urlscan.io logo urlscan.io
SecurityTrails logo

app.cloudcraft.co Open in urlscan Pro
34.237.81.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.cloudcraft.co/
Effective URL: https://app.cloudcraft.co/login
Submission: On May 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 26 HTTP transactions. The main IP is 34.237.81.68, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.cloudcraft.co.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 7th 2023. Valid for: a year.
This is the only time app.cloudcraft.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    34.237.81.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-81-68.compute-1.amazonaws.com
app.cloudcraft.co
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.173.187.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-107.muc50.r.cloudfront.net
f6c9a08bee63.us-east-1.sdk.awswaf.com
4    18.173.187.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-102.muc50.r.cloudfront.net
f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com
1    99.84.9.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-9-59.lhr62.r.cloudfront.net
cdn.cloudcraft.co
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:400c:c0a::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
Apex Domain
Subdomains		 Transfer
14 cloudcraft.co
app.cloudcraft.co
cdn.cloudcraft.co
445 KB
5 awswaf.com
f6c9a08bee63.us-east-1.sdk.awswaf.com
f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com
289 KB
3 google.com
apis.google.com — Cisco Umbrella Rank: 139
accounts.google.com — Cisco Umbrella Rank: 20
47 KB
2 gstatic.com
fonts.gstatic.com
63 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
300 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
105 KB
26 7
Domain Requested by
13 app.cloudcraft.co 1 redirects app.cloudcraft.co
www.googletagmanager.com
f6c9a08bee63.us-east-1.sdk.awswaf.com
4 f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com app.cloudcraft.co
f6c9a08bee63.us-east-1.sdk.awswaf.com
2 apis.google.com cdn.cloudcraft.co
apis.google.com
2 fonts.gstatic.com fonts.googleapis.com
2 region1.google-analytics.com www.googletagmanager.com
1 accounts.google.com apis.google.com
1 fonts.googleapis.com cdn.cloudcraft.co
1 cdn.cloudcraft.co app.cloudcraft.co
1 f6c9a08bee63.us-east-1.sdk.awswaf.com 1 redirects
1 www.googletagmanager.com app.cloudcraft.co
26 10

This site contains no links.

Subject Issuer Validity Valid
cloudcraft.co
Amazon RSA 2048 M03		 2023-08-07 -
2024-09-03		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
cdn.cloudcraft.co
Amazon RSA 2048 M01		 2023-07-30 -
2024-08-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.f791c90b.us-east-1.token.awswaf.com
Amazon RSA 2048 M03		 2024-05-04 -
2025-06-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://app.cloudcraft.co/login
Frame ID: 151043406E73B3B402F836DFD84E768C
Requests: 25 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: E84B6A3EEF94E7169B765910B0E88B51
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - Cloudcraft

Page URL History Show full URLs

  1. http://app.cloudcraft.co/ HTTP 307
    https://app.cloudcraft.co/ HTTP 302
    https://app.cloudcraft.co/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

26
Requests

96 %
HTTPS

60 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

951 kB
Transfer

3144 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.cloudcraft.co/ HTTP 307
    https://app.cloudcraft.co/ HTTP 302
    https://app.cloudcraft.co/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js HTTP 307
  • https://f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
app.cloudcraft.co/
Redirect Chain
  • http://app.cloudcraft.co/
  • https://app.cloudcraft.co/
  • https://app.cloudcraft.co/login
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.cloudcraft.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.81.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-68.compute-1.amazonaws.com
Software
/
Resource Hash
38b65e414382eb6cc68a9da97772d025c8d00818afaef487948dbda89a5f0814
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-security-policy-report-only
default-src 'self';script-src 'self' https://cdn.cloudcraft.co https://www.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://apis.google.com https://cdnjs.cloudflare.com https://checkout.stripe.com https://static.accountdock.com https://*.pusher.com https://beacon-v2.helpscout.net/ https://assets.calendly.com 'sha256-CA+WQBPlufcdIkUhUDOoZD+LI9nFG5pEQ8mVu8YjH3Q=' https://connect-cdn.atl-paas.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://assets.calendly.com;font-src 'self' https://fonts.gstatic.com themes.googleusercontent.com https://maxcdn.bootstrapcdn.com;frame-src 'self' https://checkout.stripe.com https://accounts.google.com https://static.accountdock.com https://payments.stunning.co https://calendly.com/ https://*.pusher.com;connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com;img-src 'self' https: blob:;media-src 'self' https://static.cloudcraft.co;object-src 'self';worker-src 'self' blob:;report-uri /api/csp/report
content-type
text/html; charset=utf-8
date
Fri, 10 May 2024 14:37:33 GMT
etag
W/"9f6-+IJ674I5+Ti6dSsiOjIFtEHZsbY"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block

