au.cynchsec.com Open in urlscan Pro
151.101.1.195 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://au.cynchsec.com/
Submission Tags: krdtest
Submission: On September 18 via api (September 18th 2021, 10:45:00 am UTC) from JP — Scanned from DE

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 65 HTTP transactions. The main IP is 151.101.1.195, located in United States and belongs to FASTLY, US. The main domain is au.cynchsec.com.
TLS certificate: Issued by GTS CA 1D4 on September 15th 2021. Valid for: 3 months.

This is the only time au.cynchsec.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
3	18.66.122.97 18.66.122.97	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:cc00:2:c605:29c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4016:809::200a	15169 (GOOGLE) (GOOGLE)
1 2	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223e:8800:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.167.194.245 35.167.194.245	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:b658	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
65	16

38 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

au.cynchsec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.122.97 (United States)

ASN16509 (AMAZON-02, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:cc00:2:c605:29c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4016:809::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.76.21.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

api.faviconkit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223e:8800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.167.194.245 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-194-245.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b658 (United States)

ASN13335 (CLOUDFLARENET, US)

cynchsec.report-uri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	cynchsec.com au.cynchsec.com	578 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	70 KB
6	googleapis.com fonts.googleapis.com firebase.googleapis.com firebaseinstallations.googleapis.com	3 KB
5	stripe.com js.stripe.com m.stripe.com	70 KB
2	stripe.network m.stripe.network	20 KB
2	faviconkit.com 1 redirects api.faviconkit.com	1 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
1	report-uri.com cynchsec.report-uri.com	726 B
1	doubleclick.net stats.g.doubleclick.net	339 B
1	google.com analytics.google.com	368 B
1	typeform.com embed.typeform.com	54 KB
0	google.de Failed www.google.de Failed
65	12

	Domain	Requested by
38	au.cynchsec.com	au.cynchsec.com
4	fonts.gstatic.com	fonts.googleapis.com
3	js.stripe.com	au.cynchsec.com js.stripe.com
2	www.gstatic.com
2	m.stripe.com	m.stripe.network
2	m.stripe.network	js.stripe.com m.stripe.network
2	firebaseinstallations.googleapis.com	au.cynchsec.com
2	firebase.googleapis.com	au.cynchsec.com
2	api.faviconkit.com	1 redirects au.cynchsec.com
2	fonts.googleapis.com	au.cynchsec.com
2	www.googletagmanager.com	au.cynchsec.com www.googletagmanager.com
1	cynchsec.report-uri.com	au.cynchsec.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	embed.typeform.com	au.cynchsec.com
0	www.google.de Failed	au.cynchsec.com
65	16

This site contains no links.

Subject Issuer	Validity	Valid
floatr.net GTS CA 1D4	`2021-09-15` - `2021-12-14`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
*.typeform.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
api.faviconkit.com R3	`2021-09-12` - `2021-12-11`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.report-uri.com R3	`2021-08-09` - `2021-11-07`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://au.cynchsec.com/
Frame ID: A3F79CAD4FAABBDBE583F1A797396B9B
Requests: 57 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Frame ID: DE7E9E112C7DB80DCD1730D1693C1717
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: D88A93490C66C77B8C9E444966F5743E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cynch | Cyber Fitness Platform

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

65
Requests

98 %
HTTPS

73 %
IPv6

12
Domains

16
Subdomains

16
IPs

4
Countries

874 kB
Transfer

3075 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://api.faviconkit.com//96 HTTP 308
https://api.faviconkit.com/96

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
au.cynchsec.com/ 2 KB
2 KB 68ms
8ms Document
text/html 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8eec8fc717a64688f07b0678f91a15c70f8f0dcda096c8b64a65ccfae7eae77d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:method: GET
:authority: au.cynchsec.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
content-encoding: br
content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-type: text/html; charset=utf-8
etag: "d2dcb271571fe3ca26a175a47b75abb1a73a404287df35da890cf967ce0319cd-br"
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
referrer-policy: strict-origin
strict-transport-security: max-age=31556926
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
accept-ranges: bytes
date: Sat, 18 Sep 2021 10:44:54 GMT
x-served-by: cache-fra19148-FRA
x-cache: HIT
x-cache-hits: 1
x-timer: S1631961895.765009,VS0,VE1
vary: x-fh-requested-host, accept-encoding
content-length: 515

GET
H2 200 v3 Show response
js.stripe.com/ 252 KB
67 KB 90ms
22ms Script
application/javascript 18.66.122.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5b9862c91e2742469cc312245e954ac34453a0b987b0bf08751708cb2994d3f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 10:44:27 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 28
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: 91V27MJXRDFE592Z
x-amz-id-2: HFnWowkc68RFNbstxM4HR7pkwg+eokqbh847h4pbCaVanirpS32/OedZd/Dku25bjp7ze9j8CdQ=
last-modified: Fri, 17 Sep 2021 22:34:00 GMT
server: AmazonS3
etag: W/"6fb68e6561c400eafa63f7b66571b087"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: CCHIl8Mz6rQTp3G2w9HQrMSvZckA5-ltCUDE-0WQqT1M8dfM0RBPfQ==

GET
H2 200 embed.js Show response
embed.typeform.com/ 166 KB
54 KB 65ms
8ms Script
application/x-javascript 2600:9000:225e:cc00:2:c605:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.typeform.com/embed.js
Requested by: Host: au.cynchsec.com
URL: https://au.cynchsec.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:cc00:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5a06d30f076b8f2528468513a6c4c5ab7dd4e6d7906917662908d58f4ace6aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 10:42:47 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 12:13:14 GMT
server: AmazonS3
age: 128
etag: W/"33702e05c8b925fd7fdba3817fd31af9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: YsU7g05Ru8i9S_7f6fOtfqsQdIxUD60GmEQmJFRHoVT-pDUHdSnVCA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
34 KB 41ms
18ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10891b0647de51ef698ca340e3815719d4a22964f259b5134e21aa9c91079bd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 10:44:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34331
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Sep 2021 10:44:54 GMT

