:43:28 GMT
x-amz-cf-pop
FRA6-C1
age
8571
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 25 Jul 2024 17:43:28 GMT
server
AmazonS3
etag
W/"f6634aed600e24342737edaa1663c3f1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
nKVzyWgiqwaxEaw1Opqj8owQ13pFdz6hojtq6HHPs8t_EleRiIrUpA==
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/
9 KB
3 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/cSsRyGYslgs5sKSJSA9CEDmAD8yeMV5P/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 20:17:52 GMT
x-amz-version-id
y1rPlIgvelxNE1YxH.dn4iIroP2Pnn0U
content-encoding
br
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3080499
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Jun 2024 18:40:05 GMT
server
AmazonS3
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
uHHc59TeJd7_B9bcE5rrVl8uQgWyN9VJgwZRw37_M_9bUPH2h683aA==
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/
2 KB
1 KB
Script
General
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/cSsRyGYslgs5sKSJSA9CEDmAD8yeMV5P/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 20:17:54 GMT
x-amz-version-id
fFM2.Q5O21tbOz6I0BWTT24IeUb4pa6L
content-encoding
br
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3080498
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Jun 2024 18:40:05 GMT
server
AmazonS3
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
nIkCV2m76eJ14jynErMzH8j9TTmq4ir-9ObWMZk3vAw65iH93Pr42w==
ad70603567d2fd1e96e9.js
cdn.segment.com/next-integrations/actions/amplitude-plugins/
4 KB
2 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/actions/amplitude-plugins/ad70603567d2fd1e96e9.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/cSsRyGYslgs5sKSJSA9CEDmAD8yeMV5P/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d20fef5c39a29496573f320ec20c08d6f3fe386635f87de035e89d24fdd40556

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
1rSiuqfPe7V0MOHWOgN0RhO6HOY72zz0
content-encoding
br
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
date
Tue, 30 Jul 2024 01:29:26 GMT
x-amz-cf-pop
FRA6-C1
age
38910
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 02 Jul 2024 17:58:55 GMT
server
AmazonS3
etag
W/"d182a0c483cdfe192fbae74b56192b30"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
DO_GwpC2Jh6n5SDy10DdW5PLggBi0nyLRtIvXbitfkwpR6emnOlmmw==
2d04d1da143afcea0dd4.js
cdn.segment.com/next-integrations/actions/845/
27 KB
8 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/actions/845/2d04d1da143afcea0dd4.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/amplitude-plugins/ad70603567d2fd1e96e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
6QwFHwiTFjRaoadUFPfbiMxzeAQ1Qs2f
content-encoding
br
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
date
Mon, 29 Jul 2024 19:46:01 GMT
x-amz-cf-pop
FRA6-C1
age
58411
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 02 Jul 2024 17:58:54 GMT
server
AmazonS3
etag
W/"3d84aa516e4818a6f28f1cad3a20212d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
PES_niGaetYXoUjYAlE0arqUKWfcfWBD1bzvWXsBIzERJgnZU8KeCg==
satismeter.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/satismeter/2.0.3/
3 KB
2 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/integrations/satismeter/2.0.3/satismeter.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/cSsRyGYslgs5sKSJSA9CEDmAD8yeMV5P/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6669e7413fb9334a7ef5662dace6bf7ef124b85cc1d69761cbdf6b2da4696608

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:55:22 GMT
content-encoding
gzip
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-version-id
DjeflaI9rMgBMXAPgn9p0D1eSis9niPw
x-amz-cf-pop
FRA6-C1
age
1173850
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1226
last-modified
Mon, 03 Jun 2024 14:40:13 GMT
server
AmazonS3
etag
"1ef6dd3c4f6cf0dd0c0562dee20e63ea"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
1p1P1J61MSckITf3n2CVGFAaTToApWVQwFNOVLe7l9F2WfLVcx7gjQ==
intercom.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/intercom/3.1.0/
4 KB
2 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/integrations/intercom/3.1.0/intercom.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/cSsRyGYslgs5sKSJSA9CEDmAD8yeMV5P/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04bde84c00132d26dff806e922ba556916db435fbae302ffe70cdeb1fc63df32

