urlscan.io logo urlscan.io
SecurityTrails logo

app.charthop.com Open in urlscan Pro
2600:9000:214f:4a00:1c:12c8:2240:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.charthop.com/account/basic-sign-up
Submission: On October 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 2600:9000:214f:4a00:1c:12c8:2240:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.charthop.com. The Cisco Umbrella rank of the primary domain is 491098.
TLS certificate: Issued by Amazon on July 20th 2022. Valid for: a year.
This is the only time app.charthop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2600:9000:214... 16509 (AMAZON-02)
1 2a04:4e42::729 54113 (FASTLY)
1 13.32.27.86 16509 (AMAZON-02)
1 35.188.42.15 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.209.206.206 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
25 9
15    2600:9000:214f:4a00:1c:12c8:2240:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.charthop.com
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
1    13.32.27.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-86.fra56.r.cloudfront.net
cdn.heapanalytics.com
1    35.188.42.15 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
3    2a00:1450:4001:828::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    18.209.206.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-206-206.compute-1.amazonaws.com
heapanalytics.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
15 charthop.com
app.charthop.com — Cisco Umbrella Rank: 491098
11 MB
5 google.com
apis.google.com — Cisco Umbrella Rank: 112
accounts.google.com — Cisco Umbrella Rank: 83
44 KB
2 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 3060
heapanalytics.com — Cisco Umbrella Rank: 2611
43 KB
1 gstatic.com
www.gstatic.com
35 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 307
406 B
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4078
17 KB
25 6
Domain Requested by
15 app.charthop.com app.charthop.com
3 accounts.google.com apis.google.com
app.charthop.com
www.gstatic.com
2 apis.google.com app.charthop.com
apis.google.com
1 www.gstatic.com accounts.google.com
1 heapanalytics.com
1 sentry.io app.charthop.com
1 cdn.heapanalytics.com app.charthop.com
1 browser.sentry-cdn.com app.charthop.com
25 8

This site contains no links.

Subject Issuer Validity Valid
*.charthop.com
Amazon		 2022-07-20 -
2023-08-18		 a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
cdn.heapanalytics.com
Amazon		 2022-07-29 -
2023-08-27		 a year crt.sh
sentry.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-03 -
2023-07-04		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
heapanalytics.com
Amazon		 2021-12-09 -
2023-01-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://app.charthop.com/account/basic-sign-up
Frame ID: C803F06E41F0F413D93CFCF1EFD356B4
Requests: 22 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 985B351AE1FC161F4BADF4D957423B67
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ChartHop

