Submitted URL: https://sigmund.headway.co/refer-a-provider
Effective URL: https://login.headway.co/u/login/identifier?state=hKFo2SBtUUp3Vm1KRkgzZnFUZTlBc3BNWGk5YmR2Mm8wM2xyaqFur3VuaXZlcnNhbC1sb2d...
Submission: On December 06 via api from US — Scanned from CA

Summary

This website contacted 15 IPs in 1 countries across 10 domains to perform 28 HTTP transactions. The main IP is 2606:4700::6813:a718, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.headway.co. The Cisco Umbrella rank of the primary domain is 385471.
TLS certificate: Issued by E5 on October 25th 2024. Valid for: 3 months.
This is the only time login.headway.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 172.66.0.171 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2600:9000:26c... 16509 (AMAZON-02)
2 52.85.151.23 16509 (AMAZON-02)
1 99.84.188.39 16509 (AMAZON-02)
1 35.186.247.156 15169 (GOOGLE)
2 52.22.248.30 14618 (AMAZON-AES)
1 99.84.188.9 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 108.138.64.17 16509 (AMAZON-02)
2 18.154.227.129 16509 (AMAZON-02)
1 2600:9000:28a... 16509 (AMAZON-02)
1 52.85.247.108 16509 (AMAZON-02)
28 15
Apex Domain
Subdomains
Transfer
10 headway.co
sigmund.headway.co — Cisco Umbrella Rank: 521561
api.headway.co — Cisco Umbrella Rank: 294455
login.headway.co — Cisco Umbrella Rank: 385471
headway.co — Cisco Umbrella Rank: 147759
assets.headway.co — Cisco Umbrella Rank: 514729
3 MB
4 rudderstack.com
api.rudderstack.com — Cisco Umbrella Rank: 8301
findheadwaumps.dataplane.rudderstack.com — Cisco Umbrella Rank: 244896
2 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2998
288 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1073
181 KB
2 rudderlabs.com
cdn.rudderlabs.com — Cisco Umbrella Rank: 9872
44 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 6544
64 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2266
api-iam.intercom.io Failed
3 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 137
359 B
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1331
9 KB
28 10
Domain Requested by
4 sigmund.headway.co sigmund.headway.co
2 headway.co login.headway.co
2 js.intercomcdn.com widget.intercom.io
2 login.headway.co 1 redirects sigmund.headway.co
2 findheadwaumps.dataplane.rudderstack.com sigmund.headway.co
2 js.stripe.com sigmund.headway.co
js.stripe.com
2 api.rudderstack.com cdn.rudderlabs.com
2 cdn.rudderlabs.com sigmund.headway.co
cdn.rudderlabs.com
2 fonts.googleapis.com sigmund.headway.co
1 assets.headway.co login.headway.co
1 cdn.auth0.com login.headway.co
1 widget.intercom.io cdn.rudderlabs.com
1 api.headway.co sigmund.headway.co
1 sentry.io sigmund.headway.co
1 use.fontawesome.com sigmund.headway.co
0 api-iam.intercom.io Failed js.intercomcdn.com
28 16

This site contains no links.

Subject Issuer Validity Valid
headway.co
E5
2024-11-30 -
2025-02-28
3 months crt.sh
use.fontawesome.com
WE1
2024-11-07 -
2025-02-06
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.rudderlabs.com
Amazon RSA 2048 M03
2024-05-14 -
2025-06-12
a year crt.sh
*.rudderstack.com
Amazon RSA 2048 M02
2024-09-21 -
2025-10-18
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-10-30 -
2025-02-06
3 months crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-03 -
2025-07-22
a year crt.sh
*.dataplane.rudderstack.com
R10
2024-10-30 -
2025-01-28
3 months crt.sh
login.headway.co
E5
2024-10-25 -
2025-01-23
3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03
2024-01-15 -
2025-02-11
a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02
2024-10-31 -
2025-11-28
a year crt.sh
*.auth0.com
Amazon RSA 2048 M03
2024-01-25 -
2025-02-22
a year crt.sh
assets.headway.co
Amazon RSA 2048 M02
2024-10-02 -
2025-10-31
a year crt.sh

This page contains 3 frames:

Primary Page: https://login.headway.co/u/login/identifier?state=hKFo2SBtUUp3Vm1KRkgzZnFUZTlBc3BNWGk5YmR2Mm8wM2xyaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHc0eVV5VkNwS3lyTHJVOWdaMXRPeFFRSzJKR2JFOFpjo2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM
Frame ID: 92593DE9346B77FFCD3648FC7793924A
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-9618b1508f4feede60d3ec1d06fed719.html
Frame ID: 4719426334DC6DFBAAB8CA128411AA44
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.7e4cdb9a.js
Frame ID: C7301A8A852A023A29C7F41FA369CB13
Requests: 4 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://sigmund.headway.co/refer-a-provider Page URL
  2. https://login.headway.co/authorize?client_id=owrBPdUyVWv1EeOx1VJftnQZ7hweBSRS&scope=openid+default+of... HTTP 302
    https://login.headway.co/u/login/identifier?state=hKFo2SBtUUp3Vm1KRkgzZnFUZTlBc3BNWGk5YmR2Mm8wM2xyaqF... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