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 20:05:26 GMT
content-encoding
gzip
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-version-id
yfiWbRGGnDKmC08taZ.ERsaHd04tGJD6
x-amz-cf-pop
FRA6-C1
age
1180445
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1879
last-modified
Mon, 03 Jun 2024 14:40:12 GMT
server
AmazonS3
etag
"de0a11b95aca20dc7cc5bcec42adc9e4"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
3oiaa1MBM5gEO6cLVXE0AhQCe2AIBKC5Pjp0qb7Baf2VzX_ps9TS5Q==
p
api.segment.io/v1/
21 B
174 B
Fetch
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.251.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-251-6.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://app.satismeter.com
date
Tue, 30 Jul 2024 11:59:31 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
p
api.segment.io/v1/
21 B
175 B
Fetch
General
Full URL
https://api.segment.io/v1/p
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.251.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-251-6.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://app.satismeter.com
date
Tue, 30 Jul 2024 11:59:31 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
commons.a61d7bea37d2de5d4b69.js.gz
cdn.segment.com/next-integrations/integrations/vendor/
70 KB
22 KB
Script
General
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/cSsRyGYslgs5sKSJSA9CEDmAD8yeMV5P/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:26:09 GMT
content-encoding
gzip
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-version-id
V.SxMmReU8g28xcE4bFlqm5TAakYuTpt
x-amz-cf-pop
FRA6-C1
age
448403
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21911
last-modified
Mon, 03 Jun 2024 14:40:11 GMT
server
AmazonS3
etag
"c467a63b2e7c3a99be423ace649014d8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
vbCgPL9wk1wvzoYESqiZzUUO7yxYq3FIrCHk3NnKY4H_CGZtMzOSzA==
js
app.satismeter.com/
109 KB
38 KB
Script
General
Full URL
https://app.satismeter.com/js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
555be526f5a824e1a1869ec6f767b6bdd7574b8b17838bc275c07f2118813b31
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://app.satismeter.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
kong/3.6.0
cf-cache-status
HIT
content-encoding
br
age
27
x-powered-by
Express
x-kong-proxy-latency
0
x-kong-upstream-latency
2
cross-origin-resource-policy
cross-origin
x-kong-request-id
34a2eb7209c5b21a2b431879b444cc51
x-request-id
137e6844-a741-4a6f-91d0-33f697e89d8a
server
cloudflare
etag
W/"8112-glfLlwX2mpV2hyme7HAyQ++nskc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
8ab52eddaf8a18f7-FRA
expires
Tue, 30 Jul 2024 15:59:31 GMT
w3bimpuv
widget.intercom.io/widget/
7 KB
3 KB
Script
General
Full URL
https://widget.intercom.io/widget/w3bimpuv
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c33289e42fb87b72cb6825a0db842870951d485c2ec684e4174f90affdc2d6d5