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Page Statistics

25
Requests

100 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

10941 kB
Transfer

11980 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request basic-sign-up
app.charthop.com/account/ 		666 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.charthop.com/account/basic-sign-up
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2b592c0e984dd37b96bdcc09cc4eb5ba9b2738e6b91592cbfba2e561aa838660
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
666
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
content-type
text/html
date
Thu, 13 Oct 2022 20:33:57 GMT
etag
"0e82e54bcab12981b2a22216977f11bc"
last-modified
Thu, 13 Oct 2022 08:03:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
CloudFront
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-id
72y87WoCbMQqcuVO3r0_ThkXk9FvOQjjCM6_lkmpjnGO2QuetXVuUQ==
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
main.35e219aa.js
app.charthop.com/static/js/ 		10 MB
10 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.charthop.com/static/js/main.35e219aa.js
Requested by
Host: app.charthop.com
URL: https://app.charthop.com/account/basic-sign-up
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0f26b360c308b516b090d810ec5af168e9938a900f201e15fb0f846c23169e05
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/account/basic-sign-up
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 20:33:57 GMT
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
10302439
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Oct 2022 08:03:19 GMT
server
CloudFront
etag
"46aed53c76467e01eebcd6a1608a74b5-2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
ajc5hx7De7wx83g0nKuPQhkDwIEF8JtFehcIcaspZPXekxWr04bCvw==
main.911179ac.css
app.charthop.com/static/css/ 		428 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.charthop.com/static/css/main.911179ac.css
Requested by
Host: app.charthop.com
URL: https://app.charthop.com/account/basic-sign-up
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
d976ce3f73c51694aafc27de21b492dede4acf76952455dfd79abf9788e29e78
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/account/basic-sign-up
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 20:33:57 GMT
content-encoding
gzip
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Oct 2022 20:55:38 GMT
server
CloudFront
etag
W/"692e0d55064181f2eaf6f033af55bf0c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
x-amz-cf-id
hcQP0BR-2wFY4MwpWRgSiCgFBjwPuYGHJuT6R0pQpSPEjCZ8kFpsLQ==
bundle.min.js
browser.sentry-cdn.com/5.10.2/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.10.2/bundle.min.js
Requested by
Host: app.charthop.com
URL: https://app.charthop.com/account/basic-sign-up
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b21aab5846cf1186ada1b08277fc26d8a925b8b5b5b7d9c2bb8ec42ddd8ebf81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://app.charthop.com/
Origin
https://app.charthop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 20:33:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 09 Dec 2019 12:26:09 GMT
server
Fastly
age
3141912
etag
"479c7c6992f8ea33c0376885465733a8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17032
expires
Thu, 07 Sep 2023 11:48:44 GMT
config.json
app.charthop.com/ 		1000 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.charthop.com/config.json
Requested by
Host: app.charthop.com
URL: https://app.charthop.com/static/js/main.35e219aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
65093618e34d7fd428fed1d52874dc1f82a5a78c9a7bf7c39b3c6571b13db20c
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/account/basic-sign-up
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 20:33:59 GMT
content-encoding
gzip
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Oct 2022 20:55:48 GMT
server
CloudFront
etag
W/"006d3b94fa18501d5bfefc60513630b3"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json
x-amz-cf-id
mKquJNjREMVVmYeYgD9l0KlR8y6v_mAmJ1PzWxoRKxStZwdnX3jMkw==
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/webp
pdf.worker.entry.66dd5b8e.worker.js
app.charthop.com/static/js/ 		637 KB
187 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.charthop.com/static/js/pdf.worker.entry.66dd5b8e.worker.js
Requested by
Host: app.charthop.com
URL: https://app.charthop.com/account/basic-sign-up
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
be0a6aa957e24fc04e287c6531f46f2f1b61a6111316dc406d250e2d491d553b
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/account/basic-sign-up
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 20:33:59 GMT
content-encoding
gzip
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Oct 2022 20:55:42 GMT