28
Requests

89 %
HTTPS

36 %
IPv6

10
Domains

16
Subdomains

15
IPs

1
Countries

3594 kB
Transfer

13103 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sigmund.headway.co/refer-a-provider Page URL
  2. https://login.headway.co/authorize?client_id=owrBPdUyVWv1EeOx1VJftnQZ7hweBSRS&scope=openid+default+offline_access&redirect_uri=https%3A%2F%2Fsigmund.headway.co%2Fauth%2Fcallback&audience=api.headway.co&response_type=code&response_mode=query&state=c1dMdGJRanRPREdNU29XQkdXanpiM1BpV1kwQndLcGZnd1FpeUdfcjhIbg%3D%3D&nonce=S3FidU1FRTZ2WDA1UV85YlIxdFZEbk1%2BUTVQMzhTNDdKX05VRG82YjhnUg%3D%3D&code_challenge=VFVIvevQqaJOrKUtu9b6Cmil3iY0T09RX6H4Ru23wxY&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjIuMS4yIn0%3D HTTP 302
    https://login.headway.co/u/login/identifier?state=hKFo2SBtUUp3Vm1KRkgzZnFUZTlBc3BNWGk5YmR2Mm8wM2xyaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHc0eVV5VkNwS3lyTHJVOWdaMXRPeFFRSzJKR2JFOFpjo2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
refer-a-provider
sigmund.headway.co/
6 KB
3 KB
Document
General
Full URL
https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
853ad95a58d9d64b36ff1a2d0232f7cbe249c78c15bd71b9e640cd84701c74a6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
40
cf-cache-status
DYNAMIC
cf-ray
8edc72b93ba1ac34-YYZ
content-encoding
gzip
content-type
text/html
date
Fri, 06 Dec 2024 12:58:33 GMT
last-modified
Fri, 06 Dec 2024 02:31:05 GMT
server
cloudflare
vary
accept-encoding
via
1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
x-amz-cf-id
SRkjYq54PnTuuA2FkHv8_MwbbiZlQhkwbeHkB8KhOkIKbuMn-nV_TA==
x-amz-cf-pop
YUL62-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
D8U2JUsbH4jLGvrMNMtefRyB22mn_IxK
x-cache
Error from cloudfront
all.css
use.fontawesome.com/releases/v5.0.7/css/
35 KB
9 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.0.7/css/all.css
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"16f4f6797931e43125885e1741f125a7"
age
1302612
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wRq3S0uAkMaVmX%2FJVokvgeKRsRnF%2FkdQBMkrk1zPbTqe60SBJrLpOESd%2F1kNyb0%2F4YefJIn%2Fe7CqfPeoLKhn79mxkhpiAeXFSFNQEX9DwS40XXTWd7xHDnVRyhbHNSgJK86rUkqKN8gBNrQi5W0r9UID"}],"group":"cf-nel","max_age":604800}
cf-ray
8edc72bacf19a2e2-YUL
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=16260&min_rtt=16242&rtt_var=3459&sent=6&recv=10&lost=0&retrans=0&sent_bytes=4032&recv_bytes=2210&delivery_rate=238200&cwnd=252&unsent_bytes=0&cid=4f0fd678a7626b60&ts=32&x=0"
date
Fri, 06 Dec 2024 12:58:34 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:44:11 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Material+Icons
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b64471a80a6405aef70e8302a7a638fbaefb5939aec12b797428ec48c1eba975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 06 Dec 2024 12:58:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 12:58:34 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 06 Dec 2024 12:58:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
icon
fonts.googleapis.com/
569 B
811 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 06 Dec 2024 12:58:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 12:58:34 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 06 Dec 2024 12:58:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
index-CeHF8_s2.js
sigmund.headway.co/assets/
4 MB
1 MB
Script
General
Full URL
https://sigmund.headway.co/assets/index-CeHF8_s2.js
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48efa359a07ee48b90996e03c87b8ffeec0cd64103f861b818fddf2761805246

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sigmund.headway.co
Referer
https://sigmund.headway.co/refer-a-provider