Request headers

Referer
https://app.satismeter.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
bHIgq0KosLdWX2yLOj.H1oR73CixZUDe
content-encoding
gzip
via
1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
date
Tue, 30 Jul 2024 11:55:58 GMT
x-amz-cf-pop
FRA2-C1
age
218
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2670
last-modified
Mon, 29 Jul 2024 15:44:37 GMT
server
AmazonS3
etag
"c6aafa8f6b614a28ef3dab212a6f78c7"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
CkSPkIeHNhdj7xP2ozoUeC7Am7jJa5u-_h1R6JEomXn5VmAY17OnSQ==
widget
app.satismeter.com/api/
0
0
Fetch
General
Full URL
https://app.satismeter.com/api/widget
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://app.satismeter.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jul 2024 11:59:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
kong/3.6.0
cf-cache-status
DYNAMIC
x-powered-by
Express
x-kong-proxy-latency
0
x-kong-upstream-latency
40
cross-origin-resource-policy
cross-origin
x-kong-request-id
0cce641e8d29f0360504ba4a5b71632a
x-request-id
6708ef6a-a025-4647-8a22-5f18426eb647
server
cloudflare
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
access-control-allow-methods
PUT,POST
access-control-allow-origin
*
access-control-expose-headers
Location,Auth-Token
cf-ray
8ab52eddf80218f7-FRA
access-control-allow-headers
Content-Type,Auth-Token,Traceparent,Request-Context
widget
app.satismeter.com/api/
0
0
Fetch
General
Full URL
https://app.satismeter.com/api/widget
Requested by
Host: app.satismeter.com
URL: https://app.satismeter.com/assets/index-f7c8876f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://app.satismeter.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jul 2024 11:59:31 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
kong/3.6.0
cf-cache-status
DYNAMIC
x-powered-by
Express
x-kong-proxy-latency
1
x-kong-upstream-latency
29
cross-origin-resource-policy
cross-origin
x-kong-request-id
8a084d371ee4dc05852aeb29bb22182f
x-request-id
6d8679f2-dead-4b3f-9542-a7ec595bd0ba
server
cloudflare
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
access-control-allow-methods
PUT,POST
access-control-allow-origin
*
access-control-expose-headers
Location,Auth-Token
cf-ray
8ab52edef97c18f7-FRA
access-control-allow-headers
Content-Type,Auth-Token,Traceparent,Request-Context
frame-modern.7cdc8a54.js
js.intercomcdn.com/ Frame F429
459 KB
139 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.7cdc8a54.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/w3bimpuv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11f86711cab4637b82699021a4d755928d18ca6ba9267c69dbeb61ef0942c633
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
XXFWY4v0MEMx0RUAlZy1r4lQY4KZD6tr
content-encoding
gzip
via
1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
date
Tue, 30 Jul 2024 11:44:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
891
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
141181
last-modified
Mon, 29 Jul 2024 15:42:04 GMT
server
AmazonS3
etag
"baf0b4e354bc857eecc0b43732263674"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
BrAQrHGlp2mi7VPZAjegO05z_zGQwYqU-VJ4-pFV-CGs8WulO2NY9w==
vendor-modern.24002cc7.js
js.intercomcdn.com/ Frame F429
455 KB
145 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.24002cc7.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/w3bimpuv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
614ba69cc45e1d7f36150f778fe53f5ad76ad857df5c5ac9c762a6978086b09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-amz-version-id
mUf1NzjKbvJ7VCiQTwmL59mmHgILZla9
content-encoding
gzip
via
1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
date
Tue, 30 Jul 2024 10:27:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
5508
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
147288
last-modified
Mon, 29 Jul 2024 15:42:04 GMT
server
AmazonS3
etag
"9cffe9d409ffd49439595bfe9ba87d5d"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
HSyGESik5L4wJzKnG4iioMD2uLXMMHVaXPttW09P0goy3QhepGBTxw==
favicon-32x32.png
app.satismeter.com/
1 KB
2 KB
Other
General
Full URL
https://app.satismeter.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b377cc30ca9f2b0841a5f7b93aa51039f4d45c95fdddd2003056e97c6d16dafc
Security Headers
Name Value
Content-Security-Policy script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://app.satismeter.com/login
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 11:59:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
via
kong/3.6.0
cf-cache-status
MISS
cross-origin-embedder-policy
unsafe-none
x-powered-by
Express
x-kong-proxy-latency
0
x-kong-upstream-latency
3
cross-origin-resource-policy
same-origin
content-length
1072
x-kong-request-id
c7712d0cae273c036dd06c3500abe978
x-request-id
c88b72e4-dfcf-4a18-92ba-da6a9eee949e
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 25 Jul 2024 10:32:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"430-190e972faa8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8ab52ee06c2318f7-FRA
expires
Tue, 30 Jul 2024 15:59:32 GMT
ping
api-iam.intercom.io/messenger/web/ Frame F429
4 KB
2 KB
XHR
General
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.7cdc8a54.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.226.143.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-143-229.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e34457965e1be6742c7ab2458900486aec1968266379f4789a8042d533b97cc8
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 30 Jul 2024 11:59:32 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-0942a50332414b488
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0003cp5pf8cgderghsk0
x-runtime
0.309196
server
nginx
etag
W/"e34457965e1be6742c7ab2458900486a"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.satismeter.com
x-intercom-version
638ec8884a1fe193425aef0c1f7b8d1139023a7e
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| FontAwesomeConfig object| ___FONT_AWESOME___ object| analytics object| __SENTRY__ function| filterCSS function| filterXSS object| __APOLLO_CLIENT__ function| satismeterOnRecaptchaLoad object| zESettings object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| zEWebpackACJsonp function| zE function| zEmbed object| recaptcha object| closure_lm_240926 boolean| zEACLoaded function| $zopim object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| webpackChunkDestination function| amplitude-pluginsDestination object| satismeterDeps function| satismeterLoader object| intercomDeps function| intercomLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| satismeterIntegration function| intercomIntegration function| Intercom function| satismeter function| __intercomAssignLocation function| __intercomReloadLocation

