urlscan.io logo urlscan.io
SecurityTrails logo

deloitte.staging.guider.app Open in urlscan Pro
2620:1ec:bdf::45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://deloitte.staging.guider.app/
Effective URL: https://deloitte.staging.guider.app/
Submission: On October 19 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 30 HTTP transactions. The main IP is 2620:1ec:bdf::45, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is deloitte.staging.guider.app.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 8th 2022. Valid for: a year.
This is the only time deloitte.staging.guider.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2620:1ec:bdf::45 8068 (MICROSOFT...)
4 34.102.211.197 396982 (GOOGLE-CL...)
2 52.236.186.217 8075 (MICROSOFT...)
16 35.190.70.79 15169 (GOOGLE)
30 4
Apex Domain
Subdomains		 Transfer
20 sanity.io
wrhtm9cw.apicdn.sanity.io
cdn.sanity.io — Cisco Umbrella Rank: 16889
18 MB
8 guider.app
deloitte.staging.guider.app
1 MB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 770
282 B
30 3
Domain Requested by
16 cdn.sanity.io
8 deloitte.staging.guider.app deloitte.staging.guider.app
4 wrhtm9cw.apicdn.sanity.io deloitte.staging.guider.app
2 dc.services.visualstudio.com deloitte.staging.guider.app
30 4

This site contains links to these domains. Also see Links.

Domain
www.guider-ai.com
guider-ai.com
www.google.com
Subject Issuer Validity Valid
deloitte.staging.guider.app
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-08 -
2023-07-08		 a year crt.sh
*.apicdn.sanity.io
Sectigo RSA Domain Validation Secure Server CA		 2022-10-04 -
2023-11-04		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 05		 2022-09-07 -
2023-09-02		 a year crt.sh
*.sanity.io
Sectigo RSA Domain Validation Secure Server CA		 2022-10-04 -
2023-11-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://deloitte.staging.guider.app/
Frame ID: 4D241EFABF091965A69590B24A3D8415
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Guider

Page URL History Show full URLs

  1. http://deloitte.staging.guider.app/ HTTP 307
    https://deloitte.staging.guider.app/ Page URL

Page Statistics

30
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

19726 kB
Transfer

23481 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://deloitte.staging.guider.app/ HTTP 307
    https://deloitte.staging.guider.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
deloitte.staging.guider.app/
Redirect Chain
  • http://deloitte.staging.guider.app/
  • https://deloitte.staging.guider.app/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deloitte.staging.guider.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cc64944322b8e03f81fceb6455b6033c657fb1c2b42f9f810e1bdb493d2a881d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=300
content-encoding
br
content-md5
QLV2bnj8mxC3sS09w+EL5Q==
content-type
text/html
date
Wed, 19 Oct 2022 13:33:49 GMT
etag
"0x8DAB113682CA27A"
last-modified
Tue, 18 Oct 2022 14:16:53 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-azure-ref
0vfxPYwAAAADdqzjYfEmWSqeaXJmX5hoHQlJVMzBFREdFMDQxMwBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
x-azure-ref-originshield
0vfxPYwAAAAB33WipIzqyTZ7TNL3X9yMIQU1TMDRFREdFMTgwNgBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
x-cache
TCP_MISS
x-ms-request-id
7d7032a2-401e-002c-50bf-e33795000000
x-ms-version
2018-03-28