GET
H2 200 styles.d6b4ecc03dced4bbfe79.css
au.cynchsec.com/ 74 KB
11 KB 270ms
269ms Stylesheet
text/css 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/styles.d6b4ecc03dced4bbfe79.css

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dee96caf34adb5764e1492109c99862ec0262ece42bee115963084f14db4dae9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /styles.d6b4ecc03dced4bbfe79.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 10723
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961895.794846,VS0,VE262
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/css; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "873ebf9ce2e0fdcb5a959caf72b40b75a471c117d86b2f5018cbefeb9a333e1b-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 runtime-es2015.6cfb30407ef7cc4c8d31.js Show response
au.cynchsec.com/ 4 KB
2 KB 289ms
288ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

584b884ad45b7fa85c42845d12416359b0c1123c08e9c9575082527b858f8d64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /runtime-es2015.6cfb30407ef7cc4c8d31.js
pragma: no-cache
origin: https://au.cynchsec.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.cynchsec.com/
Origin: https://au.cynchsec.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 2031
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961895.795008,VS0,VE281
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "99d04fee456107caf35c7a47c3976d35f3fb2034a26e5aae86cecef006c74d0c-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 polyfills-es2015.4a3f2aad13b902b0c1cd.js Show response
au.cynchsec.com/ 36 KB
11 KB 364ms
363ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

713194e6a1e3992d0ce4bb01959c0d35745f4a498336550a88b1db90c7f7fb94

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /polyfills-es2015.4a3f2aad13b902b0c1cd.js
pragma: no-cache
origin: https://au.cynchsec.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.cynchsec.com/
Origin: https://au.cynchsec.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 11249
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961895.795159,VS0,VE356
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "aac9a08953fa936f0a807c87f319c1d43481453ca1db749d06307acfdaff5c56-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 main-es2015.277e1f6e391a8dcaf9dd.js Show response
au.cynchsec.com/ 2 MB
390 KB 608ms
608ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/main-es2015.277e1f6e391a8dcaf9dd.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5ade83e322eac22d73b12c85aca47b212cbaea9f1dac05aa17d7ba11bf6ade5b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /main-es2015.277e1f6e391a8dcaf9dd.js
pragma: no-cache
origin: https://au.cynchsec.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://au.cynchsec.com/
Origin: https://au.cynchsec.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 398848
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961895.795244,VS0,VE600
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "c4dae7c7ae9a76a3838e209eea853200f3dc9bc75fadea6abfbc07ddde89700a-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 73ms
30ms Stylesheet
text/css 2a00:1450:4016:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/styles.d6b4ecc03dced4bbfe79.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4016:809::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d58a30fcfbffc91a5f721e1fdca35bf56a59d26ddc9a809e6f8b1c031fc65c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 08:56:44 GMT
server: ESF
date: Sat, 18 Sep 2021 10:44:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Sep 2021 10:44:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
718 B 85ms
43ms Stylesheet
text/css 2a00:1450:4016:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat&family=Rubik&display=swap

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/styles.d6b4ecc03dced4bbfe79.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4016:809::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca855134fd40616db4616cfcfab11e0a56cb83c0d54d850a2f69858b65f179d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 18 Sep 2021 10:44:55 GMT
server: ESF
date: Sat, 18 Sep 2021 10:44:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Sep 2021 10:44:55 GMT

GET
H2 200 common-es2015.412672eace49cce687f5.js Show response
au.cynchsec.com/ 4 KB
2 KB 9ms
8ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/common-es2015.412672eace49cce687f5.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

13643d8393c32e516174e2f6b43325d74839e73ad628a79ab912deadba0fb1ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /common-es2015.412672eace49cce687f5.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 1421
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.538554,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "07017fba229e9a21dff74c1b6de0f03818273822183e0d3f162207062b28c2a4-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 39-es2015.eb09d5c7334a0d7e0080.js Show response
au.cynchsec.com/ 39 KB
8 KB 273ms
273ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/39-es2015.eb09d5c7334a0d7e0080.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3d680f2fe96d6ea9937f3483ab368b43c9803be23d3d4274024600f8fdfa496f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /39-es2015.eb09d5c7334a0d7e0080.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 8237
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.538889,VS0,VE266
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "7c1b0435fb7690825d7977c2e6a978dfbd561da40af53d2e4161f2dd5d5ec5a3-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 72-es2015.f97960f7b61ee606a55b.js Show response
au.cynchsec.com/ 6 KB
1 KB 212ms
212ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/72-es2015.f97960f7b61ee606a55b.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ec636165c2a20c423f3bb43e0c6c928857872fbd9c419740b8220070718bb7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /72-es2015.f97960f7b61ee606a55b.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 1252
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.538950,VS0,VE205
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "a093199b40daea94a31e3a51ff65ebc726dc5ff80203bde59a90ff4a2995f8fe-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 56-es2015.c538f0b9057de9dfcc3f.js Show response
au.cynchsec.com/ 19 KB
4 KB 210ms
210ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/56-es2015.c538f0b9057de9dfcc3f.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