7 Cookies

Domain/Path Name / Value
.satismeter.com/ Name: __cf_bm
Value: .SSvpZ7z3vPrNvMycvOBl0ytYv4a2BRscsCcOYusEJk-1722340770-1.0.1.1-svkIT913qi3BU6l00AGMKA663fKhuXrNoJJru_GxlBimkLCaP0OwIbZT9NI4DqsqHVomZx7guDbBsb01jdsuEQ
.satismeter.com/ Name: ajs_anonymous_id
Value: 073e0192-0ddb-4734-ab52-38ab67f1f591
.satismeter.com/ Name: analytics_session_id
Value: 1722340771426
.satismeter.com/ Name: analytics_session_id.last_access
Value: 1722340771431
.satismeter.com/ Name: intercom-id-w3bimpuv
Value: 3b4ef65a-fbf5-47bb-849d-2d51e904a161
.satismeter.com/ Name: intercom-session-w3bimpuv
Value:
.satismeter.com/ Name: intercom-device-id-w3bimpuv
Value: 3b1a678f-3baa-4a42-b1a1-f2525bd451bd

2 Console Messages

Source Level URL
Text
network error URL: https://o503008.ingest.sentry.io/api/4503941828968448/envelope/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_version=7&sentry_client=sentry.javascript.react%2F7.72.0
Message:
Failed to load resource: the server responded with a status of 429 ()
recommendation verbose URL: https://app.satismeter.com/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' cdn.headwayapp.co cdn.rollbar.com cdn.segment.com js.intercomcdn.com widget.intercom.io rec.smartlook.com static.zdassets.com *.google.com www.googleadservices.com googleads.g.doubleclick.net www.googletagmanager.com www.gstatic.com app.satismeter.com js.braintreegateway.com assets.braintreegateway.com songbirdstag.cardinalcommerce.com songbird.cardinalcommerce.com browser.sentry-cdn.com widget-mediator.zopim.com ssl.google-analytics.com cdn.zapier.com; object-src 'self'; frame-src *; child-src 'self' www.google.com headway-widget.net portal.productboard.com assets.braintreegateway.com; form-action 'self' *.cardinalcommerce.com *.revolut.com *.modirum.com mycardsecure.com *.klikbca.com *.bankserv.co.za *.cardpay.com secure22gw.ro; img-src 'self' assets.braintreegateway.com twemoji.maxcdn.com cdn.jsdelivr.net data:; frame-ancestors 'none'; report-uri https://o503008.ingest.sentry.io/api/4503941828968448/security/?sentry_key=3d5733401397498aa18fad57273d994f&sentry_environment=production
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.segment.io
app.satismeter.com
cdn.segment.com
ekr.zdassets.com
js.intercomcdn.com
o503008.ingest.sentry.io
satismeter.zendesk.com
static.zdassets.com
widget.intercom.io
www.google.com
www.gstatic.com
104.16.53.111
104.18.70.113
104.18.72.113
13.224.189.18
18.245.46.19
216.58.206.36
2606:4700::6812:313