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://deloitte.staging.guider.app/
Non-Authoritative-Reason
HSTS
main.0adbd141.js
deloitte.staging.guider.app/static/js/ 		4 MB
741 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deloitte.staging.guider.app/static/js/main.0adbd141.js
Requested by
Host: deloitte.staging.guider.app
URL: https://deloitte.staging.guider.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
767da86dfc609c4bb8b977a05cfd028990e78ba74fc22b2a321e893c48169e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 13:33:49 GMT
content-encoding
br
last-modified
Tue, 18 Oct 2022 14:16:55 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
z4Pa/r/zsgQ4B1KcXUunUQ==
x-azure-ref-originshield
0vfxPYwAAAAD/54d/1JEsR5jGC40ZMuY1QU1TMDRFREdFMTkyMgBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
etag
"0x8DAB113696A109A"
x-azure-ref
0vfxPYwAAAAD5sKT2kd7RSYZyMfPjvhIFQlJVMzBFREdFMDQxMwBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
x-cache
TCP_MISS
content-type
application/javascript
x-ms-request-id
642f1b39-701e-0055-73bf-e3cbb1000000
x-ms-version
2018-03-28
accept-ranges
bytes
main.bf5d981c.css
deloitte.staging.guider.app/static/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://deloitte.staging.guider.app/static/css/main.bf5d981c.css
Requested by
Host: deloitte.staging.guider.app
URL: https://deloitte.staging.guider.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f23a5f4bea289123fb4180776fd5da7cbac9af1f1c220f851a09b81f31f2cb95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 13:33:49 GMT
content-encoding
br
last-modified
Tue, 18 Oct 2022 14:16:58 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
Jg9mGPhNEaDgFZYFzvDFHQ==
x-azure-ref-originshield
0vfxPYwAAAABAJ9NSk2IoQYcSdcuEBf30QU1TMDRFREdFMTkyMQBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
etag
"0x8DAB1136AD8278B"
x-azure-ref
0vfxPYwAAAABQPipfhNTBR5bUsw/CeuGVQlJVMzBFREdFMDQxMwBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
x-cache
TCP_MISS
content-type
text/css
x-ms-request-id
718de623-c01e-001d-12bf-e3d686000000
x-ms-version
2018-03-28
accept-ranges
bytes
logo-guider-g.caea52bc62ce404b4412f89463ecdc58.svg
deloitte.staging.guider.app/static/media/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deloitte.staging.guider.app/static/media/logo-guider-g.caea52bc62ce404b4412f89463ecdc58.svg
Requested by
Host: deloitte.staging.guider.app
URL: https://deloitte.staging.guider.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
787a0bfb8a6db6e261298c423a33e79d0c5b9fc7651df78360d5340e918f7356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 13:33:50 GMT
content-encoding
br
last-modified
Tue, 18 Oct 2022 14:16:56 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
1xaaWNcPspJz/J5Y6EVFGw==
x-azure-ref-originshield
0vvxPYwAAAAAI68WP0EKhT6GFWY0vMUTwQU1TMDRFREdFMTgwOQBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
etag
"0x8DAB1136A177FEE"
x-azure-ref
0vvxPYwAAAAC92RfkgZXyTqxpUOXBkeJOQlJVMzBFREdFMDQxMwBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
x-cache
TCP_MISS
content-type
image/svg+xml
x-ms-request-id
e630c52b-201e-003a-20bf-e3c142000000
x-ms-version
2018-03-28
accept-ranges
bytes
powered-by-guider.d89912994c40a20b1f0b9729b689ec29.svg
deloitte.staging.guider.app/static/media/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deloitte.staging.guider.app/static/media/powered-by-guider.d89912994c40a20b1f0b9729b689ec29.svg
Requested by
Host: deloitte.staging.guider.app
URL: https://deloitte.staging.guider.app/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b9ef6515041e723cebaf458c9907f8ad0de2bf54736008446b1d4ccd7f70c4e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 13:33:50 GMT
content-encoding
br
last-modified
Tue, 18 Oct 2022 14:16:57 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
a8jeNFadx8zEZVKO8t6p7w==
x-azure-ref-originshield
0vvxPYwAAAAC4NPNBnvuHQ46uEHvx4XsqQU1TMDRFREdFMTgyMgBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
etag
"0x8DAB1136A7DDA31"
x-azure-ref
0vvxPYwAAAADfvqJXRwJiQr/nG108yEauQlJVMzBFREdFMDQxMwBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
x-cache
TCP_MISS
content-type
image/svg+xml
x-ms-request-id
ae6142f7-901e-005d-06bf-e3d1be000000
x-ms-version
2018-03-28
accept-ranges
bytes
Inter-Regular.c8ba52b05a9ef10f4758.woff2
deloitte.staging.guider.app/static/media/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deloitte.staging.guider.app/static/media/Inter-Regular.c8ba52b05a9ef10f4758.woff2
Requested by
Host: deloitte.staging.guider.app
URL: https://deloitte.staging.guider.app/static/css/main.bf5d981c.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer
https://deloitte.staging.guider.app/static/css/main.bf5d981c.css
Origin