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"e492a591cb2003ea0e82baec9569cc7d"
x-amz-version-id
2WdfrzTE9byxYq19U9HZ8uRHSsD40lLD
age
59
x-cache
Hit from cloudfront
x-amz-cf-id
q4wqDxNa6jTCPXRlRciL1gWsZ0UAqjJbyi5kDBR6aNeRW7DsWz_kZQ==
date
Fri, 06 Dec 2024 12:58:34 GMT
content-type
text/javascript
last-modified
Fri, 06 Dec 2024 02:31:04 GMT
vary
accept-encoding
via
1.1 8b37208e69f78eef4dd958de00423132.cloudfront.net (CloudFront)
cf-ray
8edc72ba8cc8ac34-YYZ
x-amz-cf-pop
YUL62-P2
server
cloudflare
x-amz-server-side-encryption
AES256
vendor-BFjdQACu.js
sigmund.headway.co/assets/
6 MB
2 MB
Script
General
Full URL
https://sigmund.headway.co/assets/vendor-BFjdQACu.js
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88ad47a45792aa767fca025812b7cbc196fbd6a9ea1d6e4158bd06beaff52bc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sigmund.headway.co
Referer
https://sigmund.headway.co/refer-a-provider

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"3cf984724fa76ed1b55694b6243928ba"
x-amz-version-id
F1WY2uOlmJ8ffYjb2WIUVQ31BgHMzBNW
age
58
x-cache
Hit from cloudfront
x-amz-cf-id
jmJGzZ-uV4Tg4cuuQIn8d9Q9EkciT6Xtb6aQaNKk4zCeCmrTToyUkw==
date
Fri, 06 Dec 2024 12:58:34 GMT
content-type
text/javascript
last-modified
Fri, 06 Dec 2024 02:20:50 GMT
vary
accept-encoding
via
1.1 05b4905f6074a994b5e52b7e0ee5c01a.cloudfront.net (CloudFront)
cf-ray
8edc72ba8ccaac34-YYZ
x-amz-cf-pop
YUL62-P2
server
cloudflare
x-amz-server-side-encryption
AES256
index-DQ8FIO0Q.css
sigmund.headway.co/assets/
215 KB
30 KB
Stylesheet
General
Full URL
https://sigmund.headway.co/assets/index-DQ8FIO0Q.css
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f31d4c13d8d7d4f4386ac7718a903f49d20bc0fefbef51f3258302dc68d8d66c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sigmund.headway.co
Referer
https://sigmund.headway.co/refer-a-provider

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"0e805b11eefb21b1ed5e8a7050dcd574"
x-amz-version-id
aWtjB59qciivBdXiH9JfuCq_p2.r5WOi
age
28
x-cache
Hit from cloudfront
x-amz-cf-id
mUxvaeLlKKUI67ssX57CiArifrCg-jT-k9EK6qizfbpsUU9DB4LJDw==
date
Fri, 06 Dec 2024 12:58:34 GMT
content-type
text/css
last-modified
Fri, 06 Dec 2024 02:20:49 GMT
vary
accept-encoding
via
1.1 302bce0287d24df9c94be17a5fd67262.cloudfront.net (CloudFront)
cf-ray
8edc72ba8cc5ac34-YYZ
x-amz-cf-pop
YUL62-P2
server
cloudflare
x-amz-server-side-encryption
AES256
rudder-analytics.min.js
cdn.rudderlabs.com/v1.1/
124 KB
39 KB
Script
General
Full URL
https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/refer-a-provider
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26c1:e200:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30d3b6f18bd35158d72f39105a33567c183dfbd750b815320fa042b21439ca00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

vary
accept-encoding
cache-control
no-store
content-encoding
br
etag
W/"093a3a3c6732eff88c0ba137228aecfe"
via
1.1 13f73562b215175ddd75c2902ae36650.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
FQqgg6YRS-nj63-MPvNXEgFHiavdiDDfGK1h6mINangjUuU2JtA7bg==
date
Fri, 06 Dec 2024 12:58:35 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 04:24:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P1
x-amz-server-side-encryption
AES256
/
api.rudderstack.com/sourceConfig/
2 KB
1 KB
XHR
General
Full URL
https://api.rudderstack.com/sourceConfig/?p=cdn&v=2.48.40&writeKey=24qIw0Bp20VJPQ9esy2MCER936W
Requested by
Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-23.iad89.r.cloudfront.net
Software
/
Resource Hash
26b52931e9e5f24b8b9ab99b62d5be4353b29c16fddc8e3b7b15112a68a99613
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Authorization
Basic MjRxSXcwQnAyMFZKUFE5ZXN5Mk1DRVI5MzZXOg==
Referer
https://sigmund.headway.co/