41405939d31b52ad7cc9cd07c8ad8289a7d66bea88d59d387bdf4b7679db2cdd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /56-es2015.c538f0b9057de9dfcc3f.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 4061
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.539100,VS0,VE203
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "3144b1e5620f226810a91ed716220e99c65da74da0cdc3f140548a57f3d6e96d-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 54-es2015.f698f296cd6b43b9dc70.js Show response
au.cynchsec.com/ 60 KB
8 KB 269ms
268ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/54-es2015.f698f296cd6b43b9dc70.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8cc8864b53112d955dd190bb8a0fe1c0351e177f598c4efac7bc0dda75a47ec1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /54-es2015.f698f296cd6b43b9dc70.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 6401
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.539230,VS0,VE261
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "bc7930f57a4dfce8a406164e2989810289345a8f59651b99208135f0b77a3913-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 47-es2015.8b4de7e75dee7e66a77b.js Show response
au.cynchsec.com/ 11 KB
1 KB 247ms
247ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/47-es2015.8b4de7e75dee7e66a77b.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ce721f9b8591d4b9efe9374b804575fb989af8eae5908e629f08f42893e263e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /47-es2015.8b4de7e75dee7e66a77b.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 1381
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.539405,VS0,VE240
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "2a805bbca7c773db137bf1063cc18996fceffa62fbab8150c5a316e2f0f5c031-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 44-es2015.e3c99ed0f1c8fb5a5a96.js Show response
au.cynchsec.com/ 11 KB
2 KB 217ms
217ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/44-es2015.e3c99ed0f1c8fb5a5a96.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fea2b3ebacff85507e8ca198a721898197ffd31b623b0b4e94cba302c90e1501

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /44-es2015.e3c99ed0f1c8fb5a5a96.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 1788
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.539555,VS0,VE209
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "301001b7e53d30b6cece0322d1360d3f8c8f3889b5897afb59607bf37095a093-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 40-es2015.41d2448b86107207c11a.js Show response
au.cynchsec.com/ 4 KB
2 KB 8ms
8ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/40-es2015.41d2448b86107207c11a.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

75735b06683e748b40c81e38add9a0019d4c582ae7fe3805c94be3f64106342b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /40-es2015.41d2448b86107207c11a.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 706
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.539929,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "2ce0fa34d2040515b1e449a3b5230740cd7e116890ad356248ca55fd7851b6cd-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 43-es2015.bd8a9502f93b210776ee.js Show response
au.cynchsec.com/ 24 KB
4 KB 307ms
306ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/43-es2015.bd8a9502f93b210776ee.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44381fcab27c367944317773810f84e922f992d06741b4316964bcfa3d14fd02

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /43-es2015.bd8a9502f93b210776ee.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 4205
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.540033,VS0,VE300
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "57e11f47cb5824b58bf7b3571a72058ee4b6a623330ed741731f02b962e81f61-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cynch_logo.png
au.cynchsec.com/assets/imgs/ 148 KB
113 KB 454ms
453ms Image
image/png 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://au.cynchsec.com/assets/imgs/cynch_logo.png

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0513b16411bc509a63d1043ed1485090c97ba4c06e56976c4d33dac06aa2f3f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /assets/imgs/cynch_logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 115272
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.548440,VS0,VE446
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: image/png
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "a159cdc261a74b92d1b2f5ebe5c7006cd840b9cbec79ce2434828637f62d2936-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

96
api.faviconkit.com/
Redirect Chain

https://api.faviconkit.com//96
https://api.faviconkit.com/96

779 B
991 B

413ms
413ms

Image
image/svg+xml

76.76.21.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.faviconkit.com/96

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5095fd61274d9b1544b44ffd0b61aaee01ae129f9312fcba35fb1061a8a708ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 10:44:55 GMT
x-http-error-message: Internal Server Error
server: Vercel
age: 0
x-vercel-id: fra1::bru1::t5fpn-1631961895610-8d04a86bce45
etag: W/"30b-bO/AL1CvVBjqcKM/OVGD3i3IcJM"
strict-transport-security: max-age=63072000
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400, s-max-age=86400, immutable
x-http-error-status: 500
x-vercel-cache: MISS
content-length: 779

Redirect headers

date: Sat, 18 Sep 2021 10:44:55 GMT
server: Vercel
x-vercel-id: fra1::t5fpn-1631961895601-92c3cb0cc62b
x-vercel-cache: MISS
strict-transport-security: max-age=63072000
content-type: text/plain
location: /96
cache-control: s-maxage=0
refresh: 0;url=/96

GET
H2 200 m-outer-9475bd26486e6119b23924eebd3d561a.html Show response
js.stripe.com/v3/ Frame DE7E 215 B
948 B 29ms
28ms Document
text/html 18.66.122.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://au.cynchsec.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: FDEgOiqqq0gI2TUwsqh+Gwg3RNh+EPW98rr531+PQ71keobMNoWyeeylhbnq65CUED38DHR1ikc=
x-amz-request-id: R76AXDSGZ5KCQAJD
last-modified: Wed, 01 Sep 2021 21:34:43 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Sat, 18 Sep 2021 10:44:12 GMT
cache-control: max-age=60
etag: "9475bd26486e6119b23924eebd3d561a"
x-cache: Hit from cloudfront
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-cf-id: s1EGvuksmbBpVPqqxLCRzaURkmVmIfMZmY4-VIlwGGXyxpQeZ2VkAQ==
age: 44

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:1000278075125:web:45dd3e1a671a35160547bc/ Frame 0
0 135ms
49ms Preflight
text/html 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:1000278075125:web:45dd3e1a671a35160547bc/webConfig

Protocol

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-goog-api-key
Origin: https://au.cynchsec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://au.cynchsec.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: x-goog-api-key
access-control-max-age: 3600
date: Sat, 18 Sep 2021 10:44:55 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:1000278075125:web:45dd3e1a671a35160547bc/ 341 B
426 B 533ms
532ms Fetch
application/json 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:1000278075125:web:45dd3e1a671a35160547bc/webConfig