https://deloitte.staging.guider.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 13:33:50 GMT
last-modified
Tue, 18 Oct 2022 14:16:57 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
3BMRE4lCF7UDEABXXZ3gAg==
x-azure-ref-originshield
0vvxPYwAAAAApVIPmF4UvT5n1XjoHnstaQU1TMDRFREdFMTkyMgBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
etag
"0x8DAB1136ABBC852"
x-azure-ref
0vvxPYwAAAACe2eQqNmgYSp8N7RL7MUPVQlJVMzBFREdFMDQxMwBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
x-cache
TCP_MISS
content-type
application/octet-stream
x-ms-request-id
3e8ede5b-f01e-0016-68bf-e32ded000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
98868
staging
wrhtm9cw.apicdn.sanity.io/v2022-02-14/data/query/ 		153 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrhtm9cw.apicdn.sanity.io/v2022-02-14/data/query/staging?query=*%5B_type%20%3D%3D%20%22organization%22%20%26%26%20basic_info.subdomain.current%20%3D%3D%20%22deloitte%22%5D%7B%0A%20%20%20%20...%2C%0A%20%20%20%20%22languageCode%22%3A%20basic_info.default_user_language-%3Elanguage_code%2C%0A%20%20%20%20%22countryCode%22%3A%20basic_info.default_user_language-%3Ecountry_code%2C%0A%20%20%20%20%22learning_hub%22%3A%20%7B%0A%20%20%20%20%20%20...learning_hub%2C%20%0A%20%20%20%20%20%20%22layout%22%3A%20learning_hub.layout%5B%5D%7B%0A%20%20%20%20%20%20%20%20...%2C%0A%20%20%20%20%20%20%20%20%22tile_group_content_group%22%3A%20tile_group_content_group-%3E%7B%0A%20%20%20%20%20%20%20%20%20%20...%2C%0A%20%20%20%20%20%20%20%20%20%20%22content%22%3A%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20...content%2C%0A%20%20%20%20%20%20%20%20%20%20%20%20%22content_references%22%3A%20content.content_references%5B%5D-%3E%0A%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%7D%0A%20%20%7D
Requested by
Host: deloitte.staging.guider.app
URL: https://deloitte.staging.guider.app/static/js/main.0adbd141.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.211.197 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
197.211.102.34.bc.googleusercontent.com
Software
/
Resource Hash
7732d7d14317387501991cdb3891e98d0d90d921b0e1d22fbe8c1a05ad7ba217
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://deloitte.staging.guider.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-sanity-shard
gcp-eu-w1-01-prod-1022
date
Wed, 19 Oct 2022 13:33:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
via
1.1 google
access-control-max-age
600
x-sanity-age
0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://deloitte.staging.guider.app
access-control-expose-headers
Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
cache-control
public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary
accept-encoding, origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
track
dc.services.visualstudio.com/v2/ 		96 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: deloitte.staging.guider.app
URL: https://deloitte.staging.guider.app/static/js/main.0adbd141.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
629be986bf275a88007d9424eeed1f699536e2aa5949599d0f195835e607b824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://deloitte.staging.guider.app/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
DF8D4F8B-05B6-49BE-89D1-56FFF00A35C7
strict-transport-security
max-age=31536000
date
Wed, 19 Oct 2022 13:33:50 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://deloitte.staging.guider.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Wed, 19 Oct 2022 13:33:50 GMT
x-content-type-options
nosniff
staging
wrhtm9cw.apicdn.sanity.io/v2022-02-14/data/query/ 		86 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrhtm9cw.apicdn.sanity.io/v2022-02-14/data/query/staging?query=*%5B_type%20%3D%3D%20%22program%22%20%26%26%20program_details.program_status%20%3D%3D%20%22published%22%20%26%26%20references(%222813f445-1081-4617-aa71-e2ad7633e05a%22)%5D%7B%0A%20%20%20%20...%2C%0A%20%20%20%20%22programType%22%3A%20program_details.program_type-%3E%0A%20%20%7D
Requested by
Host: deloitte.staging.guider.app
URL: https://deloitte.staging.guider.app/static/js/main.0adbd141.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.211.197 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
197.211.102.34.bc.googleusercontent.com
Software
/
Resource Hash
8e8aa9f3caad11619e301c619b5212b4da16dafc7b0043d8eeb3f9f45af64d81
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://deloitte.staging.guider.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-sanity-shard
gcp-eu-w1-01-prod-1022
date
Wed, 19 Oct 2022 13:33:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
via
1.1 google
access-control-max-age
600
x-sanity-age
0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://deloitte.staging.guider.app
access-control-expose-headers
Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
cache-control
public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary
accept-encoding, origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
665a9caaa0364a1176769f7a4a470ba133bd1ed2-1440x1377.svg
cdn.sanity.io/images/wrhtm9cw/staging/ 		220 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/665a9caaa0364a1176769f7a4a470ba133bd1ed2-1440x1377.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
706ac8ffe36606340cee7a7b77f04d08f56c614a05454e51931745bea72b649d
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:52 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
336ce2cf372704aff707d11dec2cdcbc
x-varnish-age
0
x-b3-parentspanid
24a1736314ad2d3f
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
220
last-modified
Tue, 05 Jul 2022 14:14:54 GMT
vary
origin, accept-encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
b3ce0a2c3bc805fd
x-b3-sampled
0
accept-ranges
bytes
ea74899d42e141a7604323f24bcab84e5864dfe3-1652x937.png
cdn.sanity.io/images/wrhtm9cw/staging/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/ea74899d42e141a7604323f24bcab84e5864dfe3-1652x937.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
10384bdbf29f5f7b34c31b00180d3cd2c9db457e829428468fa323441b3f7860
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:53 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
475b8a0521b4a0821c37d575f9418b5f
x-varnish-age
0
x-b3-parentspanid
eafdeb430c680a83
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2005643
last-modified
Tue, 05 Jul 2022 12:26:24 GMT
vary
origin
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
d04ec290dd983f51
x-b3-sampled
0
accept-ranges
bytes
f09293fbad12584fdf314690e2dbb9fa8fcc8d9e-4096x2731.png
cdn.sanity.io/images/wrhtm9cw/staging/ 		14 MB
14 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/f09293fbad12584fdf314690e2dbb9fa8fcc8d9e-4096x2731.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
07f589c20728ad1dbe7af5f81c84cbcc0ec7ed6ac060e5ad51ca3dd5aa2dca5c
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:22:03 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
ec19850b49a332e0a398bd4572a12241
x-varnish-age
709
x-b3-parentspanid
6a8a8089034d683c
vha6-origin
image-varnish-ssd-1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15003760
last-modified
Thu, 22 Sep 2022 09:13:00 GMT
vary
origin
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
63d94ff410c25624
x-b3-sampled
0
accept-ranges
bytes
f4103ae88f900d6d5619cfd80fb8b0e47fa40114-1440x651.svg
cdn.sanity.io/images/wrhtm9cw/staging/ 		211 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/f4103ae88f900d6d5619cfd80fb8b0e47fa40114-1440x651.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
7d9c77a86035632ee39aacb322980f862cd71dc835853bd61db721cf0806964b
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:52 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
063dc69b9547c386e29db0e9cbf0b968
x-varnish-age
0
x-b3-parentspanid
e26deb997138248b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
last-modified
Wed, 06 Jul 2022 16:48:28 GMT
vary
origin, accept-encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
8fb53744386ae171
x-b3-sampled
0
accept-ranges
bytes
Inter-SemiBold.b5f0f109bc88052d4000.woff2
deloitte.staging.guider.app/static/media/ 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deloitte.staging.guider.app/static/media/Inter-SemiBold.b5f0f109bc88052d4000.woff2
Requested by
Host: deloitte.staging.guider.app
URL: https://deloitte.staging.guider.app/static/css/main.bf5d981c.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer
https://deloitte.staging.guider.app/static/css/main.bf5d981c.css
Origin
https://deloitte.staging.guider.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 13:33:52 GMT
last-modified
Tue, 18 Oct 2022 14:16:56 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
AHrTGlP0qz9Y7nTyMISCzg==
x-azure-ref-originshield
0wPxPYwAAAABkSj8fzIThSYbJ6zDQB4h5QU1TMDRFREdFMTgwNgBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
etag
"0x8DAB11369FB47C2"
x-azure-ref
0wPxPYwAAAACfKaw3pFEFRph0sMwVJb4gQlJVMzBFREdFMDQxMwBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
x-cache
TCP_MISS
content-type
application/octet-stream
x-ms-request-id
642f23c0-701e-0055-46bf-e3cbb1000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
105804
Inter-Medium.293fd13dbca5a3e450ef.woff2
deloitte.staging.guider.app/static/media/ 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://deloitte.staging.guider.app/static/media/Inter-Medium.293fd13dbca5a3e450ef.woff2
Requested by
Host: deloitte.staging.guider.app
URL: https://deloitte.staging.guider.app/static/css/main.bf5d981c.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6