Response headers

x-request-id
a2fc3870-b3d1-11ef-89f4-a5b71a1f8c20
access-control-expose-headers
X-Request-ID
content-encoding
gzip
age
71
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
1xReNxLPyYtYkUPBaQsQkG6kKQ4-tC5oyWgGAIMBKx2m8ECjw_UtFA==
date
Fri, 06 Dec 2024 12:57:23 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
access-control-allow-credentials
true
x-download-options
noopen
via
1.1 22e9d361a9c4153886c1c8aa0eb4ffa8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
IAD89-C3
/
api.rudderstack.com/sourceConfig/ Frame
0
0
Preflight
General
Full URL
https://api.rudderstack.com/sourceConfig/?p=cdn&v=2.48.40&writeKey=24qIw0Bp20VJPQ9esy2MCER936W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.151.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-151-23.iad89.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://sigmund.headway.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
*
access-control-max-age
900
age
58
alt-svc
h3=":443"; ma=86400
date
Fri, 06 Dec 2024 12:57:36 GMT
vary
Origin
via
1.1 22e9d361a9c4153886c1c8aa0eb4ffa8.cloudfront.net (CloudFront)
x-amz-cf-id
YLyvSlV2NSErm4bkVPLLvehMovFM6cMzBbRw5jOZ4xdzVSW1-25fdQ==
x-amz-cf-pop
IAD89-C3
x-cache
Hit from cloudfront
x-request-id
aa867510-b3d1-11ef-a13f-c7f3431a65e9
bba6362c-059d-4361-910b-1fb91deb6d30
https://sigmund.headway.co/ Frame
0
0

v3
js.stripe.com/
692 KB
181 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/assets/vendor-BFjdQACu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.188.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-188-39.iad89.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

content-encoding
br
etag
W/"838f021032c36e3fe69bcb27bcf45501"
age
29
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
j7j31JOeaiLy0qNRC1tABPBXCS1q3tZdDHtL4qQ2cXnaPT_byZF_jA==
date
Fri, 06 Dec 2024 12:58:07 GMT
content-type
text/javascript; charset=utf-8
last-modified
Thu, 05 Dec 2024 21:58:55 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 32c5b7040885724e78019cc31f0ef3e8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD89-C2
server
Cloudfront
/
sentry.io/api/1795113/envelope/
2 B
359 B
Fetch
General
Full URL
https://sentry.io/api/1795113/envelope/?sentry_key=f8dc6fc15d664dee917dc328dbaee058&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.119.0
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/assets/vendor-BFjdQACu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://sigmund.headway.co/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
content-encoding
gzip
x-envoy-upstream-service-time
1
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 06 Dec 2024 12:58:35 GMT
content-type
application/json
vary
Accept-Encoding,origin, access-control-request-method, access-control-request-headers
server
nginx
me
api.headway.co/api/sigmund/
93 B
241 B
XHR
General
Full URL
https://api.headway.co/api/sigmund/me
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/assets/vendor-BFjdQACu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sigmund.headway.co/

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8edc72c23bebac34-YYZ
access-control-allow-origin
https://sigmund.headway.co
content-length
93
date
Fri, 06 Dec 2024 12:58:35 GMT
content-type
application/json
vary
Origin
server
cloudflare
page
findheadwaumps.dataplane.rudderstack.com/v1/ Frame
0
0
Preflight
General
Full URL
https://findheadwaumps.dataplane.rudderstack.com/v1/page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.22.248.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-248-30.compute-1.amazonaws.com
Software
openresty/1.21.4.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
anonymousid,authorization,content-type
Access-Control-Request-Method
POST
Origin
https://sigmund.headway.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
anonymousid,authorization,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://sigmund.headway.co
access-control-max-age
900
date
Fri, 06 Dec 2024 12:58:35 GMT
server
openresty/1.21.4.2
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
page
findheadwaumps.dataplane.rudderstack.com/v1/
2 B
55 B
XHR
General
Full URL
https://findheadwaumps.dataplane.rudderstack.com/v1/page
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/assets/vendor-BFjdQACu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.22.248.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-248-30.compute-1.amazonaws.com
Software
openresty/1.21.4.2 /
Resource Hash

Request headers

AnonymousId
YTJjZmNjNTQtZjBkMi00NjZlLWJkM2QtN2Y1ZmUwNzczZmRm
Authorization
Basic MjRxSXcwQnAyMFZKUFE5ZXN5Mk1DRVI5MzZXOg==
Referer
https://sigmund.headway.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://sigmund.headway.co
content-length
2
date
Fri, 06 Dec 2024 12:58:35 GMT
content-type
text/plain; charset=utf-8
vary
Origin
server
openresty/1.21.4.2
access-control-allow-credentials
true
INTERCOM.min.js
cdn.rudderlabs.com/v1.1/js-integrations/
12 KB
5 KB
Script
General
Full URL
https://cdn.rudderlabs.com/v1.1/js-integrations/INTERCOM.min.js
Requested by
Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/rudder-analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26c1:e200:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