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

155d5701c26f2890be2289fb653bfd131193939f76ebf707753a26338b08be20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://au.cynchsec.com/
x-goog-api-key: AIzaSyAajwY4IZLUuSqNxERdmhdZUnU7M5xfsXU
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 10:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://au.cynchsec.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 236
x-xss-protection: 0

GET
H2 200 20-es2015.958d9587dc4e45547be6.js Show response
au.cynchsec.com/ 2 KB
1 KB 222ms
221ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/20-es2015.958d9587dc4e45547be6.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bba80fd8502203f28466603c0a332a246ddafdb9c0d96b6193a8fd4171664ba6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /20-es2015.958d9587dc4e45547be6.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 1053
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.563976,VS0,VE215
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "1d8638cf6de65d846bf48bc62265ced00cf13c6ca0f895386f827168fead325f-br"
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/cynch-au/ 579 B
651 B 268ms
268ms Fetch
application/json 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/cynch-au/installations

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

952aac885de086dbdd3e06ccbc5fc2c75d47f43915d2f6f0fea05f7f585ba55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://au.cynchsec.com/
x-goog-api-key: AIzaSyAajwY4IZLUuSqNxERdmhdZUnU7M5xfsXU
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json

Response headers

date: Sat, 18 Sep 2021 10:44:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://au.cynchsec.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 461
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/cynch-au/ Frame 0
0 155ms
16ms Preflight
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/cynch-au/installations

Protocol

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key
Origin: https://au.cynchsec.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://au.cynchsec.com
vary: origin referer x-origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key
access-control-max-age: 3600
date: Sat, 18 Sep 2021 10:44:55 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 m-outer-f045e3b6b64aa0e635a6cabefc84daae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DE7E 1 KB
1 KB 18ms
17ms Script
application/javascript 18.66.122.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"01f873d478053c6a0368329ea08f7a10"
age: 34
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: 23Q7F0M73EF3BF00
x-amz-id-2: yCrpQoQ58YWpDOfXU5O2hk71MIXyLbG5nvkre1u2yO1UtwRjdbIlkuf3S9YyBc0uDlIBVoh0Nbc=
last-modified: Wed, 01 Sep 2021 21:34:46 GMT
server: AmazonS3
date: Sat, 18 Sep 2021 10:44:22 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA60-P2
timing-allow-origin: *
x-amz-cf-id: rvVqOpSfynJFq39hJomUScJ8S_zdpyZasB-BJkjZt49hLyQANxR0hw==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame D88A 932 B
1 KB 67ms
8ms Document
text/html 2600:9000:223e:8800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 16 Sep 2021 08:41:34 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Sat, 18 Sep 2021 10:43:04 GMT
cache-control: public, max-age=300
etag: W/"6143033e-3a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: GAgPmcbDWVehM82sBFeEHrBxL7JLTATjEPvtYE0sKox6QmZIoGNoBg==
age: 111

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame D88A 85 KB
19 KB 8ms
8ms Script
application/x-javascript 2600:9000:223e:8800:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223e:8800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"6143033e-154bc"
age: 101
x-cache: Hit from cloudfront
last-modified: Thu, 16 Sep 2021 08:41:34 GMT
server: nginx
date: Sat, 18 Sep 2021 10:43:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA56-P4
timing-allow-origin: *
x-amz-cf-id: A7QmyWCGpVg2iliHJ-81566LPZrip64gz0GEMxnXiDeJe8Pzb4VOBw==

POST
H2 200 6 Show response
m.stripe.com/ Frame D88A 156 B
517 B 513ms
167ms XHR
text/plain 35.167.194.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.167.194.245 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-167-194-245.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

66f22d412821b147517f6fdaa0862419d7d332e5830c240cbaa60f81af8b604b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 18 Sep 2021 10:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H2 200 71-es2015.a84656cf0754c03d7657.js Show response
au.cynchsec.com/ 5 KB
1 KB 8ms
8ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/71-es2015.a84656cf0754c03d7657.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3820260fe8598b5fe6fe005dfb9e7430147bf2e7775aa8adc4a24e4706dc156b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /71-es2015.a84656cf0754c03d7657.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 1200
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.798139,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "e316cd6fbc91c79a0530499170c2f387e92427b5bc277fca1acc8a90f9fc959a-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 5-es2015.ecc11b5321e01bcc6f98.js Show response
au.cynchsec.com/ 628 B
538 B 8ms
8ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/5-es2015.ecc11b5321e01bcc6f98.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f562249cd27248063baa002e9d6fe7e54d6e4513006a8baf9e040290fbdd5c1d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /5-es2015.ecc11b5321e01bcc6f98.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 394
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.815327,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "d6e978b7a7ad40058830fdcc7ae4264be9c73238dd1f05f4b1420b1457628c9c-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 42-es2015.230fefa18aa86788e9e6.js Show response
au.cynchsec.com/ 2 KB
659 B 8ms
8ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/42-es2015.230fefa18aa86788e9e6.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1d5ffbbe85345edb25bdd8ad3e8f043b0346a2e6a30e314e1f6a7d77fa5c3a9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /42-es2015.230fefa18aa86788e9e6.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 519
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.824624,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "42ebed557dcaf901336660e18b86f7ab388541b91e93a09d1b92c0fe4d92ea4b-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 person-circle-outline.svg Show response
au.cynchsec.com/svg/ 740 B
534 B 8ms
8ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/person-circle-outline.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ebc9e8b40c77673bea462408145f01e727ffcba5b08b83e31c3bc41ce134f4f6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/person-circle-outline.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 404
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.850524,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "4eec4b2b1473b54fdbfb8b900840a4156d86ba8872f04b470f19c9ef2567bacf-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 settings-outline.svg Show response
au.cynchsec.com/svg/ 1 KB
2 KB 143ms
143ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/settings-outline.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45f389e9bb74608c6c7c3e90dd0b2cdb300b94192c0cc9b4d00253fed7ece755