Redirect headers

content-length
56
content-security-policy-report-only
default-src 'self';script-src 'self' https://cdn.cloudcraft.co https://www.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://apis.google.com https://cdnjs.cloudflare.com https://checkout.stripe.com https://static.accountdock.com https://*.pusher.com https://beacon-v2.helpscout.net/ https://assets.calendly.com 'sha256-CA+WQBPlufcdIkUhUDOoZD+LI9nFG5pEQ8mVu8YjH3Q=' https://connect-cdn.atl-paas.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://assets.calendly.com;font-src 'self' https://fonts.gstatic.com themes.googleusercontent.com https://maxcdn.bootstrapcdn.com;frame-src 'self' https://checkout.stripe.com https://accounts.google.com https://static.accountdock.com https://payments.stunning.co https://calendly.com/ https://*.pusher.com;connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com;img-src 'self' https: blob:;media-src 'self' https://static.cloudcraft.co;object-src 'self';worker-src 'self' blob:;report-uri /api/csp/report
content-type
text/html; charset=utf-8
date
Fri, 10 May 2024 14:37:33 GMT
location
/login
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		321 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0Z3PTJD56N
Requested by
Host: app.cloudcraft.co
URL: https://app.cloudcraft.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dcf0194112f31688efcc0112f2c5ebaa0ae3d1d9f51a5c1899d0209a4414e943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.cloudcraft.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 14:37:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107517
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 May 2024 14:37:34 GMT
routedata.js
app.cloudcraft.co/js/ 		918 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.cloudcraft.co/js/routedata.js
Requested by
Host: app.cloudcraft.co
URL: https://app.cloudcraft.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.81.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-68.compute-1.amazonaws.com
Software
/
Resource Hash
018a675fd0611189742cda0295d0f9b90bad3351704ab5e9a0e7b70c835c9e28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.cloudcraft.co/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 14:37:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
etag
W/"396-H3fWCWYhAPeUZxCopFSImqLzEaU"
x-frame-options
deny
content-security-policy-report-only
default-src 'self';script-src 'self' https://cdn.cloudcraft.co https://www.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://apis.google.com https://cdnjs.cloudflare.com https://checkout.stripe.com https://static.accountdock.com https://*.pusher.com https://beacon-v2.helpscout.net/ https://assets.calendly.com 'sha256-CA+WQBPlufcdIkUhUDOoZD+LI9nFG5pEQ8mVu8YjH3Q=' https://connect-cdn.atl-paas.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://assets.calendly.com;font-src 'self' https://fonts.gstatic.com themes.googleusercontent.com https://maxcdn.bootstrapcdn.com;frame-src 'self' https://checkout.stripe.com https://accounts.google.com https://static.accountdock.com https://payments.stunning.co https://calendly.com/ https://*.pusher.com;connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com;img-src 'self' https: blob:;media-src 'self' https://static.cloudcraft.co;object-src 'self';worker-src 'self' blob:;report-uri /api/csp/report
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
content-length
918
x-xss-protection
1; mode=block
challenge.js
f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/
Redirect Chain
  • https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js
  • https://f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js
1 MB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js
Requested by
Host: app.cloudcraft.co
URL: https://app.cloudcraft.co/login
Protocol
H2
Server
18.173.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-102.muc50.r.cloudfront.net
Software
/
Resource Hash
8adce45fd8e54576b287daaa3b4b2b44bd31c3fad6508c66d87e14b62bc4513d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://app.cloudcraft.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 May 2024 14:37:34 GMT
content-encoding
gzip
via
1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified
Fri, 10 May 2024 14:37:34 +0000
x-amz-cf-pop
MUC50-P4
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-663e312e-5dee3f8e2d4e7e0a05c6c16d
content-type
text/javascript
cache-control
private, max-age=86400
x-amz-cf-id
AJ77MuNJfNvcvB9zFNEWuda76VYs3iZdgOsZzNleErydtJmftJyKZg==
expires
0

