onboarding.paragonbank.dancerace-apps.com Open in urlscan Pro
18.168.90.70  Public Scan

URL: https://onboarding.paragonbank.dancerace-apps.com/
Submission: On May 25 via automatic, source rescanner — Scanned from GB

Summary

This website contacted 7 IPs in 3 countries across 4 domains to perform 26 HTTP transactions. The main IP is 18.168.90.70, located in London, United Kingdom and belongs to AMAZON-02, US. The main domain is onboarding.paragonbank.dancerace-apps.com.
TLS certificate: Issued by R3 on May 25th 2022. Valid for: 3 months.
This is the only time onboarding.paragonbank.dancerace-apps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 18.168.90.70 16509 (AMAZON-02)
4 3.10.100.6 16509 (AMAZON-02)
3 34.120.195.249 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
26 7
Domain Requested by
6 www.gstatic.com www.google.com
www.gstatic.com
6 onboarding.paragonbank.dancerace-apps.com onboarding.paragonbank.dancerace-apps.com
4 www.google.com onboarding.paragonbank.dancerace-apps.com
www.google.com
www.gstatic.com
4 api.onboarding.paragonbank.dancerace-apps.com onboarding.paragonbank.dancerace-apps.com
3 o385976.ingest.sentry.io onboarding.paragonbank.dancerace-apps.com
1 fonts.gstatic.com www.google.com
1 api.sso.dancerace-apps.com onboarding.paragonbank.dancerace-apps.com
26 7

This site contains no links.

Subject Issuer Validity Valid
api.c3-data-export.paragonbank.dancerace-apps.com
R3
2022-05-25 -
2022-08-23
3 months crt.sh
codat-proxy.dancerace-apps.com
R3
2022-04-27 -
2022-07-26
3 months crt.sh
*.ingest.sentry.io
R3
2022-04-22 -
2022-07-21
3 months crt.sh
www.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh

This page contains 3 frames:

Primary Page: https://onboarding.paragonbank.dancerace-apps.com/
Frame ID: 00D41A86F1E5EB1C3884618C770CBD81
Requests: 19 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9j9wUAAAAAK3SjLr3R7kNrUZWqd3fIeDC_6nj&co=aHR0cHM6Ly9vbmJvYXJkaW5nLnBhcmFnb25iYW5rLmRhbmNlcmFjZS1hcHBzLmNvbTo0NDM.&hl=en&type=image&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&badge=bottomright&cb=mvurzld92i4k
Frame ID: 92C3825A66BE9A9113367CF0956E1899
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6Ld9j9wUAAAAAK3SjLr3R7kNrUZWqd3fIeDC_6nj
Frame ID: DCB4DFEA13266291DD24CD8062C53DD1
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Onboarding

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

26
Requests

96 %
HTTPS

50 %
IPv6

4
Domains

7
Subdomains

7
IPs

3
Countries

2096 kB
Transfer

3676 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
onboarding.paragonbank.dancerace-apps.com/
3 KB
2 KB
Document
General
Full URL
https://onboarding.paragonbank.dancerace-apps.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.168.90.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-90-70.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
e0467b254ee7cb733c27a9cf1447051d09f0a3f43d2cfad6039fde82bf4d23c2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Wed, 25 May 2022 19:54:41 GMT
etag
W/"6271d538-bb9"
last-modified
Wed, 04 May 2022 01:22:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
index.fab9cb034a523cce9516.js
onboarding.paragonbank.dancerace-apps.com/
2 MB
770 KB
Script
General
Full URL
https://onboarding.paragonbank.dancerace-apps.com/index.fab9cb034a523cce9516.js
Requested by
Host: onboarding.paragonbank.dancerace-apps.com
URL: https://onboarding.paragonbank.dancerace-apps.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.168.90.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-90-70.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
1f1b9cfc7915e9b8a0810918438aa87a50d0373065d5080d881539b4181b7acb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://onboarding.paragonbank.dancerace-apps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:54:41 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 01:22:00 GMT
etag
W/"6271d538-22a2b9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
expires
Wed, 25 May 2022 19:54:40 GMT
meta.json
onboarding.paragonbank.dancerace-apps.com/
91 B
324 B
XHR
General
Full URL
https://onboarding.paragonbank.dancerace-apps.com/meta.json
Requested by
Host: onboarding.paragonbank.dancerace-apps.com
URL: https://onboarding.paragonbank.dancerace-apps.com/index.fab9cb034a523cce9516.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.168.90.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-90-70.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
7088537d22765562d4e74f741f7db0c8b3634e8fd84642f0ee456ea376892751
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://onboarding.paragonbank.dancerace-apps.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
sentry-trace
463ecea977204745b6e922ee76c63654-be6786f679cdeb38-1