vary
accept-encoding
cache-control
no-store
content-encoding
br
etag
W/"b60987e716b0a7945b7b0233c8943252"
via
1.1 13f73562b215175ddd75c2902ae36650.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
oHePcN5nzyyiDi448B2PzaECNvNGqXr_bQpf85snxs1op1zoUhvqqw==
date
Fri, 06 Dec 2024 12:58:36 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 04:24:46 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P1
x-amz-server-side-encryption
AES256
controller-with-preconnect-9618b1508f4feede60d3ec1d06fed719.html
js.stripe.com/v3/ Frame 4719
0
0
Document
General
Full URL
https://js.stripe.com/v3/controller-with-preconnect-9618b1508f4feede60d3ec1d06fed719.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.188.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-188-9.iad89.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sigmund.headway.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
8
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 06 Dec 2024 12:58:35 GMT
etag
"9618b1508f4feede60d3ec1d06fed719"
last-modified
Thu, 05 Dec 2024 21:16:38 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 427271f19372c1be0d143a1d4c76a128.cloudfront.net (CloudFront)
x-amz-cf-id
FXXSPrzNFQcQ6KvsKbQ_w3f_z4UOZfmkfZx69cXT1zRgj8Ei5Pr70w==
x-amz-cf-pop
IAD89-C2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
Primary Request identifier
login.headway.co/u/login/
Redirect Chain
  • https://login.headway.co/authorize?client_id=owrBPdUyVWv1EeOx1VJftnQZ7hweBSRS&scope=openid+default+offline_access&redirect_uri=https%3A%2F%2Fsigmund.headway.co%2Fauth%2Fcallback&audience=api.headwa...
  • https://login.headway.co/u/login/identifier?state=hKFo2SBtUUp3Vm1KRkgzZnFUZTlBc3BNWGk5YmR2Mm8wM2xyaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHc0eVV5VkNwS3lyTHJVOWdaMXRPeFFRSzJKR2JFOFpjo2NpZNkgb3dyQlBkVXlWV3Y...
36 KB
36 KB
Document
General
Full URL
https://login.headway.co/u/login/identifier?state=hKFo2SBtUUp3Vm1KRkgzZnFUZTlBc3BNWGk5YmR2Mm8wM2xyaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHc0eVV5VkNwS3lyTHJVOWdaMXRPeFFRSzJKR2JFOFpjo2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM
Requested by
Host: sigmund.headway.co
URL: https://sigmund.headway.co/assets/vendor-BFjdQACu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a718 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f12af2df773cc4a554f932a77f09d0f3b613fe6fa92c7745ab8329cb86dc7e0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sigmund.headway.co/refer-a-provider
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8edc72c62c3fa320-YUL
content-language
en
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=utf-8
date
Fri, 06 Dec 2024 12:58:36 GMT
etag
W/"8fde-hRUnL/L5XzbvFKLIwyvrIl/YJ1A"
expires
Fri, 06 Dec 2024 12:58:35 GMT
pragma
no-cache
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-auth0-dl
30
x-auth0-l
0.082
x-auth0-requestid
05b6b8a6e95918c23905
x-content-type-options
nosniff
x-frame-options
deny
x-ratelimit-limit
20
x-ratelimit-remaining
19
x-ratelimit-reset
1733489922
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-transform
cf-cache-status
DYNAMIC
cf-ray
8edc72c47a6fa320-YUL
content-length
446
content-type
text/html; charset=utf-8
date
Fri, 06 Dec 2024 12:58:35 GMT
location
/u/login/identifier?state=hKFo2SBtUUp3Vm1KRkgzZnFUZTlBc3BNWGk5YmR2Mm8wM2xyaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHc0eVV5VkNwS3lyTHJVOWdaMXRPeFFRSzJKR2JFOFpjo2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-auth0-l
0.099
x-auth0-requestid
af66123dc0f3ced9ce41
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
298
x-ratelimit-reset
1733489917
nlfu1kpa
widget.intercom.io/widget/
7 KB
3 KB
Script
General
Full URL
https://widget.intercom.io/widget/nlfu1kpa
Requested by
Host: cdn.rudderlabs.com
URL: https://cdn.rudderlabs.com/v1.1/js-integrations/INTERCOM.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-17.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sigmund.headway.co/