Redirect headers

date
Fri, 10 May 2024 14:37:34 GMT
via
1.1 a0b81f8bd65c71136dc6b5c239feb2b8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P4
access-control-max-age
86400
access-control-allow-methods
*
x-cache
FunctionGeneratedResponse from cloudfront
access-control-allow-origin
*
location
https://f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js
cache-control
max-age=86400
access-control-allow-headers
*
content-length
0
x-amz-cf-id
YaxGTO7bERsn-HyBGrMVC3sFuDTj4TkbJkQekPWnYmb9wfyJlW3RNw==
login.Y2VMVEJ7.min.js
cdn.cloudcraft.co/js/ 		1 MB
429 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cloudcraft.co/js/login.Y2VMVEJ7.min.js
Requested by
Host: app.cloudcraft.co
URL: https://app.cloudcraft.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.9.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-9-59.lhr62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4decc9aa3423cc4b1a3da5e408da318e20858b1d7c6629f5aa35a917276519

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.cloudcraft.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 14:45:36 GMT
content-encoding
br
via
1.1 2a0b2de39bbda8e631dd7bce49626470.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C2
age
863519
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-expiration
expiry-date="Fri, 01 May 2026 00:00:00 GMT", rule-id="expire-js"
last-modified
Tue, 30 Apr 2024 13:33:36 GMT
server
AmazonS3
etag
W/"e4f8e78e6214fed490e7c4d1529994b9"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=2592000
x-amz-cf-id
U8d5tqU8Z88guBGk7BBFDr1UAF9k79iuPxDhgDXMZcWHG673eysZyg==
report
app.cloudcraft.co/api/csp/ 		0
182 B 		Other
General
Check archive.org
Download Go to
Full URL
https://app.cloudcraft.co/api/csp/report
Requested by
Host: app.cloudcraft.co
URL: https://app.cloudcraft.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.81.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://app.cloudcraft.co/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 10 May 2024 14:37:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
report
app.cloudcraft.co/api/csp/ 		0
182 B 		Other
General
Check archive.org
Download Go to
Full URL
https://app.cloudcraft.co/api/csp/report
Requested by
Host: app.cloudcraft.co
URL: https://app.cloudcraft.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.81.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://app.cloudcraft.co/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 10 May 2024 14:37:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
report
app.cloudcraft.co/api/csp/ 		0
182 B 		Other
General
Check archive.org
Download Go to
Full URL
https://app.cloudcraft.co/api/csp/report
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0Z3PTJD56N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.81.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://app.cloudcraft.co/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 10 May 2024 14:37:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0Z3PTJD56N&gtm=45je4580v9135070684za200&_p=1715351854027&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=723515804.1715351854&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715351854&sct=1&seg=0&dl=https%3A%2F%2Fapp.cloudcraft.co%2Flogin&dt=Login%20-%20Cloudcraft&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=672
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0Z3PTJD56N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.cloudcraft.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 14:37:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.cloudcraft.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		24 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700,600,400,300%7CRoboto:500
Requested by
Host: cdn.cloudcraft.co
URL: https://cdn.cloudcraft.co/js/login.Y2VMVEJ7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a745a62e4627868e8ad2758c0ca88f0b7af27adfb30a1dda0db53d8000706c7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.cloudcraft.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 May 2024 14:37:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 May 2024 14:37:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 May 2024 14:37:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,600,400,300%7CRoboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://app.cloudcraft.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 03 May 2024 22:45:56 GMT
x-content-type-options
nosniff
age
575498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 May 2025 22:45:56 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700,600,400,300%7CRoboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://app.cloudcraft.co