Request headers

Referer
https://deloitte.staging.guider.app/static/css/main.bf5d981c.css
Origin
https://deloitte.staging.guider.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 13:33:52 GMT
last-modified
Tue, 18 Oct 2022 14:16:56 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
ddtTGefofFhwGaXfCNcnLA==
x-azure-ref-originshield
0wPxPYwAAAAA+L203dNGiRYEHp5uToovxQU1TMDRFREdFMTkxNgBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
etag
"0x8DAB11369C1ED25"
x-azure-ref
0wPxPYwAAAAAnfPUzxQXIQq0MSD5niiq+QlJVMzBFREdFMDQxMwBhODViNjlmNy05MmVkLTQ2MWEtYjYwZC02ZGEzOTJiNzE5ZGY=
x-cache
TCP_MISS
content-type
application/octet-stream
x-ms-request-id
9a16a802-201e-0048-19bf-e3c60d000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
105924
staging
wrhtm9cw.apicdn.sanity.io/v2022-02-14/data/query/ 		147 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrhtm9cw.apicdn.sanity.io/v2022-02-14/data/query/staging?query=*%5B_type%20%3D%3D%20%22base_languages%22%5D%7B%0A%20%20%20%20...%0A%20%20%7D
Requested by
Host: deloitte.staging.guider.app
URL: https://deloitte.staging.guider.app/static/js/main.0adbd141.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.211.197 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
197.211.102.34.bc.googleusercontent.com
Software
/
Resource Hash
60b6684517a371994986a8708a7f836a936c4bf95aa3de1ac733779ce6639d9f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://deloitte.staging.guider.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-sanity-shard
gcp-eu-w1-01-prod-1022
date
Wed, 19 Oct 2022 13:33:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
via
1.1 google
access-control-max-age
600
x-sanity-age
0
content-type
application/json; charset=utf-8
access-control-allow-origin
https://deloitte.staging.guider.app
access-control-expose-headers
Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
cache-control
public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
vary
accept-encoding, origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
staging
wrhtm9cw.apicdn.sanity.io/v2022-02-14/data/query/ 		147 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrhtm9cw.apicdn.sanity.io/v2022-02-14/data/query/staging?query=*%5B_type%20%3D%3D%20%22base_languages%22%5D%7B%0A%20%20%20%20...%0A%20%20%7D
Requested by
Host: deloitte.staging.guider.app
URL: https://deloitte.staging.guider.app/static/js/main.0adbd141.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.211.197 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
197.211.102.34.bc.googleusercontent.com
Software
/
Resource Hash
60b6684517a371994986a8708a7f836a936c4bf95aa3de1ac733779ce6639d9f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json
Referer
https://deloitte.staging.guider.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-sanity-shard
gcp-eu-w1-01-prod-1022
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
via
1.1 google
date
Wed, 19 Oct 2022 13:33:52 GMT
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22044
vary
accept-encoding, origin
access-control-max-age
600
content-type
application/json; charset=utf-8
access-control-allow-origin
https://deloitte.staging.guider.app
access-control-expose-headers
Content-Type, Content-Length, ETag, X-Sanity-Deprecated, X-Sanity-Warning
x-sanity-age
0
cache-control
public, max-age=60, s-maxage=60, stale-while-revalidate=15, stale-if-error=7200
accept-ranges
bytes
dc713800da0b9aa8aecbe5fe6babd419c7d48c20-2000x435.png
cdn.sanity.io/images/wrhtm9cw/staging/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/dc713800da0b9aa8aecbe5fe6babd419c7d48c20-2000x435.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
de4fe95dfc3cefb469dfa0475894142044d4239243047fed657ea30562302bb1
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:53 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
042b4efc4c94f17143c05eab6c1f0bfe
x-varnish-age
0
x-b3-parentspanid
7c39e74da6329821
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26552
last-modified
Tue, 21 Jun 2022 13:29:50 GMT
vary
origin
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
146f0ba44712415c
x-b3-sampled
0
accept-ranges
bytes
a2ffe557a601b2168dda5492c885f521e3172679-1178x1020.png
cdn.sanity.io/images/wrhtm9cw/staging/ 		239 KB