server
CloudFront
etag
W/"8a1f0985408f99c070cc200262e522e4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
aji_aAF6DElQ5N40PS5y0UnslovUyBR4hO6O67NwE3JlIhXLvHt2EQ==
heap-614944240.js
cdn.heapanalytics.com/js/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-614944240.js
Requested by
Host: app.charthop.com
URL: https://app.charthop.com/account/basic-sign-up
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-86.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
3d7d8748a67b847a1da58367dc00324d0d1718bae5902259c4221e1e5faa7fb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 20:32:27 GMT
content-encoding
gzip
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
FRA56-C2
age
91
etag
W/"1b5ce-d2tBJ5sH1VML1/psmONqlw"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jfkgYqa4oeg3W3tQCMK2j6C9X8AmE3J9w5YySsBQKZ8gBPsM4CX7fg==
/
sentry.io/api/1210866/envelope/ 		2 B
406 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1210866/envelope/?sentry_key=eb51c4c8bd0d44f0b3a15d7118328c7d&sentry_version=7
Requested by
Host: app.charthop.com
URL: https://app.charthop.com/static/js/main.35e219aa.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.charthop.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 13 Oct 2022 20:33:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
vary
Origin
Content-Type
application/json
access-control-allow-origin
https://app.charthop.com
access-control-expose-headers
retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
2
charthop-wordmark-white.svg
app.charthop.com/assets/images/rebrand/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.charthop.com/assets/images/rebrand/charthop-wordmark-white.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
855d73197e7f774ea74e70c67ab114237367c9b052b404f8860b5e4eb27172b0
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/account/basic-sign-up
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 20:33:59 GMT
content-encoding
gzip
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 06 Oct 2022 19:16:21 GMT
server
CloudFront
etag
W/"fe4177e09b5ac2c32058f0008cd8f0db"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
x-amz-cf-id
Z-tlZtkmifr1hiAQp_qI0usNvObfB4WS-y79tHsdg63Y2qbW9jZiug==
rounded-corner-half-circle-purple.svg
app.charthop.com/assets/images/rebrand/sign-up/ 		353 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.charthop.com/assets/images/rebrand/sign-up/rounded-corner-half-circle-purple.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ba2abf5aa0405f4cdf17855be2707fba7a29000591e1aa32fe117b4d4f29c4fd
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/account/basic-sign-up
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 20:33:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
353
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Oct 2022 08:03:24 GMT
server
CloudFront
etag
"b11f1b3bd161b93947c404dba63f75f6"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
qAq3GV6IFRDXuyHqadwYtt81aMsnKNxsKUkL_CROo418FU1P1WZXMQ==
charthop-logo-black.svg
app.charthop.com/assets/images/rebrand/sign-up/ 		6 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.charthop.com/assets/images/rebrand/sign-up/charthop-logo-black.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
70c1fd32b84040d87bfd4921dfb8e0f237f662a9d0876a9035c18f9f361293a4
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/account/basic-sign-up
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 20:33:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
content-encoding
gzip
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Oct 2022 08:03:24 GMT
server
CloudFront
etag
W/"ec52161ce6648d75b6c14ba59d3df555"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
x-amz-cf-id
U42t_9xdA8r0P_Z4Yy1syegurtLrAieGVEvgoD7Q-T9IoaXKQW_TtQ==
google.svg
app.charthop.com/assets/images/icons/ 		689 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.charthop.com/assets/images/icons/google.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9d3631b5ddd7e057f2167921ac1b79fe3c879cc7e62f9ec5b6ebbfa076b57cb9
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/account/basic-sign-up
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 20:33:59 GMT
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
689
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Oct 2022 20:55:44 GMT
server
CloudFront
etag
"f6ce5696e634677f94343db90b9f66dd"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
d3_eaWFZNdLlIELdBWXw0nUNJdA_YWyjmwVuMK5nw0xZhxVXGz-ZKQ==
microsoft.svg
app.charthop.com/assets/images/icons/ 		272 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.charthop.com/assets/images/icons/microsoft.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