Response headers

content-encoding
gzip
x-amz-version-id
gEW619mCaHowzz1qD7PeJQt9apLaEse1
etag
"bda3c5c4c9386f740444c58315cfd73a"
age
304
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
x-amz-cf-id
cAXN_1KcmZlpGb_RuX1Z3r0I8JlJSDnEp-IrkKeDl4_-1AWOEgfrBA==
date
Fri, 06 Dec 2024 12:53:42 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding, Origin
last-modified
Fri, 06 Dec 2024 11:58:30 GMT
cache-control
max-age=300, s-maxage=300, public
cross-origin-resource-policy
cross-origin
via
1.1 d48a409d6a3222e2cc9a060d30206d3c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2667
x-amz-cf-pop
IAD12-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
frame-modern.7e4cdb9a.js
js.intercomcdn.com/ Frame C730
473 KB
143 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.7e4cdb9a.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/nlfu1kpa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-129.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"3acb353a7db96b58de4eb3c36e3840e5"
x-amz-version-id
dt6OR0gszhkCHB_2HrGLngyKjlpIFf2b
age
3603
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Vhaam2ncFpc9MM7xk3cqdmzqVbl9aY_Oh10CVwPqsYGuTD8looPYKg==
date
Fri, 06 Dec 2024 11:58:33 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 06 Dec 2024 11:55:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 193a402ffd948b9e8339796d3c0c8282.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
145683
x-amz-cf-pop
IAD55-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor-modern.5c288613.js
js.intercomcdn.com/ Frame C730
456 KB
145 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.5c288613.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/nlfu1kpa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.154.227.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-154-227-129.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
z95Scsk4Tz_u5GQhOUQMNmarK2_MYRKW
etag
"cfcbe890471af67f5140f9f36766a673"
age
5649
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
NjS9swAXEwPUKjtZJ5Ga3ok9X1YRVWZlD7sd-JdDzu_th1C-7qWf5g==
date
Fri, 06 Dec 2024 11:24:27 GMT
content-type
application/javascript; charset=UTF-8
vary
accept-encoding
last-modified
Thu, 05 Dec 2024 16:04:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 193a402ffd948b9e8339796d3c0c8282.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
147369
x-amz-cf-pop
IAD55-P5
server
AmazonS3
x-amz-server-side-encryption
AES256
launcher_settings
api-iam.intercom.io/messenger/web/ Frame C730
0
0

ping
api-iam.intercom.io/messenger/web/ Frame C730
0
0

main.cdn.min.css
cdn.auth0.com/ulp/react-components/1.103.3/css/
279 KB
64 KB
Stylesheet
General
Full URL
https://cdn.auth0.com/ulp/react-components/1.103.3/css/main.cdn.min.css
Requested by
Host: login.headway.co
URL: https://login.headway.co/u/login/identifier?state=hKFo2SBtUUp3Vm1KRkgzZnFUZTlBc3BNWGk5YmR2Mm8wM2xyaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHc0eVV5VkNwS3lyTHJVOWdaMXRPeFFRSzJKR2JFOFpjo2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:28a9:1400:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b8d0011b252cc3fe682a05e4aa71f9670d7dcf2423ec67a0548e0f22d68c011
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-robots-tag
noindex
content-encoding
gzip
x-amz-version-id
YDuwwqW14CMj6v6Iu5_RGUVcViaUYt_R
etag
W/"07b8413b9c856003cb33b4bb74a67e1e"
age
50735
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
nOIrMkjPLPGKmBOSwgb7WSgbk8G70XS-ZQ7GqozflphAbeH8k9SsPQ==
date
Thu, 05 Dec 2024 22:53:02 GMT
content-type
text/css
vary
accept-encoding
last-modified
Mon, 02 Dec 2024 20:16:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-amz-replication-status
FAILED
cache-control
max-age=86400
via
1.1 415ae3c766005c5c7c6a16e45f13745c.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
HeadwayLogoAuth0.png
headway.co/
25 KB
26 KB
Image
General
Full URL
https://headway.co/HeadwayLogoAuth0.png
Requested by
Host: login.headway.co
URL: https://login.headway.co/u/login/identifier?state=hKFo2SBtUUp3Vm1KRkgzZnFUZTlBc3BNWGk5YmR2Mm8wM2xyaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHc0eVV5VkNwS3lyTHJVOWdaMXRPeFFRSzJKR2JFOFpjo2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5deda1350a5fe21d7a09f44d006ba2243f660b5a916b19cb3b5b83cf8b4cd8f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=3600
cf-cache-status
HIT
etag
W/"65ad-19399cc18b0"
cf-ray
8edc72c7d8b6ac34-YYZ
accept-ranges
bytes
content-length
26029
date
Fri, 06 Dec 2024 12:58:36 GMT
content-type
image/png
last-modified
Fri, 06 Dec 2024 02:28:30 GMT
vary
Accept-Encoding
server
cloudflare
PostGrotesk-Book.woff
assets.headway.co/fonts/
74 KB
75 KB
Font
General
Full URL
https://assets.headway.co/fonts/PostGrotesk-Book.woff
Requested by
Host: login.headway.co
URL: https://login.headway.co/u/login/identifier?state=hKFo2SBtUUp3Vm1KRkgzZnFUZTlBc3BNWGk5YmR2Mm8wM2xyaqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIHc0eVV5VkNwS3lyTHJVOWdaMXRPeFFRSzJKR2JFOFpjo2NpZNkgb3dyQlBkVXlWV3YxRWVPeDFWSmZ0blFaN2h3ZUJTUlM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.247.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-247-108.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5cb6d889affd5d8a9e42657b2229455bbf29c9f973722a6b930abbae84116f8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://login.headway.co
Referer
https://login.headway.co/