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/settings-outline.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 505
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.850744,VS0,VE136
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "0e36363941ecfbaac557d46d1cb831a6c28a0d793b86c8a6b7d0600aad07c6de-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 chevron-down-outline.svg Show response
au.cynchsec.com/svg/ 238 B
293 B 63ms
63ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/chevron-down-outline.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b545b46f23967bc04f0aa29998fd3a4e6940ac2eae00019efe35c94759957c81

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/chevron-down-outline.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 153
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.851731,VS0,VE56
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "0a168408fab116ff5540413df7ef779ca3efa2017514138c164089fd761de800-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 home-sharp.svg Show response
au.cynchsec.com/svg/ 196 B
291 B 8ms
8ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/home-sharp.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

064308cea74aa82336275ac3e84778b1328cff876c359e58c2a8856f849af8c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/home-sharp.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 165
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.851959,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "e67d17fba1ed4bed0150395dd68ffa7acf4747baba1f67f96c45f0de9913b7e5-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 layers-sharp.svg Show response
au.cynchsec.com/svg/ 313 B
2 KB 8ms
8ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/layers-sharp.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d9d6e13ec8a3e7c5cbfdb34ffc6b35592e11d122953bcd176ad8eccc3f362766

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/layers-sharp.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 202
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.852392,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "9fad95a14abbb094312a2615dcf5647f2d73cf2278d4cc20d8b2778954f3edd0-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 shield-checkmark-sharp.svg Show response
au.cynchsec.com/svg/ 564 B
467 B 9ms
8ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/shield-checkmark-sharp.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d30a69a1d89fb2f08552045a7fc4d2c8a324f5d2e47dfa71b7b232a25a4d43f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/shield-checkmark-sharp.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 327
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.852509,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "2c1ac90bacfcd74f057ea1031dc916cf701f905789babd0eb2d284cf91ee966d-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 stats-chart-sharp.svg Show response
au.cynchsec.com/svg/ 199 B
283 B 9ms
9ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/stats-chart-sharp.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4721fa0b56106179a2b83e1dc7ac3ed644806ae8461419b1b7181f2f63de029f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/stats-chart-sharp.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 143
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.853075,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "869acc2309d13d3c67bd31a417d36e5cc88ef6fabae5f31ca424cf52e4b67892-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 list-sharp.svg Show response
au.cynchsec.com/svg/ 377 B
346 B 8ms
8ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/list-sharp.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7112d923c0531634818fc6feefcf89b01ca0b338cdeb34f8c44031ca83b878d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/list-sharp.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 202
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.853125,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "afe4f357cdc22eecf4f933f557a21e464e3fb02a3f361ec8266f7986753ad165-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 notifications-sharp.svg Show response
au.cynchsec.com/svg/ 301 B
321 B 243ms
242ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/notifications-sharp.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2496c33e8614c7640f3fc1215b49b576cd6a356810de1797eb3e28b2b01b4147

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/notifications-sharp.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 202
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.853257,VS0,VE236
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:56 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "bc8e22428092b47893be322fdf33c82acad27ddabf71a0c1053daf38220de638-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 star-sharp.svg Show response
au.cynchsec.com/svg/ 215 B
274 B 229ms
228ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/star-sharp.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2331111a2569da1caf2a292100b9b8d16efa89530c518d7dceb50e73df36390c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/star-sharp.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 154
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.853609,VS0,VE221
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:56 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "bce78afa93434e77421d8a3b92803de5b3a6f7b54a0143d93be916b7644fd2c4-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 trophy-sharp.svg Show response
au.cynchsec.com/svg/ 624 B
486 B 8ms
8ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/trophy-sharp.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

81c7058d8b798c73fa0be00ded62be4c122cc39bbc32bd03a80c046d50d8c46a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/trophy-sharp.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 369
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.854004,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "472c2983ef9853be4bdcc1b29c055d78bca4ec961a220ee2e984285068058ab5-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 people-sharp.svg Show response
au.cynchsec.com/svg/ 395 B
399 B 185ms
185ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/people-sharp.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

83d1d7fd5b9879ebad300a4974e66c833a53fff0e8368067b402b7a334d425d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/people-sharp.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 256
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.854384,VS0,VE178
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:56 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "4ff0e959e41698a981675ab706aed48e715fc89cb3a44a782d33e98d08d1269b-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pie-chart-sharp.svg Show response
au.cynchsec.com/svg/ 300 B
326 B 8ms
8ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/pie-chart-sharp.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f487e7aa20ec9339861b17cd28f173aae8d23b3383997a678bca38197ee3da42

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/pie-chart-sharp.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 208
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.854722,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "2d8d43cbdfb39a807f47e8ebb136343b008f6c9ff3de1f3c91b498d762150b8d-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 document-text-sharp.svg Show response
au.cynchsec.com/svg/ 348 B
346 B 8ms
8ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/document-text-sharp.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8fb639179542bb7937aaf856bc36c79550df244c7af5a380f84a22dc3e71d9e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/document-text-sharp.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: HIT
vary: x-fh-requested-host, accept-encoding
content-length: 216
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.854795,VS0,VE1
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:55 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "ad95d844363300b28a8365ba1f53a405faeb6bfc2adfda9488031fb58be6937e-br"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 checkbox-sharp.svg Show response
au.cynchsec.com/svg/ 204 B
287 B 247ms
247ms Fetch
image/svg+xml 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/svg/checkbox-sharp.svg