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 18:30:08 GMT
x-content-type-options
nosniff
age
331646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 May 2025 18:30:08 GMT
api.js
apis.google.com/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: cdn.cloudcraft.co
URL: https://cdn.cloudcraft.co/js/login.Y2VMVEJ7.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bbd8d4c8232df5d4d395f28151e43c17ddc981fe499fd94698162d610c1e95e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.cloudcraft.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 10 May 2024 14:37:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5897
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"d936f112b85f6a2e"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 May 2024 14:37:34 GMT
cloudcraft.svg
app.cloudcraft.co/graphics/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.cloudcraft.co/graphics/cloudcraft.svg
Requested by
Host: app.cloudcraft.co
URL: https://app.cloudcraft.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.81.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-68.compute-1.amazonaws.com
Software
/
Resource Hash
570520b36ffc0eb2efd7341c6ff4b54e54b2de374818f27248e1589df5524a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.cloudcraft.co/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 14:37:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Wed, 01 May 2024 13:53:36 GMT
content-encoding
gzip
etag
W/"a29-18f346e9f00"
content-security-policy-report-only
default-src 'self';script-src 'self' https://cdn.cloudcraft.co https://www.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://apis.google.com https://cdnjs.cloudflare.com https://checkout.stripe.com https://static.accountdock.com https://*.pusher.com https://beacon-v2.helpscout.net/ https://assets.calendly.com 'sha256-CA+WQBPlufcdIkUhUDOoZD+LI9nFG5pEQ8mVu8YjH3Q=' https://connect-cdn.atl-paas.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://assets.calendly.com;font-src 'self' https://fonts.gstatic.com themes.googleusercontent.com https://maxcdn.bootstrapcdn.com;frame-src 'self' https://checkout.stripe.com https://accounts.google.com https://static.accountdock.com https://payments.stunning.co https://calendly.com/ https://*.pusher.com;connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com;img-src 'self' https: blob:;media-src 'self' https://static.cloudcraft.co;object-src 'self';worker-src 'self' blob:;report-uri /api/csp/report
x-frame-options
deny
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=86400
accept-ranges
bytes
x-xss-protection
1; mode=block
datadog_login.svg
app.cloudcraft.co/graphics/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.cloudcraft.co/graphics/datadog_login.svg
Requested by
Host: app.cloudcraft.co
URL: https://app.cloudcraft.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.81.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-68.compute-1.amazonaws.com
Software
/
Resource Hash
8d16913cad1a2916c893f3f8742f8b74f5acf5ff71d7cc44bfec6008e0c47e6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.cloudcraft.co/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 14:37:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Wed, 01 May 2024 13:53:36 GMT
content-encoding
gzip
etag
W/"bd4-18f346e9f00"
content-security-policy-report-only
default-src 'self';script-src 'self' https://cdn.cloudcraft.co https://www.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://apis.google.com https://cdnjs.cloudflare.com https://checkout.stripe.com https://static.accountdock.com https://*.pusher.com https://beacon-v2.helpscout.net/ https://assets.calendly.com 'sha256-CA+WQBPlufcdIkUhUDOoZD+LI9nFG5pEQ8mVu8YjH3Q=' https://connect-cdn.atl-paas.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://assets.calendly.com;font-src 'self' https://fonts.gstatic.com themes.googleusercontent.com https://maxcdn.bootstrapcdn.com;frame-src 'self' https://checkout.stripe.com https://accounts.google.com https://static.accountdock.com https://payments.stunning.co https://calendly.com/ https://*.pusher.com;connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com;img-src 'self' https: blob:;media-src 'self' https://static.cloudcraft.co;object-src 'self';worker-src 'self' blob:;report-uri /api/csp/report
x-frame-options
deny
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=86400
accept-ranges
bytes
x-xss-protection
1; mode=block
google_login.svg
app.cloudcraft.co/graphics/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.cloudcraft.co/graphics/google_login.svg
Requested by
Host: app.cloudcraft.co
URL: https://app.cloudcraft.co/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.81.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-68.compute-1.amazonaws.com