239 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/a2ffe557a601b2168dda5492c885f521e3172679-1178x1020.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e314ef5bd3a9a50318aa88485275f774d02173fd3697349866c01440827fd047
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:16:28 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
fa8644f0d16f4d82e5e8f68f881650a6
x-varnish-age
1044
x-b3-parentspanid
41b3dfadea98d7d7
vha6-origin
image-varnish-ssd-0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
245006
last-modified
Mon, 04 Jul 2022 16:40:31 GMT
vary
origin
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
79b900d90ce77948
x-b3-sampled
0
accept-ranges
bytes
5795aa10dda2c235ad76d1ef46abfd82ea8c87dd-111x25.svg
cdn.sanity.io/images/wrhtm9cw/staging/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/5795aa10dda2c235ad76d1ef46abfd82ea8c87dd-111x25.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
95609ce2c88ebe21077d0b6e958613d5b7d382ce3b4714735d6d05c83e387e24
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:52 GMT
content-encoding
br
xkey
project-wrhtm9cw-staging
x-b3-traceid
b3cd24ce22ee0fbea0c6e1b67f833f26
via
1.1 google
x-varnish-age
0
x-b3-parentspanid
5b2a741bf7e37e08
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Mon, 04 Jul 2022 10:52:20 GMT
vary
Accept-Encoding, origin, accept-encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
43d73c91fa851cc2
x-b3-sampled
0
accept-ranges
bytes
aedf45092823c5b8561e580df39a7e0508772b5d-55x46.svg
cdn.sanity.io/images/wrhtm9cw/staging/ 		675 B
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/aedf45092823c5b8561e580df39a7e0508772b5d-55x46.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e35fb19949b3a305929ccc45d87bc7eddf85d8c5afa6eac03a9d798ae95eb2a1
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:52 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
19240cb3c3aab20d4df275c1cd178612
x-varnish-age
0
x-b3-parentspanid
88acb8bf31547588
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
675
last-modified
Mon, 04 Jul 2022 10:52:33 GMT
vary
origin, accept-encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
c83f95e9bb2d2b52
x-b3-sampled
0
accept-ranges
bytes
b70ad0ad242a524973e28f2226883714cbbe7ce4-95x25.svg
cdn.sanity.io/images/wrhtm9cw/staging/ 		2 KB
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/b70ad0ad242a524973e28f2226883714cbbe7ce4-95x25.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
2b81b5848f13ab92724614631d5948b753b3271d735682216cd62e3800dc6c57
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:52 GMT
content-encoding
br
xkey
project-wrhtm9cw-staging
x-b3-traceid
9141733ce02f13bdf9d2e7f33d78fcb7
via
1.1 google
x-varnish-age
0
x-b3-parentspanid
7d31d15db46a0323
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified
Mon, 04 Jul 2022 10:53:18 GMT
vary
Accept-Encoding, origin, accept-encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
ee624c231a3048cf
x-b3-sampled
0
accept-ranges
bytes
640f28cc0c6f46066d70438fa7880ca847242dd3-55x55.svg
cdn.sanity.io/images/wrhtm9cw/staging/ 		947 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/640f28cc0c6f46066d70438fa7880ca847242dd3-55x55.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
171e56dc88a582be3b2c854e5c9761871d2c8c5f226cc53c6165b5b96d418b9a
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:52 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
4fe5a14aeb755ee9f67f38441cca0516
x-varnish-age
0
x-b3-parentspanid
695058fde053a4ef
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
947
last-modified
Mon, 04 Jul 2022 10:52:41 GMT
vary
origin, accept-encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
7a5c7582b566d33f
x-b3-sampled
0
accept-ranges
bytes
118689cfd66e6d27eb449acb6e87657bf276384d-315x301.png
cdn.sanity.io/images/wrhtm9cw/staging/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/118689cfd66e6d27eb449acb6e87657bf276384d-315x301.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
3486880566d37cc0b6982cef37bc91f8a47713056396f5d659de8b0e7ebc0165
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:53 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
6eebd3d27c978b59e0e4579911d38ef7
x-varnish-age
0
x-b3-parentspanid
f4a6373251978a00
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94189
last-modified
Thu, 22 Sep 2022 09:06:50 GMT
vary
origin
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
94d9e30169d20377