2a00:1450:4001:82a::2003
3.226.143.229
34.120.195.249
54.69.251.6
99.86.8.175
041bbdd9a7e3b07dffde02fe0c56ade0af24edbc99cda1ba4e4d39f25c7e8ea8
04bde84c00132d26dff806e922ba556916db435fbae302ffe70cdeb1fc63df32
11f86711cab4637b82699021a4d755928d18ca6ba9267c69dbeb61ef0942c633
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
19df4102c07ecfc86052b3ba527e800df1b34fff4b23a7cde8268f6de0729e03
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
2f436049344215f77f1ee8d7eb1118b48a38b0d293c2f51b0d305c86ce046836
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
35879eb94bef73bd2fab40f0c3391c26d53844b67e7fd4a7c7ba9ef86fb96968
38c5c27802ffb19236c4987d5e78deb7bc6cb49eb2e0c2e71d423bed6a6e65d0
3eed263d5651bde05a9009137b05a0c2cf400cbcc33f186e8301bc948b6e6bf8
40402711695d1065be0ab3605ad3e6725ea10e1f481d202905698bbe404ad6d0
41091d8ec58d14985c477c64a496125deb99fdd099dcc313d12e2afdc95f6b49
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
530fc7230668460821b7bf5bf939423175937b2501786cf0a5095af82b445b5d
555be526f5a824e1a1869ec6f767b6bdd7574b8b17838bc275c07f2118813b31
55a20f8266690aee3608b28d34983db2246aeb4a81eab559a458596d3e1e9609
614ba69cc45e1d7f36150f778fe53f5ad76ad857df5c5ac9c762a6978086b09c
64c8e826cfe178492b569db31b936dbea25851768bc23192ffd944793442377b
6669e7413fb9334a7ef5662dace6bf7ef124b85cc1d69761cbdf6b2da4696608
6a74b41ee40c7b4fc8dd38ac231f8a66d17d853554f7801d983057137d711b05
6e5acb4994bf1527de6f208e71f27242a227753535a4ef06b8118d36467c09a6
7cf5c0c085a46774152ee3e06166e75cc042b7a380ae8102e61ddf54a34612fd
81004270c6003b4d6e5294011d471f0e49ec3aa427ab20e2e2f75e2a5be324fc
855c6debcc2ae6b908ae6c0f19c93bfcf9dcf876fbb0dadbc4ce03de65074b9c
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a9ea4d8657581fb3b7f3f891e87e9c825f8089e2e9c553f6fc6d8a745ca1a413
b377cc30ca9f2b0841a5f7b93aa51039f4d45c95fdddd2003056e97c6d16dafc
b3cd73f3ef159031e659861b88450b8696f7a30395793180eda9cc41da622e36
b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
c33289e42fb87b72cb6825a0db842870951d485c2ec684e4174f90affdc2d6d5
c9ef01b185364553197a5cc05bb23277c95fa78d9f151f3e255676865525f391
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d20fef5c39a29496573f320ec20c08d6f3fe386635f87de035e89d24fdd40556
e34457965e1be6742c7ab2458900486aec1968266379f4789a8042d533b97cc8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51e5e8cfddde5b6e98edcd8a6ce325d87aecdd8ee3c03b6bc3fac68d48882d2
fb74fdd4304bf0c59509e8a1e48620bbb4a070b85fc5b7fe035cf7202a5ce39c