Software
/
Resource Hash
939d3057ad3ec15404571425faa7943d43de4bec7563a1ce2abde11bcbef16d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.cloudcraft.co/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 14:37:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Wed, 01 May 2024 13:53:36 GMT
content-encoding
gzip
etag
W/"8f7-18f346e9f00"
content-security-policy-report-only
default-src 'self';script-src 'self' https://cdn.cloudcraft.co https://www.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://apis.google.com https://cdnjs.cloudflare.com https://checkout.stripe.com https://static.accountdock.com https://*.pusher.com https://beacon-v2.helpscout.net/ https://assets.calendly.com 'sha256-CA+WQBPlufcdIkUhUDOoZD+LI9nFG5pEQ8mVu8YjH3Q=' https://connect-cdn.atl-paas.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://assets.calendly.com;font-src 'self' https://fonts.gstatic.com themes.googleusercontent.com https://maxcdn.bootstrapcdn.com;frame-src 'self' https://checkout.stripe.com https://accounts.google.com https://static.accountdock.com https://payments.stunning.co https://calendly.com/ https://*.pusher.com;connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com;img-src 'self' https: blob:;media-src 'self' https://static.cloudcraft.co;object-src 'self';worker-src 'self' blob:;report-uri /api/csp/report
x-frame-options
deny
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=86400
accept-ranges
bytes
x-xss-protection
1; mode=block
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/ 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9aa77ab8d23a5766d3b3b24224dfdaa3dee98faa457c0a06aaec09f55c4b7d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.cloudcraft.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 08:10:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
282446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41559
x-xss-protection
0
last-modified
Mon, 15 Apr 2024 18:15:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 May 2025 08:10:08 GMT
iframe
accounts.google.com/o/oauth2/ Frame E84B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-m3hjbKYUcJwzYrP007rMDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://app.cloudcraft.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-m3hjbKYUcJwzYrP007rMDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 10 May 2024 14:37:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
Anx7P+ykxPk2cvb3pmDcFJrtthuvm2pPqF/N9DW2XnD4tw+GvaXWaUhemhtJeK2OiYYjgVfcdmEkym+Al84WUQEAAABReyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/_/IdpIFrameHttp/web-reports?context=eJzjstHikmLw05BikPj6kkkLiJ3SZ7CGALFP_QzWOCBuvXmOdToQW908z5r07zxrCRC3f77AOhOIhbg51j_6sZFNYMeKr0kAKOsgWA"
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
report
app.cloudcraft.co/api/csp/ 		0
182 B 		Other
General
Check archive.org
Download Go to
Full URL
https://app.cloudcraft.co/api/csp/report
Requested by
Host: f6c9a08bee63.us-east-1.sdk.awswaf.com
URL: https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.81.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://app.cloudcraft.co/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 10 May 2024 14:37:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
verify
f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/ 		320 B
738 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/verify
Requested by
Host: f6c9a08bee63.us-east-1.sdk.awswaf.com
URL: https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-102.muc50.r.cloudfront.net
Software
/
Resource Hash
062bd6ab7e8ad2c85c2305d6cc5f7cb6bd98dc84ae61611dec6d555efa2705cd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://app.cloudcraft.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 10 May 2024 14:37:35 GMT
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-663e312f-07039d997b5d64db0c2e4b4b
cache-control
no-cache, no-store, must-revalidate
content-length
320
x-amz-cf-id
jhOeIb2mOK2uKJemLawMpEt4PCzl3MF6z_joFyNbYgiLel_3lfYv7g==
expires
0
favicon.svg
app.cloudcraft.co/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.cloudcraft.co/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.81.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-68.compute-1.amazonaws.com
Software
/
Resource Hash
907e5fa198abf4e60a665befa7677cd1cd272f6af61eb73ed8fcb7c8498e550b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.cloudcraft.co/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 14:37:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Wed, 01 May 2024 13:53:36 GMT
content-encoding
gzip
etag
W/"6be-18f346e9f00"
content-security-policy-report-only