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/polyfills-es2015.4a3f2aad13b902b0c1cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

350172571f1b9ec481f989a5f71b59f56f211eac877e3bfa2cabf541a422eaa0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /svg/checkbox-sharp.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 156
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.854927,VS0,VE240
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:56 GMT
strict-transport-security: max-age=31556926
content-type: image/svg+xml
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "e4869cf8e52a39fb2094a731f8cd7cd628e43e2de6e73486e229bc8eaf936697-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 65-es2015.0d15a96831a197ed2793.js Show response
au.cynchsec.com/ 3 KB
1 KB 259ms
258ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/65-es2015.0d15a96831a197ed2793.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

51276b416f99d54d50e9f6d008c7d395aa435b01f56192e0c04388f956ff29ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /65-es2015.0d15a96831a197ed2793.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 903
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.866953,VS0,VE249
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:56 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "c9c09088b62a6c4be4572ef4c1b4400a7d8b2d7565fdebef5e9d2d398d193944-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2
fonts.gstatic.com/s/rubik/v14/ 17 KB
17 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubik/v14/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0U1.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat&family=Rubik&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc7fee8ec77f177caa06256240e5f3897ce8258481d3cd42fb32c43cfafa436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://au.cynchsec.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 19:53:34 GMT
x-content-type-options: nosniff
age: 399082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17144
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:46:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 19:53:34 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 34ms
10ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat&family=Rubik&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://au.cynchsec.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 07:30:39 GMT
x-content-type-options: nosniff
age: 443657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 07:30:39 GMT

GET
H2 200 84-es2015.3af0aa779b5c38bedb51.js Show response
au.cynchsec.com/ 2 KB
988 B 233ms
232ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/84-es2015.3af0aa779b5c38bedb51.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1dd99602c5079d0659870a76e64fa782089c520f3e09fd5bbe99c74b3d26675b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /84-es2015.3af0aa779b5c38bedb51.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 819
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.137711,VS0,VE226
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:56 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "900c777a7b829f01392fb924abd34e625f9301d4b79f979a053512590e71a17c-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 80-es2015.41cb03958a75dd8a5554.js Show response
au.cynchsec.com/ 1 KB
2 KB 215ms
214ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/80-es2015.41cb03958a75dd8a5554.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c537b8722699da6a148c5a95258fc81b1359a97df6749a8e5bdc7b09b138325c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /80-es2015.41cb03958a75dd8a5554.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 554
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.137867,VS0,VE208
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:56 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "09a55cc6a01c116681166189cd3fbf63ceebd4ee260341fead5ac549ba43fbb5-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 35-es2015.e557e8f738c21876dd0d.js Show response
au.cynchsec.com/ 767 B
488 B 226ms
226ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://au.cynchsec.com/35-es2015.e557e8f738c21876dd0d.js

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/runtime-es2015.6cfb30407ef7cc4c8d31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0984361195d215a9f7bb075559989f80551055e4882cab3bb607ff6a75bb75f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Request headers

:path: /35-es2015.e557e8f738c21876dd0d.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: au.cynchsec.com
referer: https://au.cynchsec.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
content-encoding: br
x-content-type-options: nosniff
x-cache: MISS
vary: x-fh-requested-host, accept-encoding
content-length: 368
x-xss-protection: 1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce
x-served-by: cache-fra19148-FRA
referrer-policy: strict-origin
last-modified: Mon, 30 Aug 2021 05:37:37 GMT
x-timer: S1631961896.137997,VS0,VE219
x-frame-options: SAMEORIGIN
date: Sat, 18 Sep 2021 10:44:56 GMT
strict-transport-security: max-age=31556926
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
feature-policy: geolocation 'none'; sync-xhr 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'
etag: "d925f7bb8b604c4b7cf0f6d28b568a867a7a8fda57f5d3e9d8f06820b07a18cf-br"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
43 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R7LDXP54TC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e3841afc8a066854422d28694349d6dd107a70425d879f72f724b79f03c7319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 18 Sep 2021 10:44:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43783
x-xss-protection: 0
expires: Sat, 18 Sep 2021 10:44:56 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
368 B 45ms
14ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-R7LDXP54TC&gtm=2oe9f0&_p=1102908075&sr=1600x1200&_gaz=1&ul=en-us&_fid=ddiTuZyM_jEZJXFdHlyTxw&cid=1341105312.1631961896&_s=1&dl=https%3A%2F%2Fau.cynchsec.com%2F&dt=Cynch%20%7C%20Cyber%20Fitness%20Platform&sid=1631961896&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.origin=firebase
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R7LDXP54TC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://au.cynchsec.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 10:44:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://au.cynchsec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
339 B 46ms
15ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R7LDXP54TC&cid=1341105312.1631961896&gtm=2oe9f0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R7LDXP54TC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://au.cynchsec.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 18 Sep 2021 10:44:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://au.cynchsec.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 enforce
cynchsec.report-uri.com/r/d/csp/ 0
726 B 710ms
664ms Other
text/plain 2606:4700::6811:b658
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cynchsec.report-uri.com/r/d/csp/enforce

Requested by

Host: au.cynchsec.com
URL: https://au.cynchsec.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b658 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904; includeSubDomains; preload