Response headers

date
Wed, 25 May 2022 19:54:41 GMT
last-modified
Wed, 25 May 2022 19:48:20 GMT
etag
"628e8804-5b"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-length
91
onboarding
api.sso.dancerace-apps.com/v1/companies/paragonbank/applications/
28 KB
28 KB
XHR
General
Full URL
https://api.sso.dancerace-apps.com/v1/companies/paragonbank/applications/onboarding
Requested by
Host: onboarding.paragonbank.dancerace-apps.com
URL: https://onboarding.paragonbank.dancerace-apps.com/index.fab9cb034a523cce9516.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.168.90.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-90-70.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
266bb5964e744060b5663598b9f9c81e7d4b6b76b5d79d767ea9ff5fa597ecbd
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://onboarding.paragonbank.dancerace-apps.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 25 May 2022 19:54:42 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
settings
api.onboarding.paragonbank.dancerace-apps.com/v1/prospect-client/enquiry/
3 KB
3 KB
XHR
General
Full URL
https://api.onboarding.paragonbank.dancerace-apps.com/v1/prospect-client/enquiry/settings
Requested by
Host: onboarding.paragonbank.dancerace-apps.com
URL: https://onboarding.paragonbank.dancerace-apps.com/index.fab9cb034a523cce9516.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.10.100.6 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-100-6.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
98945213d47a5177615a7db980a0ece2569a5959ddc29440722bd77382ac8c90
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://onboarding.paragonbank.dancerace-apps.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 25 May 2022 19:54:42 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
/
o385976.ingest.sentry.io/api/6055097/envelope/
41 B
335 B
Fetch
General
Full URL
https://o385976.ingest.sentry.io/api/6055097/envelope/?sentry_key=f073fe1329d9412a958ec6f1df5bad69&sentry_version=7
Requested by
Host: onboarding.paragonbank.dancerace-apps.com
URL: https://onboarding.paragonbank.dancerace-apps.com/index.fab9cb034a523cce9516.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bf0d5fb1abc288ba1ec03e3a6d6dbd9c13bcb8d5cc0c16930ef7064e986a15b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://onboarding.paragonbank.dancerace-apps.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 25 May 2022 19:54:42 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://onboarding.paragonbank.dancerace-apps.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
api.js
www.google.com/recaptcha/
909 B
991 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: onboarding.paragonbank.dancerace-apps.com
URL: https://onboarding.paragonbank.dancerace-apps.com/index.fab9cb034a523cce9516.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fc95aa08394a88855ab6f59605f0c0a95c571323ef2d0fbd481656ed171752a1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://onboarding.paragonbank.dancerace-apps.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
578
x-xss-protection
1; mode=block
expires
Wed, 25 May 2022 19:54:42 GMT
country-codes
api.onboarding.paragonbank.dancerace-apps.com/v1/prospect-client/enquiry/
9 KB
9 KB
XHR
General
Full URL
https://api.onboarding.paragonbank.dancerace-apps.com/v1/prospect-client/enquiry/country-codes
Requested by
Host: onboarding.paragonbank.dancerace-apps.com
URL: https://onboarding.paragonbank.dancerace-apps.com/index.fab9cb034a523cce9516.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.10.100.6 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-100-6.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
1360a7473e705c1649c668b2103f8da38bfebcd6a6bd8098e9693080b2edc9af
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://onboarding.paragonbank.dancerace-apps.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 25 May 2022 19:54:42 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
list
api.onboarding.paragonbank.dancerace-apps.com/v1/prospect-client/enquiry/industry-code-lookup/
0
0