default-src 'self';script-src 'self' https://cdn.cloudcraft.co https://www.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://apis.google.com https://cdnjs.cloudflare.com https://checkout.stripe.com https://static.accountdock.com https://*.pusher.com https://beacon-v2.helpscout.net/ https://assets.calendly.com 'sha256-CA+WQBPlufcdIkUhUDOoZD+LI9nFG5pEQ8mVu8YjH3Q=' https://connect-cdn.atl-paas.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://assets.calendly.com;font-src 'self' https://fonts.gstatic.com themes.googleusercontent.com https://maxcdn.bootstrapcdn.com;frame-src 'self' https://checkout.stripe.com https://accounts.google.com https://static.accountdock.com https://payments.stunning.co https://calendly.com/ https://*.pusher.com;connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com;img-src 'self' https: blob:;media-src 'self' https://static.cloudcraft.co;object-src 'self';worker-src 'self' blob:;report-uri /api/csp/report
x-frame-options
deny
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=86400
accept-ranges
bytes
x-xss-protection
1; mode=block
report
app.cloudcraft.co/api/csp/ 		0
182 B 		Other
General
Check archive.org
Download Go to
Full URL
https://app.cloudcraft.co/api/csp/report
Requested by
Host: f6c9a08bee63.us-east-1.sdk.awswaf.com
URL: https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.81.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://app.cloudcraft.co/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 10 May 2024 14:37:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
telemetry
f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/ 		888 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/telemetry
Requested by
Host: f6c9a08bee63.us-east-1.sdk.awswaf.com
URL: https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-102.muc50.r.cloudfront.net
Software
/
Resource Hash
42eda07885b1ceb9cf514673d243a606c4cf4050c34da6b4f97da63b9c3e819b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://app.cloudcraft.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 10 May 2024 14:37:36 GMT
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-663e3130-58af7fd26005409918a8d3aa
cache-control
no-cache, no-store, must-revalidate
content-length
888
x-amz-cf-id
HtEzyo0eyDMkrol7aChA-JtqBpXg4fW36_ha8oT-nQsfzeKlSht_yw==
expires
0
telemetry
f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/ 		976 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/telemetry
Requested by
Host: f6c9a08bee63.us-east-1.sdk.awswaf.com
URL: https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-102.muc50.r.cloudfront.net
Software
/
Resource Hash
add717155492466ebf1a2a975cf475e4e8acb1f27fca7eee8f602ba548f8357b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://app.cloudcraft.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 10 May 2024 14:37:37 GMT
via
1.1 be531aac2dc594e7dcbc7bf54e3b6504.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-663e3131-1edaa5123aafd9c721390d9a
cache-control
no-cache, no-store, must-revalidate
content-length
976
x-amz-cf-id
sUMvSYxmYdHa-xzk7Imw01wW33MPZenRXyNYLbqj0XyRehxy9NV8pg==
expires
0
report
app.cloudcraft.co/api/csp/ 		0
182 B 		Other
General
Check archive.org
Download Go to
Full URL
https://app.cloudcraft.co/api/csp/report
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0Z3PTJD56N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.81.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-81-68.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://app.cloudcraft.co/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 10 May 2024 14:37:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0Z3PTJD56N&gtm=45je4580v9135070684za200&_p=1715351854027&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=723515804.1715351854&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1715351854&sct=1&seg=0&dl=https%3A%2F%2Fapp.cloudcraft.co%2Flogin&dt=Login%20-%20Cloudcraft&en=scroll&epn.percent_scrolled=90&_et=2&tfd=5681
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0Z3PTJD56N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://app.cloudcraft.co/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 10 May 2024 14:37:39 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.cloudcraft.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer function| onGapiAvailable object| routeData object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| clearImmediate function| setImmediate object| DD_RUM number| 2f1acc6c3a606b082e5eef5e54414ffb object| PolyBool object| gapi object| ___jsl object| _F_toggles object| osapi object| a2_0x3184 function| a2_0x9d08 object| AwsWafIntegration object| ChallengeScript