x-b3-sampled
0
accept-ranges
bytes
0af157b318ca7457936d10f007ffe02915b2b018-237x297.png
cdn.sanity.io/images/wrhtm9cw/staging/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/0af157b318ca7457936d10f007ffe02915b2b018-237x297.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
bea8f9bb9d6b04b519a9b0dbe60fd45fbb05c2a5b3ee48009181bf97cbb512e9
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:53 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
c459b34341dd40d79e52939eaf7496e3
x-varnish-age
0
x-b3-parentspanid
9517e2168e13a333
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111108
last-modified
Mon, 26 Sep 2022 09:49:13 GMT
vary
origin
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
234e157714ce7c7f
x-b3-sampled
0
accept-ranges
bytes
6e55cc9fb6ec7a10758539bb9f9549da8049055f-94x68.svg
cdn.sanity.io/images/wrhtm9cw/staging/ 		399 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/6e55cc9fb6ec7a10758539bb9f9549da8049055f-94x68.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
d9a366b9b1520894f5541251ceb185115ee4a462902bfca0c4a4b41ab953f231
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:52 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
3d985b854a9bc1f5dc8ddce32605299f
x-varnish-age
0
x-b3-parentspanid
b970b0ca91ccff5d
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
399
last-modified
Wed, 06 Jul 2022 17:01:56 GMT
vary
origin, accept-encoding
content-type
image/svg+xml
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
2931cea213845f4c
x-b3-sampled
0
accept-ranges
bytes
1b813e1efcc1ffece1c862832ab0d9494be863d5-3744x5616.jpg
cdn.sanity.io/images/wrhtm9cw/staging/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/1b813e1efcc1ffece1c862832ab0d9494be863d5-3744x5616.jpg?w=800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
5eaf67a8e11619339ba6935cd3cc902296a49eb469175d64091cb863432a2107
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:52 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
5389fe6b91872470e639a1f8b0487dd9
x-varnish-age
0
x-b3-parentspanid
bc451924c90ea1f8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49850
last-modified
Mon, 26 Sep 2022 09:51:38 GMT
vary
origin
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
30b3bac3faa40608
x-b3-sampled
0
accept-ranges
bytes
202fe5efd15e373982ae29ac828926d65282757a-660x759.png
cdn.sanity.io/images/wrhtm9cw/staging/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/202fe5efd15e373982ae29ac828926d65282757a-660x759.png?w=800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
524c8fa67368c25690c85e8dd30607fdf30ccf7613c1dc486f190bb21f0c5eba
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:53 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
caa170362e5067828e808259bf3cd949
x-varnish-age
0
x-b3-parentspanid
55ee2841b5144b05
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1409841
last-modified
Wed, 06 Jul 2022 16:24:40 GMT
vary
origin
content-type
image/png
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
ac94e3d9950f62c4
x-b3-sampled
0
accept-ranges
bytes
cf94da09d422e9b3958c6dbfcbffc3c13df4c098-4016x6016.jpg
cdn.sanity.io/images/wrhtm9cw/staging/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.sanity.io/images/wrhtm9cw/staging/cf94da09d422e9b3958c6dbfcbffc3c13df4c098-4016x6016.jpg?w=800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.70.79 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
79.70.190.35.bc.googleusercontent.com
Software
/
Resource Hash
5d5a0d0679ee662b96a8dfad00f776d53ddd168fbf4fe57c710ce262dce3bda5
Security Headers
Name Value
Content-Security-Policy script-src 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deloitte.staging.guider.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'
x-sanity-asset-storage
gcs-default
x-content-type-options
nosniff
date
Wed, 19 Oct 2022 13:33:53 GMT
via
1.1 google
xkey
project-wrhtm9cw-staging
x-b3-traceid
8ec0e779f1d72b332f5c99a25d664eea
x-varnish-age
0
x-b3-parentspanid
1351e63c77e9bb20
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77944
last-modified
Tue, 05 Jul 2022 20:50:56 GMT
vary
origin
content-type
image/jpeg
cache-control
public, max-age=31536000, s-maxage=2592000
x-b3-spanid
6210588be9cc712b
x-b3-sampled
0
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __dynProto$Gbl boolean| ___TYPEWRITER_JS_STYLES_ADDED___