3d41251f93127b4b42c2f69fa423d204946cf9c307d786ea36b8d9bef4179282
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/account/basic-sign-up
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 20:33:59 GMT
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
272
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Oct 2022 20:55:44 GMT
server
CloudFront
etag
"363fdd53d34303b727d9dab161b8e88b"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
o3-PiynJRoncEH8MT5Z0F9aXnqq9SGxcWkuJKw4pFghOmFDdY5zCwQ==
bottom-left-doughnut-white.svg
app.charthop.com/assets/images/rebrand/sign-up/ 		491 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.charthop.com/assets/images/rebrand/sign-up/bottom-left-doughnut-white.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4d54116c27352fb20ee3ce51cf2fa63d55d7b256b530390a7f2e937c5fd5dd66
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/account/basic-sign-up
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 20:33:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
491
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Oct 2022 08:03:24 GMT
server
CloudFront
etag
"24356f2ec11e4a4573d376c0a1f835b8"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
10zr5Y8tmIqMKYtBK6vzEZr1jp4UWHfaMR82Y-FSbGzZ3eTTlwyXcg==
top-right-doughnut-purple.svg
app.charthop.com/assets/images/rebrand/sign-up/ 		460 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.charthop.com/assets/images/rebrand/sign-up/top-right-doughnut-purple.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
a2ebc58065085a2c5ad0ebb55364af0effb997a4b88d969a1047168f3b7c41de
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/account/basic-sign-up
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 20:33:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
460
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 13 Oct 2022 08:03:24 GMT
server
CloudFront
etag
"34e2e1df295d5fba34e72c6aa62abdbf"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
x-amz-cf-id
B2aaHHQAjBGzws35VY80eIIv0GbgWqOuj9p9P4YmWEzThNqPCApXxA==
font.384d5e069de25bd0ee2c.woff2
app.charthop.com/static/media/ 		156 KB
158 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.charthop.com/static/media/font.384d5e069de25bd0ee2c.woff2
Requested by
Host: app.charthop.com
URL: https://app.charthop.com/static/css/main.911179ac.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
f4dec1a7d242ca306909b04a8f69b5ef95862aa933dc92b5111a29c4a61347b6
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.charthop.com/static/css/main.911179ac.css
Origin
https://app.charthop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 20:33:59 GMT
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
159732
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 06 Oct 2022 19:16:19 GMT
server
CloudFront
etag
"8ab71115179912de810817a4bcf5f115"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
nvByY4Z5t-twSYccyjlqn_ghjeClqTMZMmypqKTXLUg4w8XT4xlQKw==
font.f101c88a9254003aa5f5.woff2
app.charthop.com/static/media/ 		147 KB
149 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.charthop.com/static/media/font.f101c88a9254003aa5f5.woff2
Requested by
Host: app.charthop.com
URL: https://app.charthop.com/static/css/main.911179ac.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ec6c2c40625934f802924653221e2653c87931445a0df0b57325e5963fdc0197
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.charthop.com/static/css/main.911179ac.css
Origin
https://app.charthop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 20:33:59 GMT
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
150784
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Oct 2022 20:55:42 GMT
server
CloudFront
etag
"5308e7e8ff25967398ab5cf3d7e5c3e6"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
dmCC5vzo5QzXy68wI1d3c1YKYvppPcQXtGjvSfOtW-dGsKOg8PenHQ==
font.6c32b169a45eaea891c7.woff2
app.charthop.com/static/media/ 		150 KB
152 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://app.charthop.com/static/media/font.6c32b169a45eaea891c7.woff2
Requested by
Host: app.charthop.com
URL: https://app.charthop.com/static/css/main.911179ac.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:4a00:1c:12c8:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c19f796972386513c237f24732c060c52ac415f55e565ef95413014f5e296d92
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.charthop.com/static/css/main.911179ac.css
Origin
https://app.charthop.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 20:33:59 GMT
via
1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
153516
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 12 Oct 2022 20:55:42 GMT
server
CloudFront