4 Cookies

Domain/Path Name / Value
.cloudcraft.co/ Name: _ga
Value: GA1.1.723515804.1715351854
.cloudcraft.co/ Name: _ga_0Z3PTJD56N
Value: GS1.1.1715351854.1.0.1715351854.0.0.0
.app.cloudcraft.co/ Name: G_ENABLED_IDPS
Value: google
.app.cloudcraft.co/ Name: aws-waf-token
Value: 2bcac2a8-9e2e-4e4c-8369-7bb7483b68fd:EQoAk71mzkUGAAAA:pJzfKRnmwdCAJ3FZdWYE1PJoKjyvI60zFG/Tbfa5+ey0YGydQ0Ou6PClkqhAc8QV8cX18QmqbeuH0o5G80gh1XLYGGB0fQ8Ots6MBdV9ahArlGiIFE/IflAZSxsAPEpgyLnuAXMqYKTVJCfex+26aSGzaHHrL/TlFZL8Hzk7r75olJcT996rZFp3XhvYmlYK8Uzv5WjtocVdswP45FIvZznkcfsW3piS4mPHoBB5SkbnOBKvKzTgi8AE3T8Sr7OrCjrPhue4BjBolQZBiEzdqhlCZXOucJBuWo0=

16 Console Messages

Source Level URL
Text
security error URL: https://app.cloudcraft.co/login(Line 36)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' https://cdn.cloudcraft.co https://www.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://apis.google.com https://cdnjs.cloudflare.com https://checkout.stripe.com https://static.accountdock.com https://*.pusher.com https://beacon-v2.helpscout.net/ https://assets.calendly.com 'sha256-CA+WQBPlufcdIkUhUDOoZD+LI9nFG5pEQ8mVu8YjH3Q=' https://connect-cdn.atl-paas.net". Either the 'unsafe-inline' keyword, a hash ('sha256-vXpgGKA43mkaGBMghzKs6jukMaWIggbMwgxelKrCK3w='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://app.cloudcraft.co/login
Message:
[Report Only] Refused to load the script 'https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js' because it violates the following Content Security Policy directive: "script-src 'self' https://cdn.cloudcraft.co https://www.google-analytics.com https://www.googletagmanager.com https://ajax.googleapis.com https://apis.google.com https://cdnjs.cloudflare.com https://checkout.stripe.com https://static.accountdock.com https://*.pusher.com https://beacon-v2.helpscout.net/ https://assets.calendly.com 'sha256-CA+WQBPlufcdIkUhUDOoZD+LI9nFG5pEQ8mVu8YjH3Q=' https://connect-cdn.atl-paas.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-0Z3PTJD56N(Line 217)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-0Z3PTJD56N&gtm=45je4580v9135070684za200&_p=1715351854027&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=723515804.1715351854&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715351854&sct=1&seg=0&dl=https%3A%2F%2Fapp.cloudcraft.co%2Flogin&dt=Login%20-%20Cloudcraft&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=672' because it violates the following Content Security Policy directive: "connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-0Z3PTJD56N(Line 217)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-0Z3PTJD56N&gtm=45je4580v9135070684za200&_p=1715351854027&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=723515804.1715351854&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715351854&sct=1&seg=0&dl=https%3A%2F%2Fapp.cloudcraft.co%2Flogin&dt=Login%20-%20Cloudcraft&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=672' because it violates the following Content Security Policy directive: "connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com".
security warning URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/cb=gapi.loaded_0?le=scs(Line 186)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
recommendation verbose URL: https://app.cloudcraft.co/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
security error URL: https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/verify' because it violates the following Content Security Policy directive: "connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com".
security error URL: https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/verify' because it violates the following Content Security Policy directive: "connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com".
security error URL: https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/telemetry' because it violates the following Content Security Policy directive: "connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com".
security error URL: https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/telemetry' because it violates the following Content Security Policy directive: "connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com".
security error URL: https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/telemetry' because it violates the following Content Security Policy directive: "connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com".