financier-currency
api.onboarding.paragonbank.dancerace-apps.com/v1/prospect-client/enquiry/
51 B
281 B
XHR
General
Full URL
https://api.onboarding.paragonbank.dancerace-apps.com/v1/prospect-client/enquiry/financier-currency
Requested by
Host: onboarding.paragonbank.dancerace-apps.com
URL: https://onboarding.paragonbank.dancerace-apps.com/index.fab9cb034a523cce9516.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.10.100.6 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-100-6.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
3df81e90712c9b687abc26efcf4feeff0c7fb4d5bc0d4ba96f2846c5e5e81155
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://onboarding.paragonbank.dancerace-apps.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 25 May 2022 19:54:42 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
terms-and-conditions
api.onboarding.paragonbank.dancerace-apps.com/v1/prospect-client/enquiry/
59 B
289 B
XHR
General
Full URL
https://api.onboarding.paragonbank.dancerace-apps.com/v1/prospect-client/enquiry/terms-and-conditions
Requested by
Host: onboarding.paragonbank.dancerace-apps.com
URL: https://onboarding.paragonbank.dancerace-apps.com/index.fab9cb034a523cce9516.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.10.100.6 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-100-6.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
0db779b2b133ab123a82127b13a308440cdc48a72f573fbc480846cbb1ae3233
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://onboarding.paragonbank.dancerace-apps.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 25 May 2022 19:54:42 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/json
truncated
/
20 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c7ff2daa969e23e39cfe2d15af8a1d7f5e31056117e6fa7b3f1446a093acac3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
19 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
404e871f6b8dac259049a93978964225362d2c3845643470dbfe0ecfeec641af