etag
"8afc9c304e48565aaac44b1cbda29b87"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
Z8R1SZZQwc-qrtayE4BqQQ1BExTA1AahXJ9XfbNy1hLiEgbqU48oNQ==
api.js
apis.google.com/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: app.charthop.com
URL: https://app.charthop.com/static/js/main.35e219aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21ca574192971f57bd01e98b21b9082a4df9d369043d0d57146bceb5fe0a3b9d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 13 Oct 2022 20:33:58 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5565
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"89ba6855a68a87f2"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Oct 2022 20:33:58 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/ 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a17fc9f326fc2b2f9f290ef004383d7dc046f777c6efe021fc52194c1d404dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 18:13:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
267657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36464
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Oct 2023 18:13:01 GMT
iframe
accounts.google.com/o/oauth2/ Frame 985B 		280 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.s6oManI66bc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9oD5eGLv8eFxYnPS4KbfEER71gIQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d88a1597e273d702c69183f1acaf01cbb03f6bada4d59eea71dfef1e0baccd5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-QsjijXjdTvXWqzmL6MgMlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.charthop.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-QsjijXjdTvXWqzmL6MgMlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 13 Oct 2022 20:33:58 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
h
heapanalytics.com/ 		37 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=614944240&u=7646222222124106&v=7881658263239531&s=817186181458734&b=web&tv=4.0&z=0&h=%2Faccount%2Fbasic-sign-up&d=app.charthop.com&t=ChartHop&ts=1665693238298&st=1665693238301
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.209.206.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-209-206-206.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.charthop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 20:33:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-PqzQEyMQ6kTK11azeKO8Bw"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 985B 		2 KB
847 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: app.charthop.com
URL: https://app.charthop.com/account/basic-sign-up
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5aaa9b2ac59e2a59cdee14a4e317380f102783421133019534f92b891c08eeb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Thu, 13 Oct 2022 20:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.O-K3HC-Wbho.es5.O/d=1/rs=AOaEmlGdIvqOSuXOIbFncrFknBNRFxCh8Q/ Frame 985B 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.O-K3HC-Wbho.es5.O/d=1/rs=AOaEmlGdIvqOSuXOIbFncrFknBNRFxCh8Q/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fedd4922ba44ec7c3dce64469364fc59cb7290d054861f60e02101a293d5092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 04:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
231899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34880
x-xss-protection
0
last-modified
Sat, 08 Oct 2022 03:40:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 04:08:59 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 985B 		49 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fapp.charthop.com&client_id=813215612260-4cncua7d2k5sg7lbs40evv2rv8lguo0s.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.O-K3HC-Wbho.es5.O/d=1/rs=AOaEmlGdIvqOSuXOIbFncrFknBNRFxCh8Q/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-WseRmxMUorujfes4G5BPNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 20:33:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-WseRmxMUorujfes4G5BPNA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-encoding
gzip
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
content-type
application/json; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Thu, 13 Oct 2022 20:33:58 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Sentry object| __SENTRY__ function| setImmediate function| clearImmediate number| 2f1acc6c3a606b082e5eef5e54414ffb object| core object| TreemapSquared function| SVG object| Apex function| ApexCharts function| _ function| Hammer object| regeneratorRuntime object| ace object| heap object| activeRenewals object| renewStates object| callbackMappedToRenewStates object| promiseMappedToRenewStates object| msal object| gapi object| ___jsl object| osapi object| __sentry_instrumentation_handlers__