Response headers

x-amz-version-id
y5PnvdS9dFcr.muB8Dbf1KsjOs_sXvAQ
etag
"23fc369bb7d5eb79cec540e77fd420d1"
age
2225
x-cache
Hit from cloudfront
x-amz-cf-id
1_BqmXBiLl2QHTh7TSs4by_Gkc1K7s6iXo9T3hIp3jnRe966Thh8eg==
date
Fri, 06 Dec 2024 12:25:13 GMT
content-type
binary/octet-stream
last-modified
Fri, 22 Mar 2024 20:26:36 GMT
vary
Origin
x-frame-options
SAMEORIGIN
via
1.1 f272f18064d81ea799c663dff05f02d8.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
https://login.headway.co
content-length
75952
x-xss-protection
1
x-amz-cf-pop
ORD51-C4
server
AmazonS3
x-amz-server-side-encryption
AES256
favicon.ico
headway.co/
3 KB
4 KB
Other
General
Full URL
https://headway.co/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e14869f7e8b4f395abf26164ffa9d4a4c79640bd78731b0d18258a55c09d47f0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=631138519
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"group":"browser-intake-datadoghq","max_age":10886400,"endpoints":[{"url":"https://browser-intake-datadoghq.com/api/v2/logs?dd-evp-origin=content-security-policy&ddsource=csp-report&dd-api-key=pubf70c6617a9da53eefac5ea86a9f0f8a1&ddtags=env%3Aproduction%2Cservice%3Amarketing%2Cversion%3A449abbd9ea2e4aefcadd56c7aa15dbfe8a46c797"}]}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8edc72caab36ac34-YYZ
expires
-1
content-security-policy-report-only
default-src 'self'; img-src 'self' data: https://gravatar.com https://maps.googleapis.com https://maps.gstatic.com https://cdn.builder.io https://www.googletagmanager.com https://i.ytimg.com/ https://js.chilipiper.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.rudderlabs.com https://www.googletagmanager.com https://maps.googleapis.com https://cdn.plaid.com https://static.zdassets.com/ https://go.headway.co https://munchkin.marketo.net https://js.chilipiper.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://calendly.com https://assets.calendly.com https://go.headway.co; connect-src 'self' https://*.launchdarkly.com https://*.rudderstack.com https://maps.googleapis.com *.sentry.io https://ekr.zdassets.com https://cdn.builder.io https://api.chilipiper.com https://*.mktoresp.com https://headway-production-protected-assets.s3.amazonaws.com; font-src 'self' https://fonts.gstatic.com; frame-src https://cdn.plaid.com https://go.headway.co https://www.youtube.com/ https://headway-production-protected-assets.s3.amazonaws.com; report-to browser-intake-datadoghq
date
Fri, 06 Dec 2024 12:58:36 GMT
content-type
image/x-icon
server
cloudflare
x-frame-options
DENY

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sigmund.headway.co
URL
blob:https://sigmund.headway.co/bba6362c-059d-4361-910b-1fb91deb6d30
Domain
api-iam.intercom.io
URL
https://api-iam.intercom.io/messenger/web/launcher_settings
Domain
api-iam.intercom.io
URL
https://api-iam.intercom.io/messenger/web/ping