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
Avenir-Next-Regular.90d46d7b0add16b98b8d9c4a89c7e3bf.woff2
onboarding.paragonbank.dancerace-apps.com/assets/fonts/
34 KB
35 KB
Font
General
Full URL
https://onboarding.paragonbank.dancerace-apps.com/assets/fonts/Avenir-Next-Regular.90d46d7b0add16b98b8d9c4a89c7e3bf.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.168.90.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-90-70.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
15e77113e97ec57f9ddcc1e6e4e68e67c02f3ad2e479e97198917e9fc20f23c9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://onboarding.paragonbank.dancerace-apps.com/
Origin
https://onboarding.paragonbank.dancerace-apps.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:54:42 GMT
last-modified
Wed, 04 May 2022 01:22:00 GMT
etag
"6271d538-8918"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
content-length
35096
expires
Wed, 25 May 2022 19:54:41 GMT
Avenir-Next-Bold.fc8db87cabfebd64f6b6413792737c2e.woff2
onboarding.paragonbank.dancerace-apps.com/assets/fonts/
36 KB
37 KB
Font
General
Full URL
https://onboarding.paragonbank.dancerace-apps.com/assets/fonts/Avenir-Next-Bold.fc8db87cabfebd64f6b6413792737c2e.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.168.90.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-90-70.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
c6efedecb2ea3d974b69ccec71582fefa14c310fef1f92232fcf34e9ce9d3b80
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://onboarding.paragonbank.dancerace-apps.com/
Origin
https://onboarding.paragonbank.dancerace-apps.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:54:42 GMT
last-modified
Wed, 04 May 2022 01:22:00 GMT
etag
"6271d538-91e4"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
content-length
37348
expires
Wed, 25 May 2022 19:54:41 GMT
Avenir-Next-Demi.c50953e6ef474a870f2d6cd51046afed.woff2
onboarding.paragonbank.dancerace-apps.com/assets/fonts/
35 KB
35 KB
Font
General
Full URL
https://onboarding.paragonbank.dancerace-apps.com/assets/fonts/Avenir-Next-Demi.c50953e6ef474a870f2d6cd51046afed.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.168.90.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-90-70.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
649ce3fc4a6477738bc0c5b69000127dcd7fc5452114007ee7fa782d64995749
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://onboarding.paragonbank.dancerace-apps.com/
Origin
https://onboarding.paragonbank.dancerace-apps.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:54:42 GMT
last-modified
Wed, 04 May 2022 01:22:00 GMT
etag
"6271d538-8b04"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
content-length
35588
expires
Wed, 25 May 2022 19:54:41 GMT
/
o385976.ingest.sentry.io/api/6055097/store/
41 B
142 B
Fetch
General
Full URL
https://o385976.ingest.sentry.io/api/6055097/store/?sentry_key=f073fe1329d9412a958ec6f1df5bad69&sentry_version=7
Requested by
Host: onboarding.paragonbank.dancerace-apps.com
URL: https://onboarding.paragonbank.dancerace-apps.com/index.fab9cb034a523cce9516.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d455157ec17c9f78a73a3fd652b7da21d41593f09eb135f14078b21d81e86201
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://onboarding.paragonbank.dancerace-apps.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 25 May 2022 19:54:42 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://onboarding.paragonbank.dancerace-apps.com
access-control-expose-headers
x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
recaptcha__en.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/
362 KB
362 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboarding.paragonbank.dancerace-apps.com/
Origin
https://onboarding.paragonbank.dancerace-apps.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:15 GMT
x-content-type-options
nosniff
age
9807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
370206
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 17:11:15 GMT
anchor
www.google.com/recaptcha/api2/ Frame 92C3
43 KB
23 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9j9wUAAAAAK3SjLr3R7kNrUZWqd3fIeDC_6nj&co=aHR0cHM6Ly9vbmJvYXJkaW5nLnBhcmFnb25iYW5rLmRhbmNlcmFjZS1hcHBzLmNvbTo0NDM.&hl=en&type=image&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&badge=bottomright&cb=mvurzld92i4k
Requested by
Host: onboarding.paragonbank.dancerace-apps.com
URL: https://onboarding.paragonbank.dancerace-apps.com/index.fab9cb034a523cce9516.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cad3c31750d2ebac94a8542c320fe8255b9276e7592c334695e3bdb0f5c7a287
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wVckl4ofdXoyzw03WTBQ3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onboarding.paragonbank.dancerace-apps.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23018
content-security-policy
script-src 'report-sample' 'nonce-wVckl4ofdXoyzw03WTBQ3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 19:54:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 92C3
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9j9wUAAAAAK3SjLr3R7kNrUZWqd3fIeDC_6nj&co=aHR0cHM6Ly9vbmJvYXJkaW5nLnBhcmFnb25iYW5rLmRhbmNlcmFjZS1hcHBzLmNvbTo0NDM.&hl=en&type=image&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&badge=bottomright&cb=mvurzld92i4k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 09:29:07 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame 92C3
362 KB
362 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9j9wUAAAAAK3SjLr3R7kNrUZWqd3fIeDC_6nj&co=aHR0cHM6Ly9vbmJvYXJkaW5nLnBhcmFnb25iYW5rLmRhbmNlcmFjZS1hcHBzLmNvbTo0NDM.&hl=en&type=image&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&badge=bottomright&cb=mvurzld92i4k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:15 GMT
x-content-type-options
nosniff
age
9808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
370206
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 17:11:15 GMT
/
o385976.ingest.sentry.io/api/6055097/envelope/
41 B
59 B
Fetch
General
Full URL
https://o385976.ingest.sentry.io/api/6055097/envelope/?sentry_key=f073fe1329d9412a958ec6f1df5bad69&sentry_version=7
Requested by
Host: onboarding.paragonbank.dancerace-apps.com
URL: https://onboarding.paragonbank.dancerace-apps.com/index.fab9cb034a523cce9516.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
01b3cd555dc05369b8da0894a8c997cb613c17e658ac317cfce5880103e43feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://onboarding.paragonbank.dancerace-apps.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 25 May 2022 19:54:43 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://onboarding.paragonbank.dancerace-apps.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
truncated
/ Frame 92C3
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 92C3
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 92C3
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 24 May 2022 18:59:48 GMT
x-content-type-options
nosniff
age
89695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 31 May 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 92C3
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9j9wUAAAAAK3SjLr3R7kNrUZWqd3fIeDC_6nj&co=aHR0cHM6Ly9vbmJvYXJkaW5nLnBhcmFnb25iYW5rLmRhbmNlcmFjZS1hcHBzLmNvbTo0NDM.&hl=en&type=image&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&badge=bottomright&cb=mvurzld92i4k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 24 May 2022 11:18:05 GMT
x-content-type-options
nosniff
age
117398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 24 May 2023 11:18:05 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 92C3
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9j9wUAAAAAK3SjLr3R7kNrUZWqd3fIeDC_6nj&co=aHR0cHM6Ly9vbmJvYXJkaW5nLnBhcmFnb25iYW5rLmRhbmNlcmFjZS1hcHBzLmNvbTo0NDM.&hl=en&type=image&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&badge=bottomright&cb=mvurzld92i4k
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a032484668d7579488d1120c0ae6421c4448e26f37c29d324d5309bd5fa82eac
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9j9wUAAAAAK3SjLr3R7kNrUZWqd3fIeDC_6nj&co=aHR0cHM6Ly9vbmJvYXJkaW5nLnBhcmFnb25iYW5rLmRhbmNlcmFjZS1hcHBzLmNvbTo0NDM.&hl=en&type=image&v=M-QqaF9xk6BpjLH22uHZRhXt&theme=light&size=normal&badge=bottomright&cb=mvurzld92i4k
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 25 May 2022 19:54:43 GMT
bframe
www.google.com/recaptcha/api2/ Frame DCB4
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6Ld9j9wUAAAAAK3SjLr3R7kNrUZWqd3fIeDC_6nj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
11704a9d20bb00c8b0e6310889664b48eee7d05c7cf5013bd20b05a5cd686f92
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-R5oHbeiCEs-_6gf2aq_FUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onboarding.paragonbank.dancerace-apps.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1114
content-security-policy
script-src 'report-sample' 'nonce-R5oHbeiCEs-_6gf2aq_FUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 May 2022 19:54:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame DCB4
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6Ld9j9wUAAAAAK3SjLr3R7kNrUZWqd3fIeDC_6nj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37536
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 09:29:07 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/ Frame DCB4
362 KB
362 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=M-QqaF9xk6BpjLH22uHZRhXt&k=6Ld9j9wUAAAAAK3SjLr3R7kNrUZWqd3fIeDC_6nj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 17:11:15 GMT
x-content-type-options
nosniff
age
9808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
370206
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 17:11:15 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.onboarding.paragonbank.dancerace-apps.com
URL
https://api.onboarding.paragonbank.dancerace-apps.com/v1/prospect-client/enquiry/industry-code-lookup/list?industryCodeType=ISIC_REV_4&pageIndex=0&pageSize=1000