security error URL: https://f6c9a08bee63.us-east-1.sdk.awswaf.com/f6c9a08bee63/5de5f2d167a7/challenge.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com/f6c9a08bee63/5de5f2d167a7/telemetry' because it violates the following Content Security Policy directive: "connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-0Z3PTJD56N(Line 217)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-0Z3PTJD56N&gtm=45je4580v9135070684za200&_p=1715351854027&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=723515804.1715351854&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1715351854&sct=1&seg=0&dl=https%3A%2F%2Fapp.cloudcraft.co%2Flogin&dt=Login%20-%20Cloudcraft&en=scroll&epn.percent_scrolled=90&_et=2&tfd=5681' because it violates the following Content Security Policy directive: "connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-0Z3PTJD56N(Line 217)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-0Z3PTJD56N&gtm=45je4580v9135070684za200&_p=1715351854027&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=723515804.1715351854&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1715351854&sct=1&seg=0&dl=https%3A%2F%2Fapp.cloudcraft.co%2Flogin&dt=Login%20-%20Cloudcraft&en=scroll&epn.percent_scrolled=90&_et=2&tfd=5681' because it violates the following Content Security Policy directive: "connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-0Z3PTJD56N(Line 217)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-0Z3PTJD56N&gtm=45je4580v9135070684za200&_p=1715351854027&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=723515804.1715351854&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=3&sid=1715351854&sct=1&seg=0&dl=https%3A%2F%2Fapp.cloudcraft.co%2Flogin&dt=Login%20-%20Cloudcraft&en=user_engagement&_et=5196&tfd=5873' because it violates the following Content Security Policy directive: "connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com".
security error URL: https://www.googletagmanager.com/gtag/js?id=G-0Z3PTJD56N(Line 217)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-0Z3PTJD56N&gtm=45je4580v9135070684za200&_p=1715351854027&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=723515804.1715351854&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=3&sid=1715351854&sct=1&seg=0&dl=https%3A%2F%2Fapp.cloudcraft.co%2Flogin&dt=Login%20-%20Cloudcraft&en=user_engagement&_et=5196&tfd=5873' because it violates the following Content Security Policy directive: "connect-src 'self' https://images.cloudcraft.co https://app.datad0g.com https://www.google-analytics.com https://stats.g.doubleclick.net https://checkout.stripe.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://ws-mt1.pusher.com https://*.pusher.com https://s3-eu-west-1.amazonaws.com/ https://browser-intake-datadoghq.com https://browser-intake-datad0g.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
app.cloudcraft.co
cdn.cloudcraft.co
f6c9a08bee63.f791c90b.us-east-1.token.awswaf.com
f6c9a08bee63.us-east-1.sdk.awswaf.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
www.googletagmanager.com
18.173.187.102
18.173.187.107
2001:4860:4802:32::36
2a00:1450:4001:800::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c0a::54
34.237.81.68
99.84.9.59
018a675fd0611189742cda0295d0f9b90bad3351704ab5e9a0e7b70c835c9e28
062bd6ab7e8ad2c85c2305d6cc5f7cb6bd98dc84ae61611dec6d555efa2705cd
38b65e414382eb6cc68a9da97772d025c8d00818afaef487948dbda89a5f0814
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
42eda07885b1ceb9cf514673d243a606c4cf4050c34da6b4f97da63b9c3e819b
570520b36ffc0eb2efd7341c6ff4b54e54b2de374818f27248e1589df5524a43
8adce45fd8e54576b287daaa3b4b2b44bd31c3fad6508c66d87e14b62bc4513d
8bbd8d4c8232df5d4d395f28151e43c17ddc981fe499fd94698162d610c1e95e
8d16913cad1a2916c893f3f8742f8b74f5acf5ff71d7cc44bfec6008e0c47e6e
907e5fa198abf4e60a665befa7677cd1cd272f6af61eb73ed8fcb7c8498e550b
939d3057ad3ec15404571425faa7943d43de4bec7563a1ce2abde11bcbef16d1
9aa77ab8d23a5766d3b3b24224dfdaa3dee98faa457c0a06aaec09f55c4b7d74
a745a62e4627868e8ad2758c0ca88f0b7af27adfb30a1dda0db53d8000706c7b
add717155492466ebf1a2a975cf475e4e8acb1f27fca7eee8f602ba548f8357b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
da4decc9aa3423cc4b1a3da5e408da318e20858b1d7c6629f5aa35a917276519
dcf0194112f31688efcc0112f2c5ebaa0ae3d1d9f51a5c1899d0209a4414e943
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855