2 Cookies

Domain/Path Name / Value
deloitte.staging.guider.app/ Name: ai_user
Value: S2jfGdsKfuiamMUfi+Cwp8|2022-10-19T13:33:50.411Z
deloitte.staging.guider.app/ Name: ai_session
Value: pS2GZz5WVZw6P3q69nPrfJ|1666186430722|1666186430722

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.sanity.io
dc.services.visualstudio.com
deloitte.staging.guider.app
wrhtm9cw.apicdn.sanity.io
2620:1ec:bdf::45
34.102.211.197
35.190.70.79
52.236.186.217
07f589c20728ad1dbe7af5f81c84cbcc0ec7ed6ac060e5ad51ca3dd5aa2dca5c
10384bdbf29f5f7b34c31b00180d3cd2c9db457e829428468fa323441b3f7860
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
171e56dc88a582be3b2c854e5c9761871d2c8c5f226cc53c6165b5b96d418b9a
1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6
2b81b5848f13ab92724614631d5948b753b3271d735682216cd62e3800dc6c57
3486880566d37cc0b6982cef37bc91f8a47713056396f5d659de8b0e7ebc0165
524c8fa67368c25690c85e8dd30607fdf30ccf7613c1dc486f190bb21f0c5eba
5d5a0d0679ee662b96a8dfad00f776d53ddd168fbf4fe57c710ce262dce3bda5
5eaf67a8e11619339ba6935cd3cc902296a49eb469175d64091cb863432a2107
60b6684517a371994986a8708a7f836a936c4bf95aa3de1ac733779ce6639d9f
629be986bf275a88007d9424eeed1f699536e2aa5949599d0f195835e607b824
706ac8ffe36606340cee7a7b77f04d08f56c614a05454e51931745bea72b649d
767da86dfc609c4bb8b977a05cfd028990e78ba74fc22b2a321e893c48169e8a
7732d7d14317387501991cdb3891e98d0d90d921b0e1d22fbe8c1a05ad7ba217
787a0bfb8a6db6e261298c423a33e79d0c5b9fc7651df78360d5340e918f7356
7d9c77a86035632ee39aacb322980f862cd71dc835853bd61db721cf0806964b
8e8aa9f3caad11619e301c619b5212b4da16dafc7b0043d8eeb3f9f45af64d81
95609ce2c88ebe21077d0b6e958613d5b7d382ce3b4714735d6d05c83e387e24
b9ef6515041e723cebaf458c9907f8ad0de2bf54736008446b1d4ccd7f70c4e6
bea8f9bb9d6b04b519a9b0dbe60fd45fbb05c2a5b3ee48009181bf97cbb512e9
cc64944322b8e03f81fceb6455b6033c657fb1c2b42f9f810e1bdb493d2a881d
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d9a366b9b1520894f5541251ceb185115ee4a462902bfca0c4a4b41ab953f231
de4fe95dfc3cefb469dfa0475894142044d4239243047fed657ea30562302bb1
e314ef5bd3a9a50318aa88485275f774d02173fd3697349866c01440827fd047
e35fb19949b3a305929ccc45d87bc7eddf85d8c5afa6eac03a9d798ae95eb2a1
f23a5f4bea289123fb4180776fd5da7cbac9af1f1c220f851a09b81f31f2cb95