Request headers

Referer: https://au.cynchsec.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 18 Sep 2021 10:44:56 GMT
nel: {"report_to":"default","max_age":3600,"include_subdomains":true,"failure_fraction":0.00001}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"default","max_age":3600,"endpoints":[{"url":"https://scotthelme.report-uri.com/a/d/g"}],"include_subdomains":true}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=63113904; includeSubDomains; preload
cf-ray: 6909fb5c189b1f3d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0

GET ga-audiences
www.google.de/ads/ 0
0

GET
H2 200 google.svg
www.gstatic.com/firebasejs/ui/2.0.0/images/auth/ 2 KB
1 KB 32ms
8ms Image
image/svg+xml 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/firebasejs/ui/2.0.0/images/auth/google.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbe9772630b9b72daf7c14eab28c6c86f88e07da9cb08487544e022e385ede1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 12:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 931
x-xss-protection: 0
last-modified: Thu, 11 May 2017 21:11:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Fri, 16 Sep 2022 12:05:18 GMT

GET
H2 200 mail.svg
www.gstatic.com/firebasejs/ui/2.0.0/images/auth/ 339 B
752 B 31ms
7ms Image
image/svg+xml 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/firebasejs/ui/2.0.0/images/auth/mail.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb989a9d5828d3549a3201c16f851db9f5b7c8a921f0ebef30a76f3454fb8ea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://au.cynchsec.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 21:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 480727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0
last-modified: Thu, 11 May 2017 21:11:23 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 21:12:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://au.cynchsec.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 07:54:01 GMT
x-content-type-options: nosniff
age: 96656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 07:54:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://au.cynchsec.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 08:46:15 GMT
x-content-type-options: nosniff
age: 266322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 08:46:15 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame D88A 156 B
516 B 174ms
174ms XHR
text/plain 35.167.194.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.167.194.245 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-167-194-245.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

66f22d412821b147517f6fdaa0862419d7d332e5830c240cbaa60f81af8b604b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 18 Sep 2021 10:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R7LDXP54TC&cid=1341105312.1631961896&gtm=2oe9f0&aip=1&z=421881390

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.stripe.com/	1970-01-20 14:50:33	Name: m Value: 806877cf-049a-44cf-a7a5-5b862af821819f2b27
.cynchsec.com/	1970-01-20 14:50:33	Name: _ga_R7LDXP54TC Value: GS1.1.1631961896.1.0.1631961896.60
.cynchsec.com/	1970-01-20 14:50:33	Name: _ga Value: GA1.1.1341105312.1631961896
.au.cynchsec.com/	1970-01-20 06:04:57	Name: __stripe_mid Value: 47e2a518-be71-4364-8892-7897009a2d25ac7641
.au.cynchsec.com/	1970-01-19 21:19:23	Name: __stripe_sid Value: 6aaa1a8a-5986-4288-a4a5-10d509d50295db2670