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ulpFlags

15 Cookies

Domain/Path Name / Value
.headway.co/ Name: __cf_bm
Value: uXiol0Prp4LOe_Xu_e0W3jTii1XZSOUcSvtVdRTMuGA-1733489913-1.0.1.1-wsNzrwI52LLUjRGGIdoxDhpLMmO5PR7YGTT24kRMk8xF1Fn.K4A3I5SPRNfNXfFE3hQb.upRjC0RyZGq3xwSHQ
.headway.co/ Name: rl_user_id
Value: RudderEncrypt%3AU2FsdGVkX18rwX4g73RPSXWG6pwW3I2j0qvHjBKitxk%3D
.headway.co/ Name: rl_trait
Value: RudderEncrypt%3AU2FsdGVkX18u3AyEof952CDG9iDp1dPNvQ%2B6zgSIBug%3D
.headway.co/ Name: rl_group_id
Value: RudderEncrypt%3AU2FsdGVkX1%2Bhv%2FuJNWMVPF45FetXDbyPHkapVZfgvwE%3D
.headway.co/ Name: rl_group_trait
Value: RudderEncrypt%3AU2FsdGVkX1%2FCbyponRVQLJrAa1wB0HvyIA78vXaMCmM%3D
.headway.co/ Name: rl_anonymous_id
Value: RudderEncrypt%3AU2FsdGVkX19ze1S2uiaAkA9iw2P96UwjGPbXEGgjz67Tl865k38adMXjWPAI3RjGTOL4qMd3rZw7xRgp64R%2FgA%3D%3D
.headway.co/ Name: rl_page_init_referrer
Value: RudderEncrypt%3AU2FsdGVkX19XFp%2FBKXvskaEKR8DWCqeodhQeVe0YnoU%3D
.headway.co/ Name: rl_page_init_referring_domain
Value: RudderEncrypt%3AU2FsdGVkX18rVHwlflZ6zjutfvH7TxNe%2FOV68RakmWA%3D
.headway.co/ Name: rl_session
Value: RudderEncrypt%3AU2FsdGVkX19g0J3YwR2BoxoFRDlzYfCz3CPVQYjyjMQP9iagwH825DUpXQRcCpzl9RCmmMbfIIafhOEUjSV9c4yqz7eSBBjlry9ekCw6nf74vE8%2FgYZ2Qsf7hfmNYOzpbCsvymiBj8cHdrWTO7ctzA%3D%3D
login.headway.co/ Name: did
Value: s%3Av0%3A304fe899-5cec-4cf7-9122-46d8e394967d.UTsQzGzsOgQL99Goj8d%2F5Sg8anq4lVmxRhzu7sZpVsY
login.headway.co/ Name: auth0
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMU1sTqEUh46yBbOlaVu-CSz1w8lmxJjOsDwwc8_vk8Om6xPRzsWYrf5m_3Dh5pc5qkfu997I0O_Ru6NxfRjjnGmY29va2llg6dleHBpcmVz1_--Qg4AZ1bpe65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.dpeuJt%2FviBLTIe0Qex%2Bz1w1AkX6CLzaZv1sBTwAitQs
login.headway.co/ Name: did_compat
Value: s%3Av0%3A304fe899-5cec-4cf7-9122-46d8e394967d.UTsQzGzsOgQL99Goj8d%2F5Sg8anq4lVmxRhzu7sZpVsY
login.headway.co/ Name: auth0_compat
Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQMU1sTqEUh46yBbOlaVu-CSz1w8lmxJjOsDwwc8_vk8Om6xPRzsWYrf5m_3Dh5pc5qkfu997I0O_Ru6NxfRjjnGmY29va2llg6dleHBpcmVz1_--Qg4AZ1bpe65vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.dpeuJt%2FviBLTIe0Qex%2Bz1w1AkX6CLzaZv1sBTwAitQs
.headway.co/ Name: hw_session
Value: eyJpZCI6IjgzMWY2MzVlLTgxMDItNGJjYS1iYmNlLWNiZTkzYzdiMDc2ZCIsIm5vd0luTWludXRlcyI6Mjg4OTE0OTh9
.headway.co/ Name: hw_session.sig
Value: AO4PPq1NeUT8Z8qHd-DCIPAobTI

1 Console Messages

Source Level URL
Text
network error URL: https://api.headway.co/api/sigmund/me
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.headway.co
api.rudderstack.com
assets.headway.co
cdn.auth0.com
cdn.rudderlabs.com
findheadwaumps.dataplane.rudderstack.com
fonts.googleapis.com
headway.co
js.intercomcdn.com
js.stripe.com
login.headway.co
sentry.io
sigmund.headway.co
use.fontawesome.com
widget.intercom.io
api-iam.intercom.io
sigmund.headway.co
108.138.64.17
172.66.0.171
18.154.227.129
2600:9000:26c1:e200:16:a497:9700:93a1
2600:9000:28a9:1400:10:474e:104a:2961
2606:4700:3036::6815:1b98
2606:4700::6813:a718
2607:f8b0:4004:c1f::5f
35.186.247.156
52.22.248.30
52.85.151.23
52.85.247.108
99.84.188.39
99.84.188.9
26b52931e9e5f24b8b9ab99b62d5be4353b29c16fddc8e3b7b15112a68a99613
30d3b6f18bd35158d72f39105a33567c183dfbd750b815320fa042b21439ca00
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
48efa359a07ee48b90996e03c87b8ffeec0cd64103f861b818fddf2761805246
4b8d0011b252cc3fe682a05e4aa71f9670d7dcf2423ec67a0548e0f22d68c011
5deda1350a5fe21d7a09f44d006ba2243f660b5a916b19cb3b5b83cf8b4cd8f5
7f12af2df773cc4a554f932a77f09d0f3b613fe6fa92c7745ab8329cb86dc7e0
853ad95a58d9d64b36ff1a2d0232f7cbe249c78c15bd71b9e640cd84701c74a6
88ad47a45792aa767fca025812b7cbc196fbd6a9ea1d6e4158bd06beaff52bc7
a5cb6d889affd5d8a9e42657b2229455bbf29c9f973722a6b930abbae84116f8
b64471a80a6405aef70e8302a7a638fbaefb5939aec12b797428ec48c1eba975
e14869f7e8b4f395abf26164ffa9d4a4c79640bd78731b0d18258a55c09d47f0
eee7283bce47f63001396d58cace92f57058ea0c5ee546579e841609a359d52e
f31d4c13d8d7d4f4386ac7718a903f49d20bc0fefbef51f3258302dc68d8d66c