4 Cookies

Domain/Path Name / Value
.app.charthop.com/ Name: G_ENABLED_IDPS
Value: google
.charthop.com/ Name: _hp2_id.614944240
Value: %7B%22userId%22%3A%227646222222124106%22%2C%22pageviewId%22%3A%227881658263239531%22%2C%22sessionId%22%3A%22817186181458734%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.google.com/ Name: NID
Value: 511=XPrIJlexBQ6UwmcRDAJCoXOAUVxSV_mDWydJlIgCBUXLUbE4tPqdKnWO3_BNTnB8bXxCpj1NxQvx0ruHzeXeIhrUYGw8t7sUmT7D3WRmwpDSk0Q-_rjjvb8gm2cLCfJ4bk4SqyhFGF_ZM9xRz_VJj6xJPZkezQm-JpMN8gmiIwM
.charthop.com/ Name: _hp2_ses_props.614944240
Value: %7B%22ts%22%3A1665693238298%2C%22d%22%3A%22app.charthop.com%22%2C%22h%22%3A%22%2Faccount%2Fbasic-sign-up%22%7D

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' blob: https://*.charthop.com wss://*.charthop.com https://apis.google.com https://accounts.google.com https://ssl.gstatic.com https://login.microsoftonline.com https://login.live.com https://login.windows.net https://browser.sentry-cdn.com https://sentry.io https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://js.stripe.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://recaptcha.google.com/recaptcha/ https://cdn.heapanalytics.com https://heapanalytics.com https://delighted.com https://web.delighted.com https://d2yyd1h5u9mauk.cloudfront.net 'sha256-/jYbfD8BPB1CzaNkF3Q4Uz+RgZqcXZG79MGtB26xjJo=' 'sha256-jTr/Ah2dtChYo5cVGao/ZPkd+5i9yH9KSmDRlf/szAo=' 'sha256-qzyBjjmpzZ2Y2zktJ45PwrJvsXtLyoRIIGLVHAoCQxk=' 'sha256-RwJ1kTylYSOkPTi6ugcvNLX2lAw04e/Y7Nh6KCI6k68=' 'sha256-vlmUxmX0U+2YtcEXjSzdNTQWZ18lo1msAi0QN5Ptp68=' 'sha256-ACs9I574NgbCCA4bRzKapCQuDJ4TfKNoG/P9YcrnNl4=' ; worker-src 'self' blob: ; img-src 'self' https://*.charthop.com https://heapanalytics.com data: blob: ; object-src 'none' ; style-src 'self' 'unsafe-inline' https://*.tiles.mapbox.com https://api.mapbox.com https://events.mapbox.com https://heapanalytics.com ; font-src 'self' https://heapanalytics.com data:
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
app.charthop.com
browser.sentry-cdn.com
cdn.heapanalytics.com
heapanalytics.com
sentry.io
www.gstatic.com
13.32.27.86
18.209.206.206
2600:9000:214f:4a00:1c:12c8:2240:93a1
2a00:1450:4001:802::2003
2a00:1450:4001:802::200e
2a00:1450:4001:828::200d
2a04:4e42::729
35.188.42.15
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0a17fc9f326fc2b2f9f290ef004383d7dc046f777c6efe021fc52194c1d404dd
0f26b360c308b516b090d810ec5af168e9938a900f201e15fb0f846c23169e05
21ca574192971f57bd01e98b21b9082a4df9d369043d0d57146bceb5fe0a3b9d
2b592c0e984dd37b96bdcc09cc4eb5ba9b2738e6b91592cbfba2e561aa838660
2d88a1597e273d702c69183f1acaf01cbb03f6bada4d59eea71dfef1e0baccd5
3d41251f93127b4b42c2f69fa423d204946cf9c307d786ea36b8d9bef4179282
3d7d8748a67b847a1da58367dc00324d0d1718bae5902259c4221e1e5faa7fb5
3fedd4922ba44ec7c3dce64469364fc59cb7290d054861f60e02101a293d5092
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4d54116c27352fb20ee3ce51cf2fa63d55d7b256b530390a7f2e937c5fd5dd66
5aaa9b2ac59e2a59cdee14a4e317380f102783421133019534f92b891c08eeb2
65093618e34d7fd428fed1d52874dc1f82a5a78c9a7bf7c39b3c6571b13db20c
70c1fd32b84040d87bfd4921dfb8e0f237f662a9d0876a9035c18f9f361293a4
855d73197e7f774ea74e70c67ab114237367c9b052b404f8860b5e4eb27172b0
9d3631b5ddd7e057f2167921ac1b79fe3c879cc7e62f9ec5b6ebbfa076b57cb9
a2ebc58065085a2c5ad0ebb55364af0effb997a4b88d969a1047168f3b7c41de
b21aab5846cf1186ada1b08277fc26d8a925b8b5b5b7d9c2bb8ec42ddd8ebf81
ba2abf5aa0405f4cdf17855be2707fba7a29000591e1aa32fe117b4d4f29c4fd
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be0a6aa957e24fc04e287c6531f46f2f1b61a6111316dc406d250e2d491d553b
c19f796972386513c237f24732c060c52ac415f55e565ef95413014f5e296d92
d976ce3f73c51694aafc27de21b492dede4acf76952455dfd79abf9788e29e78
ec6c2c40625934f802924653221e2653c87931445a0df0b57325e5963fdc0197
f4dec1a7d242ca306909b04a8f69b5ef95862aa933dc92b5111a29c4a61347b6