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| webpackJsonp object| __SENTRY__ function| _ number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime object| Dancerace object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_105470

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://api.onboarding.paragonbank.dancerace-apps.com/v1/prospect-client/enquiry/terms-and-conditions
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.onboarding.paragonbank.dancerace-apps.com
api.sso.dancerace-apps.com
fonts.gstatic.com
o385976.ingest.sentry.io
onboarding.paragonbank.dancerace-apps.com
www.google.com
www.gstatic.com
api.onboarding.paragonbank.dancerace-apps.com
18.168.90.70
2a00:1450:4001:800::2004
2a00:1450:4001:801::2003
2a00:1450:4001:813::2003
3.10.100.6
34.120.195.249
01b3cd555dc05369b8da0894a8c997cb613c17e658ac317cfce5880103e43feb
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0db779b2b133ab123a82127b13a308440cdc48a72f573fbc480846cbb1ae3233
11704a9d20bb00c8b0e6310889664b48eee7d05c7cf5013bd20b05a5cd686f92
1360a7473e705c1649c668b2103f8da38bfebcd6a6bd8098e9693080b2edc9af
15e77113e97ec57f9ddcc1e6e4e68e67c02f3ad2e479e97198917e9fc20f23c9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f1b9cfc7915e9b8a0810918438aa87a50d0373065d5080d881539b4181b7acb
266bb5964e744060b5663598b9f9c81e7d4b6b76b5d79d767ea9ff5fa597ecbd
3df81e90712c9b687abc26efcf4feeff0c7fb4d5bc0d4ba96f2846c5e5e81155
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
404e871f6b8dac259049a93978964225362d2c3845643470dbfe0ecfeec641af
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
649ce3fc4a6477738bc0c5b69000127dcd7fc5452114007ee7fa782d64995749
7088537d22765562d4e74f741f7db0c8b3634e8fd84642f0ee456ea376892751
7c7ff2daa969e23e39cfe2d15af8a1d7f5e31056117e6fa7b3f1446a093acac3
98945213d47a5177615a7db980a0ece2569a5959ddc29440722bd77382ac8c90
a032484668d7579488d1120c0ae6421c4448e26f37c29d324d5309bd5fa82eac
bf0d5fb1abc288ba1ec03e3a6d6dbd9c13bcb8d5cc0c16930ef7064e986a15b5
c6efedecb2ea3d974b69ccec71582fefa14c310fef1f92232fcf34e9ce9d3b80
cad3c31750d2ebac94a8542c320fe8255b9276e7592c334695e3bdb0f5c7a287
d455157ec17c9f78a73a3fd652b7da21d41593f09eb135f14078b21d81e86201
e0467b254ee7cb733c27a9cf1447051d09f0a3f43d2cfad6039fde82bf4d23c2
efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fc95aa08394a88855ab6f59605f0c0a95c571323ef2d0fbd481656ed171752a1