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://au.cynchsec.com/#/login Message: Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R7LDXP54TC&cid=1341105312.1631961896&gtm=2oe9f0&aip=1&z=421881390' because it violates the following Content Security Policy directive: "img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src data: www.google.com.au js.intercomcdn.com cdn.glitch.com downloads.intercomcdn.com firebasestorage.googleapis.com www.google-analytics.com www.googletagmanager.com 'self' api.faviconkit.com static.intercomassets.com www.gstatic.com lh3.googleusercontent.com lh4.googleusercontent.com storage.googleapis.com; font-src js.intercomcdn.com fonts.gstatic.com 'self'; connect-src 'self' firebase.googleapis.com www.cloudflare.com stats.g.doubleclick.net analytics.google.com *.cloudfunctions.net firebaseinstallations.googleapis.com www.google-analytics.com wss://nexus-websocket-a.intercom.io www.googleapis.com nexus-websocket-a.intercom.io firestore.googleapis.com api-iam.intercom.io securetoken.googleapis.com; form-action https://intercom.help https://api-iam.intercom.io; script-src 'unsafe-eval' https://www.youtube.com apis.google.com embed.typeform.com js.intercomcdn.com js.stripe.com www.google-analytics.com www.googletagmanager.com 'self' widget.intercom.io admin.typeform.com 'unsafe-inline' 'sha256-AEQuZKIweOruwxdlwve5i3x7qefVWOfU7Wgx7Z191KM=' 'sha256-Qqr2jwkT07Dhp4J0STIJ4UmR4Yu4DnkQ2Xzt7qx9dOQ='; style-src 'unsafe-inline' fonts.googleapis.com 'self'; frame-src au.cynchsec.com intercom-sheets.com player.vimeo.com www.youtube.com cynch-au.firebaseapp.com cynch-dev.firebaseapp.com cynchsec.typeform.com js.stripe.com; manifest-src 'self'; child-src https://www.youtube.com; report-uri https://cynchsec.report-uri.com/r/d/csp/enforce; object-src 'none' ; base-uri 'self';
Strict-Transport-Security	max-age=31556926
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cynchsec.report-uri.com/r/d/xss/enforce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.faviconkit.com
au.cynchsec.com
cynchsec.report-uri.com
embed.typeform.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
www.gstatic.com
www.google.de
151.101.1.195
18.66.122.97
2600:9000:223e:8800:19:7d10:bd80:93a1
2600:9000:225e:cc00:2:c605:29c0:93a1
2606:4700::6811:b658
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c04::9b
2a00:1450:400d:806::200a
2a00:1450:4016:809::200a
35.167.194.245
76.76.21.21
0513b16411bc509a63d1043ed1485090c97ba4c06e56976c4d33dac06aa2f3f6
064308cea74aa82336275ac3e84778b1328cff876c359e58c2a8856f849af8c7
0984361195d215a9f7bb075559989f80551055e4882cab3bb607ff6a75bb75f4
10891b0647de51ef698ca340e3815719d4a22964f259b5134e21aa9c91079bd0
13643d8393c32e516174e2f6b43325d74839e73ad628a79ab912deadba0fb1ed
13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00
155d5701c26f2890be2289fb653bfd131193939f76ebf707753a26338b08be20
1dd99602c5079d0659870a76e64fa782089c520f3e09fd5bbe99c74b3d26675b
2331111a2569da1caf2a292100b9b8d16efa89530c518d7dceb50e73df36390c
2496c33e8614c7640f3fc1215b49b576cd6a356810de1797eb3e28b2b01b4147
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
350172571f1b9ec481f989a5f71b59f56f211eac877e3bfa2cabf541a422eaa0
3820260fe8598b5fe6fe005dfb9e7430147bf2e7775aa8adc4a24e4706dc156b
3d680f2fe96d6ea9937f3483ab368b43c9803be23d3d4274024600f8fdfa496f
41405939d31b52ad7cc9cd07c8ad8289a7d66bea88d59d387bdf4b7679db2cdd
44381fcab27c367944317773810f84e922f992d06741b4316964bcfa3d14fd02
45f389e9bb74608c6c7c3e90dd0b2cdb300b94192c0cc9b4d00253fed7ece755
4721fa0b56106179a2b83e1dc7ac3ed644806ae8461419b1b7181f2f63de029f
5095fd61274d9b1544b44ffd0b61aaee01ae129f9312fcba35fb1061a8a708ae
51276b416f99d54d50e9f6d008c7d395aa435b01f56192e0c04388f956ff29ae
584b884ad45b7fa85c42845d12416359b0c1123c08e9c9575082527b858f8d64
5ade83e322eac22d73b12c85aca47b212cbaea9f1dac05aa17d7ba11bf6ade5b
5b9862c91e2742469cc312245e954ac34453a0b987b0bf08751708cb2994d3f2
66f22d412821b147517f6fdaa0862419d7d332e5830c240cbaa60f81af8b604b
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6e3841afc8a066854422d28694349d6dd107a70425d879f72f724b79f03c7319
713194e6a1e3992d0ce4bb01959c0d35745f4a498336550a88b1db90c7f7fb94
75735b06683e748b40c81e38add9a0019d4c582ae7fe3805c94be3f64106342b
7bc7fee8ec77f177caa06256240e5f3897ce8258481d3cd42fb32c43cfafa436
81c7058d8b798c73fa0be00ded62be4c122cc39bbc32bd03a80c046d50d8c46a
83d1d7fd5b9879ebad300a4974e66c833a53fff0e8368067b402b7a334d425d9
8cc8864b53112d955dd190bb8a0fe1c0351e177f598c4efac7bc0dda75a47ec1
8eec8fc717a64688f07b0678f91a15c70f8f0dcda096c8b64a65ccfae7eae77d
8fb639179542bb7937aaf856bc36c79550df244c7af5a380f84a22dc3e71d9e0
952aac885de086dbdd3e06ccbc5fc2c75d47f43915d2f6f0fea05f7f585ba55c
9ec636165c2a20c423f3bb43e0c6c928857872fbd9c419740b8220070718bb7f
b545b46f23967bc04f0aa29998fd3a4e6940ac2eae00019efe35c94759957c81
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bba80fd8502203f28466603c0a332a246ddafdb9c0d96b6193a8fd4171664ba6
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c537b8722699da6a148c5a95258fc81b1359a97df6749a8e5bdc7b09b138325c
ca855134fd40616db4616cfcfab11e0a56cb83c0d54d850a2f69858b65f179d5
cb989a9d5828d3549a3201c16f851db9f5b7c8a921f0ebef30a76f3454fb8ea5
cbe9772630b9b72daf7c14eab28c6c86f88e07da9cb08487544e022e385ede1f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce721f9b8591d4b9efe9374b804575fb989af8eae5908e629f08f42893e263e8
d30a69a1d89fb2f08552045a7fc4d2c8a324f5d2e47dfa71b7b232a25a4d43f5
d58a30fcfbffc91a5f721e1fdca35bf56a59d26ddc9a809e6f8b1c031fc65c57
d7112d923c0531634818fc6feefcf89b01ca0b338cdeb34f8c44031ca83b878d
d9d6e13ec8a3e7c5cbfdb34ffc6b35592e11d122953bcd176ad8eccc3f362766
dee96caf34adb5764e1492109c99862ec0262ece42bee115963084f14db4dae9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a06d30f076b8f2528468513a6c4c5ab7dd4e6d7906917662908d58f4ace6aa
e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6
ebc9e8b40c77673bea462408145f01e727ffcba5b08b83e31c3bc41ce134f4f6
f1d5ffbbe85345edb25bdd8ad3e8f043b0346a2e6a30e314e1f6a7d77fa5c3a9
f487e7aa20ec9339861b17cd28f173aae8d23b3383997a678bca38197ee3da42
f562249cd27248063baa002e9d6fe7e54d6e4513006a8baf9e040290fbdd5c1d
fea2b3ebacff85507e8ca198a721898197ffd31b623b0b4e94cba302c90e1501

au.cynchsec.com Open in urlscan Pro 151.101.1.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

73 %IPv6

12 Domains

16 Subdomains

16 IPs

4 Countries

874 kBTransfer

3075 kBSize

5 Cookies

0 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

au.cynchsec.com Open in urlscan Pro
151.101.1.195 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

73 %
IPv6

12
Domains

16
Subdomains

16
IPs

4
Countries

874 kB
Transfer

3075 kB
Size

5
Cookies

65 HTTP transactions
0 data transactions